www.mandai.com Open in urlscan Pro
2606:4700::6812:6004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tracking-x.com/
Effective URL:
https://www.mandai.com/en.html
Submission: On March 02 via automatic, source certstream-suspicious (March 2nd 2024, 3:52:45 pm UTC) — Scanned from DE

Summary HTTP 206 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 65 IPs in 10 countries across 57 domains to perform 206 HTTP transactions. The main IP is 2606:4700::6812:6004, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandai.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 21st 2023. Valid for: a year.

This is the only time www.mandai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.8.157.123 45.8.157.123	216475 (NKTELECOM) (NKTELECOM)
1 72	2606:4700::68... 2606:4700::6812:6004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.66.122.117 18.66.122.117	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2.17.190.170 2.17.190.170	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
10	18.136.152.138 18.136.152.138	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1	23.63.84.152 23.63.84.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.17.0.11 2.17.0.11	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	104.115.82.8 104.115.82.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 6	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:7600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2.19.100.4 2.19.100.4	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:247d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
3	18.245.86.11 18.245.86.11	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
3 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	110.93.147.30 110.93.147.30	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
15	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:ea90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	81.17.55.173 81.17.55.173	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	104.124.11.27 104.124.11.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.74.69.97 54.74.69.97	16509 (AMAZON-02) (AMAZON-02)
1	52.30.150.129 52.30.150.129	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.28.148.212 52.28.148.212	16509 (AMAZON-02) (AMAZON-02)
1	34.211.216.39 34.211.216.39	() ()
1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.93.196.121 54.93.196.121	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:9059:6cd:28f6:515d	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	72.246.169.205 72.246.169.205	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.73.97.67 54.73.97.67	16509 (AMAZON-02) (AMAZON-02)
1	3.73.179.60 3.73.179.60	16509 (AMAZON-02) (AMAZON-02)
1	34.252.26.191 34.252.26.191	16509 (AMAZON-02) (AMAZON-02)
206	65

1 45.8.157.123 (United States) 1 redirects

ASN216475 (NKTELECOM, US)
PTR: vm106122.docloudit.com

tracking-x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2606:4700::6812:6004 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.122.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-117.fra60.r.cloudfront.net

app.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.190.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-190-170.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.136.152.138 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

bpr.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vouch-api.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smetrics.mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.63.84.152 (Hyderabad, India)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-63-84-152.deploy.static.akamaitechnologies.com

wcs.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.17.0.11 (Ballerup Municipality, Denmark)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-0-11.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.115.82.8 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-115-82-8.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

11432329.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12189703.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.100.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-4.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:247d (United States)

ASN13335 (CLOUDFLARENET, US)

js-tag.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.86.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-11.fra60.r.cloudfront.net

files.vouch.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.93.147.30 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

wcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea90 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.91 (United States)

ASN54113 (FASTLY, US)

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o412878.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.173 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.124.11.27 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-124-11-27.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.69.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-69-97.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.150.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-150-129.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.148.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-148-212.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.216.39 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.196.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-196-121.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:9059:6cd:28f6:515d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.205 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-205.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.97.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-97-67.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.179.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-179-60.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.26.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-26-191.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	mandai.com 1 redirects www.mandai.com smetrics.mandai.com	7 MB
17	vouchconcierge.com app.vouchconcierge.com — Cisco Umbrella Rank: 458323 bpr.vouchconcierge.com — Cisco Umbrella Rank: 632136 vouch-api.vouchconcierge.com — Cisco Umbrella Rank: 805412	3 MB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	9 KB
12	doubleclick.net 9 redirects 11432329.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 ad.doubleclick.net — Cisco Umbrella Rank: 158 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 12189703.fls.doubleclick.net	9 KB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3991 gum.criteo.com — Cisco Umbrella Rank: 466 mug.criteo.com — Cisco Umbrella Rank: 3065 sslwidget.criteo.com — Cisco Umbrella Rank: 2410 widget.as.criteo.com — Cisco Umbrella Rank: 51190 dis.criteo.com — Cisco Umbrella Rank: 662	35 KB
7	sojern.com static.sojern.com — Cisco Umbrella Rank: 13434 beacon.sojern.com — Cisco Umbrella Rank: 6794 pixel.sojern.com — Cisco Umbrella Rank: 8827	59 KB
7	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 92 fcmatch.google.com — Cisco Umbrella Rank: 3376	3 KB
6	teads.tv p.teads.tv — Cisco Umbrella Rank: 5952 cm.teads.tv — Cisco Umbrella Rank: 5105 t.teads.tv — Cisco Umbrella Rank: 3096 criteo-sync.teads.tv — Cisco Umbrella Rank: 2809	8 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 693	155 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	359 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 256	4 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 447	99 KB
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 618 cm.adform.net — Cisco Umbrella Rank: 1161	1 KB
3	vouch.sg files.vouch.sg — Cisco Umbrella Rank: 916270	12 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	229 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 66 fcmatch.youtube.com — Cisco Umbrella Rank: 3424	69 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1838	1 KB
2	growthbook.io cdn.growthbook.io — Cisco Umbrella Rank: 8142	10 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 712	7 KB
2	zemanta.com js-tag.zemanta.com — Cisco Umbrella Rank: 27470 p1.zemanta.com — Cisco Umbrella Rank: 18783	4 KB
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 625 match.adsrvr.org — Cisco Umbrella Rank: 364	297 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	216 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1342 pixel.quantserve.com — Cisco Umbrella Rank: 1143	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
2	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 7415 dpm.demdex.net — Cisco Umbrella Rank: 246	2 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1089	44 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2357	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3152	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4638	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 34763	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2971	399 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 523	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 951	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 873	218 B
1	postrelease.com jadserve.postrelease.com	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1463	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10260	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 724	199 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 692	315 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 426	140 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1739	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 687	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 759	810 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 383	235 B
1	sentry.io o412878.ingest.sentry.io — Cisco Umbrella Rank: 725109	388 B
1	lr-in.com cdn.lr-in.com — Cisco Umbrella Rank: 22929	165 KB
1	naver.com wcs.naver.com — Cisco Umbrella Rank: 23238	630 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1531	633 B
1	google.de www.google.de — Cisco Umbrella Rank: 6744	455 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1336	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	2 KB
1	naver.net wcs.naver.net — Cisco Umbrella Rank: 21781	8 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3523	361 B
1	tracking-x.com 1 redirects tracking-x.com	96 B
0	criteo.net Failed static.criteo.net Failed
0	omnitagjs.com Failed visitor.omnitagjs.com Failed
206	57

	Domain	Requested by
72	www.mandai.com	1 redirects www.mandai.com
15	fonts.googleapis.com	app.vouchconcierge.com
8	bpr.vouchconcierge.com	app.vouchconcierge.com
7	app.vouchconcierge.com	www.mandai.com app.vouchconcierge.com
5	analytics.tiktok.com	www.mandai.com analytics.tiktok.com
5	www.googletagmanager.com	www.mandai.com assets.adobedtm.com www.googletagmanager.com
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	ib.adnxs.com	2 redirects static.sojern.com
4	static.sojern.com	11432329.fls.doubleclick.net static.sojern.com
4	adservice.google.com	11432329.fls.doubleclick.net static.sojern.com 12189703.fls.doubleclick.net
4	11432329.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	assets.adobedtm.com	www.mandai.com assets.adobedtm.com
3	cm.g.doubleclick.net	3 redirects
3	files.vouch.sg	www.mandai.com
2	vouch-api.vouchconcierge.com	app.vouchconcierge.com
2	r.casalemedia.com	1 redirects
2	dis.criteo.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.growthbook.io	app.vouchconcierge.com
2	12189703.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	c1.adform.net	2 redirects
2	pixel.sojern.com	static.sojern.com
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	11432329.fls.doubleclick.net s.yimg.com
2	www.facebook.com	www.mandai.com
2	t.teads.tv	p.teads.tv www.mandai.com
2	cm.teads.tv	p.teads.tv
2	connect.facebook.net	www.mandai.com connect.facebook.net
2	www.google.com	1 redirects www.mandai.com
2	www.youtube.com	www.mandai.com www.youtube.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	dpm.demdex.net
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	o412878.ingest.sentry.io	app.vouchconcierge.com
1	cdn.lr-in.com	app.vouchconcierge.com
1	widget.as.criteo.com	www.mandai.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	www.mandai.com
1	smetrics.mandai.com	assets.adobedtm.com
1	wcs.naver.com	wcs.naver.net
1	sp.analytics.yahoo.com	11432329.fls.doubleclick.net
1	match.adsrvr.org	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	beacon.sojern.com	static.sojern.com
1	p1.zemanta.com	11432329.fls.doubleclick.net
1	js-tag.zemanta.com	11432329.fls.doubleclick.net
1	insight.adsrvr.org	11432329.fls.doubleclick.net
1	pixel.quantserve.com	www.mandai.com
1	www.google.de	www.mandai.com
1	googleads.g.doubleclick.net	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	www.googleadservices.com	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	secure.quantserve.com	www.mandai.com
1	p.teads.tv	www.googletagmanager.com
1	wcs.naver.net	www.googletagmanager.com
1	adobedc.demdex.net	assets.adobedtm.com
1	www.gstatic.com	www.google.com
1	s7.addthis.com	www.mandai.com
1	tracking-x.com	1 redirects
0	static.criteo.net Failed	www.mandai.com
0	visitor.omnitagjs.com Failed
206	83

This site contains links to these domains. Also see Links.

Domain
members.mandai.com
rangerbuddies.mandai.com
www.instagram.com
www.facebook.com
www.tiktok.com
www.youtube.com
twitter.com
weibo.com
v.douyin.com

Subject Issuer	Validity	Valid
*.mandai.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-21` - `2024-08-20`	a year	crt.sh
vouchconcierge.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.vouchconcierge.com Amazon RSA 2048 M01	`2023-07-01` - `2024-07-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-22` - `2024-11-21`	a year	crt.sh
wcs.naver.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-12-01`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-12-21`	10 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-01` - `2024-04-17`	2 months	crt.sh
files.vouch.sg Amazon RSA 2048 M03	`2023-08-26` - `2024-09-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
wcs.naver.com GeoTrust RSA CA 2018	`2023-08-01` - `2024-08-14`	a year	crt.sh
smetrics.mandai.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-28` - `2024-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
lr-in.com E1	`2024-01-10` - `2024-04-09`	3 months	crt.sh
cdn.growthbook.io R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
hb.yahoo.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.mandai.com/en.html
Frame ID: 301120A2153A649B05572D27BF263156
Requests: 117 HTTP requests in this frame

Frame: https://www.mandai.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: 41BCBB021C0AD7396C14CB42FC5DD5E2
Requests: 2 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 3370D2D602FDCB0426987E64164895FA
Requests: 9 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: D0A158BB50F8AE3AACB74A7B8365D901
Requests: 2 HTTP requests in this frame

Frame: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: F64DAC07135BDB70391F7BD98B25A333
Requests: 10 HTTP requests in this frame

Frame: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 757B0E0528D27A5E538F46584B52437D
Requests: 32 HTTP requests in this frame

Frame: https://12189703.fls.doubleclick.net/activityi;dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 04935C538BF491E8201F9FC80FC6B5DB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.mandai.com&origin=onetag
Frame ID: 0FC1EF7D1C16F39868BF327C0E5FE069
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FJWw89BQHzZIx5Sia8yMUug41ZOinK_y_-ivJg&google_gid=CAESEKh23Lhxdxe834q9sSB7moM&google_cver=1&google_ula=913071,0
Frame ID: EB7BA852A0A3EBD1C51D13CBD47F9909
Requests: 28 HTTP requests in this frame

Frame: https://static.criteo.net/empty.html
Frame ID: 6B8E3395CF56BA7154FBD7FC1B21F241
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mandai Wildlife Reserve | Singapore's Best Wildlife Experience

Page URL History Show full URLs

https://tracking-x.com/ HTTP 302
https://www.mandai.com/en.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

206
Requests

92 %
HTTPS

33 %
IPv6

57
Domains

83
Subdomains

65
IPs

10
Countries

11770 kB
Transfer

18014 kB
Size

52
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://members.mandai.com/login.html
Title: Member's login

Search URL Search Domain Scan URL

URL: https://rangerbuddies.mandai.com/
Title: Nurture your child into an conservation hero

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CGAnH8CHjTT/
Title: @jenicool23

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CsTy7H3p8hi/
Title: @krsnik.of.rivia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CL6wCHynI9v/
Title: @dianeeng

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CMikdPDAcIq/
Title: @gt.pics_

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CLEzFLqlVdD/
Title: @kailins.jpg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CsdwvziSPec/
Title: @chryseis_julien

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CEWC9S9HhtX/
Title: @axixe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MandaiWildlifeReserve/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mandaiwildlifereserve/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@mandaiwildlifereserve

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/MandaiWildlifeReserve

Search URL Search Domain Scan URL

URL: https://twitter.com/MandaiWildlife

Search URL Search Domain Scan URL

URL: https://weibo.com/SingaporeZoo

Search URL Search Domain Scan URL

URL: https://v.douyin.com/eRGaovr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tracking-x.com/ HTTP 302
https://www.mandai.com/en.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.mandai.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.mandai.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

Request Chain 61

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 62

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 67

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&npa=1&pscdl=noapi&auid=492653310.1709394752&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&eitems=ChAIgLmLrwYQ-LaqxImo5OpbEh0ATnwZqL7wLJaxBfk1HuvuRcer0zfZKGH-Dis-jA&pscrd=EkxDaEFJZ0xtTHJ3WVE2ZUcxelpiUXpxdEtFaVVBS2I4Q3JrVmxlUVd1Tms1SjVsdFAtNlpfMFJDdTJtTVkwRGsyN05SV0pHUjVFXzZkGldDaEFJZ0xtTHJ3WVFoS0hqeUozMjRMa0JFaTBBTDdIaTNnb3VrLS1Jazd6RW1kWGtXWmwxcE82OXdKeG9ZMXVCZTBEU1d4R1VsT0V5MEtjRlJ3RzJxc0EiEwiCqPPX99WEAxUxF6IDHRDUCSAyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw HTTP 302
https://www.google.com/pagead/1p-conversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&npa=1&pscdl=noapi&auid=492653310.1709394752&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=EkxDaEFJZ0xtTHJ3WVE2ZUcxelpiUXpxdEtFaVVBS2I4Q3JrVmxlUVd1Tms1SjVsdFAtNlpfMFJDdTJtTVkwRGsyN05SV0pHUjVFXzZkGldDaEFJZ0xtTHJ3WVFoS0hqeUozMjRMa0JFaTBBTDdIaTNnb3VrLS1Jazd6RW1kWGtXWmwxcE82OXdKeG9ZMXVCZTBEU1d4R1VsT0V5MEtjRlJ3RzJxc0EiEwiCqPPX99WEAxUxF6IDHRDUCSAyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSGwB7FLtqx_p90kHLBQzyvdfP9EE5-HkiLthjFw&eitems=ChAIgLmLrwYQ-LaqxImo5OpbEh0ATnwZqP_5sPJXaDWAW3PbyNou2trfO-0HbTWrrw&random=4223112202 HTTP 302
https://www.google.de/pagead/1p-conversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&npa=1&pscdl=noapi&auid=492653310.1709394752&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=EkxDaEFJZ0xtTHJ3WVE2ZUcxelpiUXpxdEtFaVVBS2I4Q3JrVmxlUVd1Tms1SjVsdFAtNlpfMFJDdTJtTVkwRGsyN05SV0pHUjVFXzZkGldDaEFJZ0xtTHJ3WVFoS0hqeUozMjRMa0JFaTBBTDdIaTNnb3VrLS1Jazd6RW1kWGtXWmwxcE82OXdKeG9ZMXVCZTBEU1d4R1VsT0V5MEtjRlJ3RzJxc0EiEwiCqPPX99WEAxUxF6IDHRDUCSAyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSGwB7FLtqx_p90kHLBQzyvdfP9EE5-HkiLthjFw&eitems=ChAIgLmLrwYQ-LaqxImo5OpbEh0ATnwZqP_5sPJXaDWAW3PbyNou2trfO-0HbTWrrw&random=4223112202&ipr=y

Request Chain 113

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=CJXmqdj31YQDFVobogMdYssG6A;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CJXmqdj31YQDFVobogMdYssG6A;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ZjEzNzg5NjAtYzY1ZS0yYmI4LTA0MmUtMmI5YWE5ZDQ2M2Y5&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=AWfxHIc6DkySFNgPOZrwXw4Ucq86JQPpMgDnKTde-ilN7GknOCqwjNycYjhFmXcS&sjrn_ula=7361855079 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AWfxHIc6DkySFNgPOZrwXw4Ucq86JQPpMgDnKTde-ilN7GknOCqwjNycYjhFmXcS&sjrn_ula=7361855079&google_gid=CAESEKAlSIKlB9fNXNjuDJ8wBDg&google_cver=1

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_hm=ZjEzNzg5NjAtYzY1ZS0yYmI4LTA0MmUtMmI5YWE5ZDQ2M2Y5&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopJUCX7QqoxNU49mRQ8IbonN6OV1hpjZmvBprN0be_utY7i2xq79hKY3isPhu_secDB1fu0M03iV-zFh_c6uLEhbzLWBzr8H_MLzUOhdv5CLb00RntrbTLPoR7wFTflZLDX3UWP HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopJUCX7QqoxNU49mRQ8IbonN6OV1hpjZmvBprN0be_utY7i2xq79hKY3isPhu_secDB1fu0M03iV-zFh_c6uLEhbzLWBzr8H_MLzUOhdv5CLb00RntrbTLPoR7wFTflZLDX3UWP

Request Chain 118

https://c1.adform.net/serving/cookie/match?cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=7375091438816003704&cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9

Request Chain 128

https://12189703.fls.doubleclick.net/activityi;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://12189703.fls.doubleclick.net/activityi;dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 135

https://gum.criteo.com/sid/json?origin=onetag&domain=mandai.com&sn=ChromeSyncframe&so=0&topUrl=www.mandai.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hgCDvnxCT2ZXYVk2WDBUTFJLS05RWmlkbVB6ZGpuZkMzYmM0Vm1Ka0JDTVgvckNQaC9kWGFwZXVBeElrTTl0UkluSlprai9mOHg0cmpGM0w1YS9WMUUvR3ZKRzVpQVJIUjF0NEovL0RxcHZjTko1UFdObFZTbnJsYzdPdVorTXREWFJjSmdobGJkVE01RU5tZGtnc1owZVg2U29UNTVzQS9GN3YzdTJsOGFFRmJuQ01QV0o3bUhycnpwc3pmWDdFREVTejIrQUd3VEExbklFd3ZyT3hDREFFYXBCeDNoVXdjcjFyYVg1TlZ5TkQ3cmcrNFlWM1JJaFU3ZHM5NVVab0EzOS9CNnA0citmb3dXQWxFV3pZYjVrcXdYUT09fA&cppv=2

Request Chain 143

https://sslwidget.criteo.com/event?a=108067&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=LCOH0l9QQWNEU1BHWTdmOWJ6SkkwNURBbDA0JTJGdkM1Vnl1d29oMmlqTXVCT254TFhOb3RJd21zYSUyQmR2SFV3VGwlMkZvV051OWVDNTI3TFdROHYwZ2J4UERaMUlXRFZKeWRBUjVMVVRmNTJnTkV0ZWdTZ29JclFDenBqMkhac0pMOGF6aURwaHp6WFE0ZmVxbjczblJ4Z1gwRXNDY1ElM0QlM0Q&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=7e186a4c-5abc-448e-825b-0af1f632a62a&dtycbr=24182 HTTP 302
https://widget.as.criteo.com/event?a=108067&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=LCOH0l9QQWNEU1BHWTdmOWJ6SkkwNURBbDA0JTJGdkM1Vnl1d29oMmlqTXVCT254TFhOb3RJd21zYSUyQmR2SFV3VGwlMkZvV051OWVDNTI3TFdROHYwZ2J4UERaMUlXRFZKeWRBUjVMVVRmNTJnTkV0ZWdTZ29JclFDenBqMkhac0pMOGF6aURwaHp6WFE0ZmVxbjczblJ4Z1gwRXNDY1ElM0QlM0Q&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=7e186a4c-5abc-448e-825b-0af1f632a62a&dtycbr=24182

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-FJWw89BQHzZIx5Sia8yMUug41ZOinK_y_-ivJg&google_cm&google_hm=ay1GSld3ODlCUUh6Wkl4NVNpYTh5TVV1ZzQxWk9pbktfeV8taXZKZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FJWw89BQHzZIx5Sia8yMUug41ZOinK_y_-ivJg&google_gid=CAESEKh23Lhxdxe834q9sSB7moM&google_cver=1&google_ula=913071,0

Request Chain 173

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6033308873677875957

Request Chain 183

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3rBJtBQHzZIx5Sia8yMUug41ZMxv4dkwyTxkQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3rBJtBQHzZIx5Sia8yMUug41ZMxv4dkwyTxkQ&C=1

Request Chain 184

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=T97DoLECmxWOTCYjDp2TAqyMnayZpLtB

Request Chain 202

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7-DnNde5GEpz8TGLNEQWyWGe6YfNWyYJ

206 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en.html Show response
www.mandai.com/
Redirect Chain

https://tracking-x.com/
https://www.mandai.com/en.html

62 KB
11 KB

673ms
564ms

Document
text/html

2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c8277777108aa344afbfbc101411955839b86c3034493b93605a4253c7fb1d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 85e28de049ed2bd9-FRA
content-encoding: br
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
content-type: text/html
date: Sat, 02 Mar 2024 15:52:30 GMT
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
last-modified: Sat, 02 Mar 2024 08:01:04 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 15:52:29 GMT
location: https://www.mandai.com/en.html
server: Apache

GET
H2 200 clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
www.mandai.com/etc/designs/wrs/ 340 KB
48 KB 863ms
861ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

074fd3612c1f7027fdf59e1ac28df93d9e9319f09a5294f0cf0512abeee3ae54

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:24 GMT
server: cloudflare
etag: W/"024aeb15469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de3dd092bd9-FRA

GET
H2 200 fontawesome-webfont.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 876ms
875ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fontawesome-webfont.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:42 GMT
server: cloudflare
etag: W/"f23bafbc5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de3dd0a2bd9-FRA

GET
H2 200 fa-solid-900.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 169 KB
169 KB 1195ms
1193ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-solid-900.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:42 GMT
server: cloudflare
etag: W/"9f30d8bc5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de3dd0b2bd9-FRA

GET
H2 200 MandaiValueSerif-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 34 KB
34 KB 748ms
746ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 34992
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:45 GMT
server: cloudflare
etag: "37bffce75369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28de3dd0d2bd9-FRA

GET
H2 200 MandaiValueSerif-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 36 KB
37 KB 540ms
539ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 37368
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:08 GMT
server: cloudflare
etag: "dc791a3d5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28de3dd0e2bd9-FRA

GET
H2 200 Halant-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 543ms
542ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Halant-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 98116
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:45 GMT
server: cloudflare
etag: "a51021e85369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28de3dd0f2bd9-FRA

GET
H2 200 Vollkorn.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 111 KB
111 KB 585ms
584ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Vollkorn.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 113280
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:45 GMT
server: cloudflare
etag: "9a82fde75369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28de3dd152bd9-FRA

GET
H2 200 Georgia.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 61 KB
61 KB 585ms
584ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Georgia.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 62456
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:44 GMT
server: cloudflare
etag: "2caca1bd5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28de3dd162bd9-FRA

GET
H2 200 style.css
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 2 MB
207 KB 1044ms
1043ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda56a0d5d8ffee73e861000b48c5a110cf86104352fa038af0005a6813ffe39

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:07:51 GMT
server: cloudflare
etag: W/"80a5f5e5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de3dd112bd9-FRA

GET
H2 200 clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css
www.mandai.com/etc/designs/wrs/ 970 B
580 B 584ms
583ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd03851e3e84926fcf32756e7275aeec02d6f2bc9bf8292a2f7bb42cbfeab83

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=994
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 27 Feb 2024 08:07:51 GMT
server: cloudflare
etag: W/"7d985ff5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de3dd132bd9-FRA

GET
H2 200 headLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 132 KB
50 KB 893ms
892ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77de65c6d493bb9e0baeba170afd33b4b271c9a0831b0e6877880352c8a0a7f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:45 GMT
server: cloudflare
etag: W/"80d89ee75369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de41d542bd9-FRA

GET
H2 200 app.css
app.vouchconcierge.com/widget3/css/ 3 KB
5 KB 892ms
722ms Stylesheet
text/css 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/widget3/css/app.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

bb238435f872fc9384b0df1fb07281b344f70944b2412e9eae94971b0037c9ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .twilio.com .twiliocdn.com .amazonaws.com .google.com; script-src 'self' .vouch-technologies.com .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com .facebook.net .fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; frame-ancestors 'self' .vouch-technologies.com .vouch.sg .vouchconcierge.com; frame-src 'self' https:; style-src 'self' 'unsafe-inline' .bootstrapcdn.com fonts.googleapis.com .fontawesome.com https:; connect-src 'self' .doubleclick.net .growthbook.io .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .microsoftonline.com .googleapis.com .google.com google.com .vouch3.sg .microsoft.com .google-analytics.com onesignal.com .onesignal.com .sentry.io wss:; img-src 'self' via.placeholder.com .amazonaws.com images.unsplash.com placeholdit.co drive.google.com .vouch-technologies.com .vouch.sg .vouchconcierge.com .twilio.com .twiliocdn.com blob: data: https:; font-src 'self' .gstatic.com fonts.googleapis.com fonts.cdnfonts.com .bootstrapcdn.com .jsdelivr.net data:; form-action 'self' .vouch-technologies.com .vouchconcierge.com *.vouch.sg; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
x-amz-version-id: 82z3PBq79f0rviXzV5QRUZxIAyv_CIHF
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.twilio.com *.twiliocdn.com *.amazonaws.com *.google.com; script-src 'self' *.vouch-technologies.com *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.facebook.net *.fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; frame-ancestors 'self' *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com; frame-src 'self' https:; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com fonts.googleapis.com *.fontawesome.com https:; connect-src 'self' *.doubleclick.net *.growthbook.io *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.microsoftonline.com *.googleapis.com *.google.com google.com *.vouch3.sg *.microsoft.com *.google-analytics.com onesignal.com *.onesignal.com *.sentry.io wss:; img-src 'self' via.placeholder.com *.amazonaws.com images.unsplash.com placeholdit.co drive.google.com *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com *.twilio.com *.twiliocdn.com blob: data: https:; font-src 'self' *.gstatic.com fonts.googleapis.com fonts.cdnfonts.com *.bootstrapcdn.com *.jsdelivr.net data:; form-action 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3279
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 11:09:21 GMT
server: CloudFront
etag: "8e16662b1b91ff65b026376e15268e2a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: 5mH_vQkoj54Vl5yAN3GvAJvmb75kq8NUELy4CLOkVp6Ti12EewKhxA==

GET
H2 200 app.js Show response
app.vouchconcierge.com/widget3/js/ 415 KB
417 KB 887ms
718ms Script
application/javascript 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/widget3/js/app.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

de5e6592a18cc4a6526bf9d8d0f65eecee8ff7dde49150bd6a153df21a105972

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .twilio.com .twiliocdn.com .amazonaws.com .google.com; script-src 'self' .vouch-technologies.com .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com .facebook.net .fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; frame-ancestors 'self' .vouch-technologies.com .vouch.sg .vouchconcierge.com; frame-src 'self' https:; style-src 'self' 'unsafe-inline' .bootstrapcdn.com fonts.googleapis.com .fontawesome.com https:; connect-src 'self' .doubleclick.net .growthbook.io .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .microsoftonline.com .googleapis.com .google.com google.com .vouch3.sg .microsoft.com .google-analytics.com onesignal.com .onesignal.com .sentry.io wss:; img-src 'self' via.placeholder.com .amazonaws.com images.unsplash.com placeholdit.co drive.google.com .vouch-technologies.com .vouch.sg .vouchconcierge.com .twilio.com .twiliocdn.com blob: data: https:; font-src 'self' .gstatic.com fonts.googleapis.com fonts.cdnfonts.com .bootstrapcdn.com .jsdelivr.net data:; form-action 'self' .vouch-technologies.com .vouchconcierge.com *.vouch.sg; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
x-amz-version-id: _4INUoodT3cHD_37pRipnFox6wNpEuzS
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.twilio.com *.twiliocdn.com *.amazonaws.com *.google.com; script-src 'self' *.vouch-technologies.com *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.facebook.net *.fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; frame-ancestors 'self' *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com; frame-src 'self' https:; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com fonts.googleapis.com *.fontawesome.com https:; connect-src 'self' *.doubleclick.net *.growthbook.io *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.microsoftonline.com *.googleapis.com *.google.com google.com *.vouch3.sg *.microsoft.com *.google-analytics.com onesignal.com *.onesignal.com *.sentry.io wss:; img-src 'self' via.placeholder.com *.amazonaws.com images.unsplash.com placeholdit.co drive.google.com *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com *.twilio.com *.twiliocdn.com blob: data: https:; font-src 'self' *.gstatic.com fonts.googleapis.com fonts.cdnfonts.com *.bootstrapcdn.com *.jsdelivr.net data:; form-action 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 424887
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Dec 2023 11:09:21 GMT
server: CloudFront
etag: "b3ac3f6b3d10bc97518963cdc36cc8d3"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: szqmPX7bZyzjdrzbYdaTygxhyYcGyGSFNL5kYYWipeDP4ztHCq9T3Q==

GET
H2 200 satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js Show response
assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/ 441 KB
96 KB 164ms
43ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0d31cf1561041c9811ed464bb9219b61e144ebd6881e685aadb637a930637dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:14 GMT
server: AkamaiNetStorage
etag: "d40e3247d490db3e769b90707d5a4ef0:1697698334.819212"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 97846
expires: Sat, 02 Mar 2024 16:52:31 GMT

GET
H3 200 md-tick.png
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 2 KB
2 KB 559ms
559ms Image
image/png 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-tick.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad13d34a45356e68d3a6c7969fc7ab9d4d5dc27c43aa8f101fec2b1ac588092

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 1923
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:07:49 GMT
server: cloudflare
etag: "6793e5d5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dead88b4db6-FRA

GET
H2 200 Logo-Mandai-SapWhiteLighter.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
3 KB 624ms
623ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-SapWhiteLighter.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:58 GMT
server: cloudflare
etag: W/"0379bcb5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de41d552bd9-FRA

GET
H2 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
3 KB 585ms
584ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:07 GMT
server: cloudflare
etag: W/"803b35ad5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de41d562bd9-FRA

GET
H3 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/mandai/logo/ 11 KB
3 KB 571ms
571ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:24 GMT
server: cloudflare
etag: W/"024aeb15469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de77d104db6-FRA

GET
H3 200 Logo-BP.svg
www.mandai.com/content/dam/mandai/logo/ 7 KB
3 KB 562ms
561ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-BP.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26d5391c3fd298af377388f1537f4e694f8b79977f658cb5d4e72dbdf19d603

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:02 GMT
server: cloudflare
etag: W/"091fdcd5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28de7bd4f4db6-FRA

GET
H3 200 Logo-SZ.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 550ms
549ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-SZ.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:02 GMT
server: cloudflare
etag: W/"091fdcd5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dead8874db6-FRA

GET
H3 200 Logo-RW.svg
www.mandai.com/content/dam/mandai/logo/ 7 KB
3 KB 585ms
584ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-RW.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:02 GMT
server: cloudflare
etag: W/"091fdcd5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dead88d4db6-FRA

GET
H3 200 Logo-NS.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 599ms
598ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-NS.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:17 GMT
server: cloudflare
etag: W/"803438425469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dead88e4db6-FRA

GET
H3 200 footLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 18 KB
5 KB 561ms
560ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa33266a8b7bc1c4e2cdfd0ac436789f575a6c44e526646fc2641b1d01e8689

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:45 GMT
server: cloudflare
etag: W/"807c32be5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dead8884db6-FRA

GET
H3 200 wrs-lazyload.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 4 KB
1 KB 547ms
546ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/wrs-lazyload.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:57 GMT
server: cloudflare
etag: W/"80a02cb5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dead8894db6-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 228ms
140ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 02 Mar 2024 15:52:31 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 320ms
59ms Script
text/javascript 2.17.190.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.190.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-190-170.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Mar 2024 15:52:31 GMT
server: Oracle API Gateway
opc-request-id: /D51F8F0640559A2D61ECD835E7F5CB1A/F991368B078D2AD599D59C8F893A9AA6
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 150ms
62ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1412b06ee170a306a479f9cc099bb9a64cd6271ff88a2f90a860fa34472837d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 02 Mar 2024 15:52:31 GMT

GET
H2 200 style Show response
bpr.vouchconcierge.com/api/v2/widget/ 22 KB
22 KB 533ms
533ms XHR
application/json 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/widget3/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

f077db2448e9afa2327d72ab05f72950c5862e94a7a95c4d23ea2e32bf10c890

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 22075
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandai.com
etag: W/"563b-lQrzNdP7SbzZyTr3+Wjx6Jf+s+I"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 style
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 680ms
200ms Preflight 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type
Access-Control-Request-Method: GET
Origin: https://www.mandai.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mandai.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 02 Mar 2024 15:52:32 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 336 KB
96 KB 212ms
115ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27223cc2abb21d5a348ec67ac0bfce286bd77e103e2288d498b8b048cb9da858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97988
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 15:52:31 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2e062a4a89be393c213cd93bea92644711020ae93ce1792fc5d670c271f981d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 137ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=4100146427&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

009baddfae2833cb82a49f6daff42d6c657c7aa4887746fdcd618e422245c5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47002
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 15:52:31 GMT

GET
H3 200 mandai-arrow-yellow-down.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 687 B
863 B 582ms
581ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-down.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a461faa9da67cc30ed1e8fe5367bd7b3a20ff12638c13a533c58ef18d72cb12

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:26:21 GMT
server: cloudflare
etag: W/"e9bbb9a45669da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dee1be84db6-FRA

GET
H3 200 mandai-arrow-yellow-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 567ms
567ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b53441ece740f3f0e8bf0945450ea7f5b2ca69ced69663d5a45a647ab49d67

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:25 GMT
server: cloudflare
etag: W/"1fdd64b25469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dee1beb4db6-FRA

GET
H3 200 mandai-arrow-yellow-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
2 KB 619ms
619ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9df2ebf3a9633ac9fa0f83e21c35b2677dc37712a6d94989cd1085cd6bbd49f8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=QSEp9gHpzzVyO9l1vYUuYaa6lPkfsDjQLcWMovDe7NE-1709394752-1.0.1.1-8s9xhC06oY_570CV8eGFbYVnQATqZ1LYoOmwqY.fDCq6GHsY.fnc2lmiaa4nwfnpnd49lpFQFqzJ.39YsKKXWuGi6x0CzyW0oKejA3dKzVFXOo0c8bEvpooYLR5mkGU1Vl0a6u4o94Ti8CRO5lPN5Q; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:59 GMT
server: cloudflare
etag: W/"522c2c75469da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=QSEp9gHpzzVyO9l1vYUuYaa6lPkfsDjQLcWMovDe7NE-1709394752-1.0.1.1-8s9xhC06oY_570CV8eGFbYVnQATqZ1LYoOmwqY.fDCq6GHsY.fnc2lmiaa4nwfnpnd49lpFQFqzJ.39YsKKXWuGi6x0CzyW0oKejA3dKzVFXOo0c8bEvpooYLR5mkGU1Vl0a6u4o94Ti8CRO5lPN5Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dee1bed4db6-FRA

GET
H3 200 md-back-to-top.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
994 B 231ms
231ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-back-to-top.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64729bab868cdce99817edb01de817763a58dd4b7752f691ad354a390e54e892

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:21 GMT
server: cloudflare
etag: W/"f64494b55369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dee1bee4db6-FRA

GET
H3 200 Poppins-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 49 KB
50 KB 856ms
855ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 50576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:11:40 GMT
server: cloudflare
etag: "6acae5975469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dee1bf14db6-FRA

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 74 KB
74 KB 580ms
580ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 75308
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:07 GMT
server: cloudflare
etag: "e3c07cad5369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dee1bf24db6-FRA

GET
H3 200 Poppins-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 50 KB
50 KB 867ms
867ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c1dd01db85a00fb60520dce8e9fbce9e80ef72b602a6750689fe606fb626e8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 51148
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:11 GMT
server: cloudflare
etag: "6457b33e5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dee1bf34db6-FRA

GET
H3 200 fa-regular-400.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 207 KB
207 KB 660ms
660ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-regular-400.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:27 GMT
server: cloudflare
etag: W/"cd324dd5369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dee1bf44db6-FRA

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/ 215 KB
67 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 10:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68331
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 02 Mar 2025 10:38:03 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 494 KB
197 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 08:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Mar 2025 08:52:16 GMT

GET
H2 200 RC60b30ce13d294d708103f9b418815705-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/ 637 B
542 B 45ms
45ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/RC60b30ce13d294d708103f9b418815705-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a1d296c535560ec04536aabeec30f421864841b7d68fcece7ecc043b21b5e18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:15 GMT
server: AkamaiNetStorage
etag: "9acd30ef95f3cc302325a4ea8c51babf:1697698335.624727"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 306
expires: Sat, 02 Mar 2024 16:52:31 GMT

GET
H2 200 RCbe9f3d544292409c8c27afc763bb970b-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/ 3 KB
1 KB 51ms
51ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/RCbe9f3d544292409c8c27afc763bb970b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a39d168db13e4849157fe4a52082eff9c45c9fd24dc78146c2cf521ed0698089

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:15 GMT
server: AkamaiNetStorage
etag: "9acd30ef95f3cc302325a4ea8c51babf:1697698335.624727"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 996
expires: Sat, 02 Mar 2024 16:52:31 GMT

GET
H2 200 RC93b7e6d666b140bf9b89c7ec29fd3502-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/ 2 KB
1 KB 44ms
44ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/RC93b7e6d666b140bf9b89c7ec29fd3502-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b2edc21754409f966994ef527c1f62f80126fcd7ae38c69b36f05f4c14211a64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:15 GMT
server: AkamaiNetStorage
etag: "9acd30ef95f3cc302325a4ea8c51babf:1697698335.624727"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1009
expires: Sat, 02 Mar 2024 16:52:31 GMT

POST
H2 200 interact Show response
adobedc.demdex.net/ee/v1/ 796 B
953 B 218ms
92ms Fetch
application/json 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/interact?configId=e0dadaea-a164-437c-a78a-42cffc63b50a&requestId=eb5ec46a-0f0d-4db2-bf63-a5f88989cef4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a78cf06af1ef30e7927154ca4ec96e83d4f55731479f293140a611d6b71671ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mandai.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: eb5ec46a-0f0d-4db2-bf63-a5f88989cef4

GET
H3

200

main.js Show response
www.mandai.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame 41BC
Redirect Chain

https://www.mandai.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.mandai.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

8 KB
4 KB

51ms
51ms

Script
application/javascript

2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4fb3b13be048db12d4cec890dff35f4ede9453d2635d562272a651056377e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85e28def0cca4db6-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 02 Mar 2024 15:52:31 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
cache-control: max-age=300, public
cf-ray: 85e28deeac774db6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 3 KB
1 KB 647ms
647ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/config.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3ee94015ab8995b08dc529e22919863b5c0ff68e43b0e3df390fb9f7c3f2a

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:58 GMT
server: cloudflare
etag: W/"0379bcb5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28deeac814db6-FRA

POST
H3 200 85e28de049ed2bd9 Show response
www.mandai.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 41BC 0
312 B 72ms
70ms XHR
text/plain 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mandai.com/cdn-cgi/challenge-platform/h/g/jsd/r/85e28de049ed2bd9
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: br
server: cloudflare
cf-ray: 85e28defbdd94db6-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 23 KB
8 KB 1474ms
222ms Script
application/javascript 23.63.84.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.63.84.152 Hyderabad, India, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-63-84-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b1228dcc9ae2c01d31fb43e531c1f73923d994a751ba7a63da63cac8c755e7ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 15:52:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Feb 2024 07:03:21 GMT
Server: nginx
ETag: "65bb4239-5b7d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1949
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7641
Expires: Sat, 02 Mar 2024 16:25:02 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-956687319&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

934fc6076f28f6c1704ae83fb5c57b4c339b1bfb9877bf0edd619fadf3f53d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79244
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 15:52:31 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11432329&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10d8abd81c527bee64e0d0a578121060cf3734f00454e9c8f259a6c0b79dd5f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71043
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 15:52:31 GMT

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 18 KB
6 KB 195ms
39ms Script
application/javascript 2.17.0.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.0.11 Ballerup Municipality, Denmark, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-0-11.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 15:52:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:45:19 GMT
Server: AmazonS3
x-amz-request-id: PZ981EYCHPGV747A
ETag: "7571f2b08378e73bce1d28a5908d2cd5"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=363
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5930
x-amz-id-2: coQiovzsZSU4N32yqiBMox1cwKwD/pV04sb/ErQ54WaAXaJhReJfoRebvj15l4O2IF2LJKlvpmE=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 194ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 02 Mar 2024 15:52:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 3ix7qEmCppGqi8YJI2FllyEO4RIqQz4dw+XDCpKz39I3wFiCrpRzfov353U6K+aJPxPdgNXd4eRsA4ODmrLO3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 495ms
237ms Script
application/javascript 104.115.82.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2TOBBC77U92N2SU4KG&lib=ttq
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.115.82.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-115-82-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6d6c35ac1b3b06c085eb2c72894a4973fe618f1f68dbd075c29eba7a116b3d57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-akamai-request-id: 6fd42698.1eae07de
date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403021552326FACA46E29C2C9F998DF-13991B923630CBCF-00
x-cache: TCP_MISS from a104-115-82-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
x-parent-response-time: 122,104.115.82.4
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=23, inner; dur=3
content-length: 2258
pragma: no-cache
server: nginx
x-tt-logid: 202403021552326FACA46E29C2C9F998DF
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.104.215
x-tt-trace-host: 01c0d5b35f1fa7824b6195ab34ef9e2ac05b2f71f04db8702a49bc9239c64510e9113d2471ba4b6e87c10ccfca4a1d17da1f178c6b953599c6832f2b4acc2b2c0236d0cf92b80e2f155234191cc076e4d13958936a0b8a6e6777132385ea9827c467d65f5b1faf873712ab3362dda3c367
expires: Sat, 02 Mar 2024 15:52:32 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 196ms
41ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 09 Mar 2024 15:52:32 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 196ms
42ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108067

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6bebb8541a7244770e022d529052759c244f52e6935ce74bb6819753ffba7fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12189703

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1da514f1eb04caea4c0f2f883f4b189fbf699ac9958da413be7e1d4f19fface3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71018
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 15:52:31 GMT

GET
H2

200

activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=syph... Show response
11432329.fls.doubleclick.net/ Frame 3370
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=s...
https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z886501...

4 KB
2 KB

81ms
81ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11432329&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

98864f99158f4f333e0ff446673f165f585185b93ae1c191aad370f96ff6a249

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1700
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 15:52:32 GMT
expires: Sat, 02 Mar 2024 15:52:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 15:52:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=syph... Show response
11432329.fls.doubleclick.net/ Frame D0A1
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=s...
https://11432329.fls.doubleclick.net/activityi;dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z886501...

521 B
622 B

79ms
78ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11432329&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

010d72978e7348dcf5e054225ba09b71142f6a221e8084225738e99060ce37f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 317
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 15:52:32 GMT
expires: Sat, 02 Mar 2024 15:52:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 15:52:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/956687319/ 3 KB
2 KB 215ms
115ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/956687319/?random=1709394752085&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=492653310.1709394752&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-956687319&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9ddb3586e77b12ae5d28c7fd8e290ec0b87eab490db78089f82b463d89bc5880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1709
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 133 B
572 B 220ms
85ms Fetch
application/json 2.17.0.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.mandai.com%2Fen.html&buyer_pixel_id=9758
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.0.11 Ballerup Municipality, Denmark, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-0-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a58c79fa74a3e79bf64f2745f5cbaa2a3c6fe4980686bf040048cb09decc9f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Mar 2024 15:52:32 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.mandai.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
Expires: Sat, 02 Mar 2024 15:52:32 GMT

GET
H2 200 rules-p-BDGGPC8sPSpFR.js Show response
rules.quantcount.com/ 34 KB
6 KB 143ms
41ms Script
application/javascript 2600:9000:223c:7600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BDGGPC8sPSpFR.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 492b333512ad9eec456bb5f14ba2e164019a4d61973ca71f830fffe3aa0f1fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:47:40 GMT
content-encoding: gzip
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 29 Feb 2024 05:46:32 GMT
server: AmazonS3
etag: W/"eff17d4ae3fd4f8aee10d79369fee91f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: gGehJI-KMML11NiflaJJsBZEWnjoZ4nDHDZg7gKMpqBMJbvTyt0cxA==

GET
H2 200 428162178859206 Show response
connect.facebook.net/signals/config/ 63 KB
13 KB 112ms
112ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/428162178859206?v=2.9.148&r=stable&domain=www.mandai.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0efbb8a41ea63440302911633154f0909706810e20d18d8432bc9ffb3db4aef4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 02 Mar 2024 15:52:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 5ElKMW6qtusOj1XTQfXrkWQ+7bCR7z2BCZZvIB0Wy5mEaDqVI4GQzEMjuqbYhgExGtMnU6qo6fMoCfdIIeIvLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/956687319/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1...
https://www.google.com/pagead/1p-conversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1...
https://www.google.de/pagead/1p-conversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&...

42 B
455 B

145ms
54ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&npa=1&pscdl=noapi&auid=492653310.1709394752&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=EkxDaEFJZ0xtTHJ3WVE2ZUcxelpiUXpxdEtFaVVBS2I4Q3JrVmxlUVd1Tms1SjVsdFAtNlpfMFJDdTJtTVkwRGsyN05SV0pHUjVFXzZkGldDaEFJZ0xtTHJ3WVFoS0hqeUozMjRMa0JFaTBBTDdIaTNnb3VrLS1Jazd6RW1kWGtXWmwxcE82OXdKeG9ZMXVCZTBEU1d4R1VsT0V5MEtjRlJ3RzJxc0EiEwiCqPPX99WEAxUxF6IDHRDUCSAyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSGwB7FLtqx_p90kHLBQzyvdfP9EE5-HkiLthjFw&eitems=ChAIgLmLrwYQ-LaqxImo5OpbEh0ATnwZqP_5sPJXaDWAW3PbyNou2trfO-0HbTWrrw&random=4223112202&ipr=y

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/956687319/?random=1985200007&cv=11&fst=1709394752085&bg=ffffff&guid=ON&async=1&gtm=45be42t1v875321882z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&npa=1&pscdl=noapi&auid=492653310.1709394752&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=EkxDaEFJZ0xtTHJ3WVE2ZUcxelpiUXpxdEtFaVVBS2I4Q3JrVmxlUVd1Tms1SjVsdFAtNlpfMFJDdTJtTVkwRGsyN05SV0pHUjVFXzZkGldDaEFJZ0xtTHJ3WVFoS0hqeUozMjRMa0JFaTBBTDdIaTNnb3VrLS1Jazd6RW1kWGtXWmwxcE82OXdKeG9ZMXVCZTBEU1d4R1VsT0V5MEtjRlJ3RzJxc0EiEwiCqPPX99WEAxUxF6IDHRDUCSAyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggCMgIICw&is_vtc=1&cid=CAQSGwB7FLtqx_p90kHLBQzyvdfP9EE5-HkiLthjFw&eitems=ChAIgLmLrwYQ-LaqxImo5OpbEh0ATnwZqP_5sPJXaDWAW3PbyNou2trfO-0HbTWrrw&random=4223112202&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=2092350744;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0...
pixel.quantserve.com/ 35 B
509 B 66ms
47ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2092350744;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-116316973-1709394752160;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=mandai.com;dst=1;et=1709394752308;tzo=-60;ogl=title.Homepage%2Cdescription.%2Cimage.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fcontent%2Fdam%2Fmandai%2Fabout-mandai%2Fmandai-wildlife-reserve-1%2Curl.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fen%252Ehtml%2Ctype.article;ses=7962e567-c66e-4488-af07-fb3cae623802;mdl=

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:32 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["_fp.event.Default"],"pcode":["p-BDGGPC8sPSpFR"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/ 75 KB
75 KB 859ms
859ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 76764
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:39 GMT
server: cloudflare
etag: "1361ee45369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28df258c04db6-FRA

GET
H2 200 track
t.teads.tv/ 23 B
0 567ms
401ms Fetch
image/gif 2.19.100.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=9758&referer=https%3A%2F%2Fwww.mandai.com%2Fen.html&user_session_id=738bd76c-a37b-4505-85c5-8ce32dc096ec
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.100.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-100-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: https://www.mandai.com
date: Sat, 02 Mar 2024 15:52:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 261ms
94ms Image
image/gif 2.19.100.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=9758&referer=https%3A%2F%2Fwww.mandai.com%2Fen.html&user_session_id=738bd76c-a37b-4505-85c5-8ce32dc096ec
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.100.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-100-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Sat, 02 Mar 2024 15:52:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 130ms
48ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428162178859206&ev=ViewContent&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1709394752385&cd[content_type]=product&cd[content_ids]=%5B%22en.html%22%5D&sw=1600&sh=1200&v=2.9.148&r=stable&ec=1&o=4126&fbp=fb.1.1709394752382.445637153&cs_est=true&est_source=411158113806146&ler=empty&cdl=API_unavailable&it=1709394752256&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 02 Mar 2024 15:52:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 130ms
48ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428162178859206&ev=PageView&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1709394752386&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709394752382.445637153&cs_est=true&ler=empty&cdl=API_unavailable&it=1709394752256&coo=false&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 02 Mar 2024 15:52:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=*;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame D0A1 42 B
107 B 172ms
82ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=*;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CLnT9tf31YQDFX7UOwIdk7UKTQ;src=11432329;type=wrs;cat=wrs_h0;ord=2334490116882;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 3370 70 B
149 B 179ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=44pt0k5&ct=0:yvg0lt3&fmt=3
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ Frame 3370 28 KB
29 KB 135ms
45ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 69b5ac9bcf2ca14c474bad85bd5c97abc2d8ace612485dae632d3133e796236b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:55:32 GMT
age: 3420
x-guploader-uploadid: ABPtcPqTiEoyB0oDMSMEdo1kvGpS-th-GPuxLGFbwRSXLqQO4ACPsjYbKdoNlHyozQ5ggiTsDWpD_mRqaA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28789
last-modified: Fri, 01 Mar 2024 16:30:37 GMT
server: UploadServer
etag: "1852c0189bcaf35c5b6c6841f1ba353f"
x-goog-generation: 1709310637582337
x-goog-hash: crc32c=XeMheQ==, md5=GFLAGJvK81xbbGhB8bo1Pw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 28789
accept-ranges: bytes
expires: Sat, 02 Mar 2024 15:55:32 GMT

GET
H2 200 dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=*;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame 3370 42 B
401 B 169ms
81ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=*;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zcpt.js Show response
js-tag.zemanta.com/ Frame 3370 8 KB
3 KB 149ms
54ms Script
application/javascript 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-tag.zemanta.com/zcpt.js
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 08:53:31 GMT
server: cloudflare
x-amz-request-id: D52KNQZNWW248RGG
age: 5284
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85e28df34b4d3733-FRA
x-amz-id-2: 9VPaDfsGiT1VJIiZlej+NHg19sqLHdVrVZFO4c0AfVU9HSZwFUDSbihIRMlr6ftzQkjbXzjwasVPDZbYUG5QPBX/5sp3IPdgQQds2zqehKA=

GET
H3 200 config-layout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
3 KB 566ms
566ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/config-layout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099040eb47363eec5e39db282c36658387ce5310e2bb24544d7b56051e2138b6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:10:00 GMT
server: cloudflare
etag: W/"07cd95b5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9204db6-FRA

GET
H3 200 tracking-data.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 5 KB
2 KB 569ms
569ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/tracking-data.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25549cf31a55882533bfaf8a9ada58770b8de823e08e7b2f7fb3f4958f82ba2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:59 GMT
server: cloudflare
etag: W/"80cd33cc5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9214db6-FRA

GET
H3 200 header.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 25 KB
6 KB 552ms
551ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/header.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14b7d740d01bfd407dd850b0fb2110c294bb9733cc8fed31a86bc26bddbb180a

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:07:48 GMT
server: cloudflare
etag: W/"0e22bd5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9224db6-FRA

GET
H3 200 bodyScrollLock.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 550ms
549ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/bodyScrollLock.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3326e61fd69bdd39b71b359ce95168787a017ea0249dffcad5defa31c16aabdc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:07:54 GMT
server: cloudflare
etag: W/"069bf105469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9244db6-FRA

GET
H3 200 modal.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
3 KB 556ms
555ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/modal.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81ae63d2a08d0bb0b01b3ef0d31bad46db06b63de0f455fd75132b4e57f50169

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:11:44 GMT
server: cloudflare
etag: W/"0a0d6995469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9254db6-FRA

GET
H3 200 logout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 973 B
750 B 555ms
554ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/logout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b628f4d6ec810c1fc5b51ca0a7924a5e447760f5835223f6b7b5600e968a412

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:07:54 GMT
server: cloudflare
etag: W/"24d640115469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9264db6-FRA

GET
H3 200 navbar-search.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
2 KB 1225ms
1224ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/navbar-search.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6436400d015db6bcbf0dcce1cf4d6fc77e7c7de93dff3ff78e54a51c747ea22e

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:18 GMT
server: cloudflare
etag: W/"0cbd0425469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9274db6-FRA

GET
H3 200 search-component.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 4 KB
2 KB 578ms
577ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/search-component.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a8f1934beae71be11ac02309674df7b612b5884928c43b22229ba10ccd1cc91

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:07 GMT
server: cloudflare
etag: W/"803b35ad5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9294db6-FRA

GET
H3 200 md-destination-masthead.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 4 KB
1 KB 596ms
595ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-destination-masthead.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b35d72382942c6421be18314f91925ca5baabc9264ce340d1e7e00edbc1dfdc3

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:26:27 GMT
server: cloudflare
etag: W/"80bb25a85669da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c92a4db6-FRA

GET
H3 200 background-change.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 2 KB
961 B 1211ms
1210ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/background-change.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d0e69bced02a7940b5f34440fa8d81c33288b27c885eb90120890174768174

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:16 GMT
server: cloudflare
etag: W/"16dc72d65369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c92b4db6-FRA

GET
H3 200 md-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 536ms
535ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5f34e29ea4cba890b6175a5a447cf3ccc4596cc8642daf72af0e666b43536a4

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:10:05 GMT
server: cloudflare
etag: W/"806cd45e5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c92d4db6-FRA

GET
H3 200 masthead-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 10 KB
3 KB 552ms
552ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/masthead-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b045b70ae477fed438b0646acb38278f1663a8d2301fb1799f258e996587851

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:12 GMT
server: cloudflare
etag: W/"0443d3f5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c92e4db6-FRA

GET
H3 200 match-height.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
831 B 561ms
560ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/match-height.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2074c9401cd07a01c79cdae18b7be41091c4d7dbb7ca7240265f7047f11f680

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:51 GMT
server: cloudflare
etag: W/"ba7062eb5369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c92f4db6-FRA

GET
H3 200 back-to-top.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
921 B 537ms
536ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/back-to-top.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4bee997fb047efa04e748c15937d8cdd1221a0ba420fb0153dbca2dc4e8fd7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:13:08 GMT
server: cloudflare
etag: W/"ba9c73cc5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9304db6-FRA

GET
H3 200 list-social.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 535ms
534ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/list-social.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8c95880c191331a9fd82216001770860fff83dcd5d9a94af99602adb2f75d8b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:12:45 GMT
server: cloudflare
etag: W/"807c32be5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9314db6-FRA

GET
H3 200 accordion-footer.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 570ms
569ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/accordion-footer.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

554897823e2d49ec098fb07b1e040e16134b9c446857f5484b403397bc47d9cc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:22:24 GMT
server: cloudflare
etag: W/"0e04e175669da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df2c9334db6-FRA

GET
H2 200 main.MTNhZGZiOTRkMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 428 KB
114 KB 134ms
134ms Script
application/javascript 104.115.82.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNhZGZiOTRkMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2TOBBC77U92N2SU4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.115.82.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-115-82-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8344b30c4f0eb1c6f29e7515183b8d91e55f80563104c8f15b6d156217091f00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-akamai-request-id: 1eae0cb8
date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240222150130BC83B55DC86853066EF7
x-tt-trace-id: 00-240222150130BC83B55DC86853066EF7-595BBD2E86903A97-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-115-82-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019ee0b2843671de261bcca70d4373cade84d523f620e3bd4d15e917f30eb8b855abc63f0eeedc9701fde52070618f8c381fd33bda6dff8f3b6a8406336230aa86588841781dd8d74122f9f3a80a7ca9e4bb0f7e0d992da2b94850ec6daee00d56
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 116236

GET
H2 200 /
p1.zemanta.com/v2/p/js/60144/PAGE_VIEW/ Frame 3370 26 B
145 B 385ms
376ms Image
image/gif 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.zemanta.com/v2/p/js/60144/PAGE_VIEW/?bust=03282293322065244&optOut=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
x-robots-tag: none
cf-ray: 85e28df3ab8a3733-FRA
content-length: 26

GET
H2 200 66017.html Show response
static.sojern.com/cip/a/ Frame F64D 6 KB
6 KB 174ms
174ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg;src=11432329;type=wrs;cat=wrsal0;ord=6787206721411;npa=1;auiddc=492653310.1709394752;pscdl=noapi;gtm=45fe42t1z8865019465za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0135f22780f6e4558f5b4c0723b00aa5b83224d78565daa4ef155f2ca6f5b153

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 6085
content-type: text/html
date: Sat, 02 Mar 2024 15:52:32 GMT
etag: "93c61ff6077e7fd4f60d1e8d45ca480c"
expires: Sat, 02 Mar 2024 16:52:32 GMT
last-modified: Mon, 02 Oct 2023 05:13:04 GMT
server: UploadServer
x-goog-generation: 1696223584615176
x-goog-hash: crc32c=KUu7rQ== md5=k8Yf9gd+f9T2DR6NRcpIDA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6085
x-guploader-uploadid: ABPtcPrsDzKTLSr-miaUyW-KyiLI3yV00yY9c_Mn3xd7-GZAkhVrmfci_nQvpNYoOlWD5gxN-BI

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 3370 18 KB
7 KB 131ms
40ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 02 Mar 2024 15:47:25 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 56RGHKBVWA1GKERD
age: 308
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: BJN0DxFO3WblKQmkXsMfGjj/bGZ5WvtGWjkU3HeqEz3rQv27+6+lynPfImB+vKRJrsRXhWfUWGc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 identify_efbb8.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 80ms
79ms Script
application/javascript 104.115.82.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_efbb8.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNhZGZiOTRkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.115.82.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-115-82-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-akamai-request-id: 1eae10c9
date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024022215011383FE90328CBE8F3B1EB9
x-tt-trace-id: 00-24022215011383FE90328CBE8F3B1EB9-6E9507D5766CCA54-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-115-82-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0142dd2107bd2e064badc32580323135e987a72fd5b6d5e831aacd50010416af8918251a954a1331e54032667ec51d26e3c63021a70b37da179d3e14e17fd7e7d19c0d0be327f773df1565e8cc14f780e6be23c711bddaf5df756d8039c4946911
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 36886

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 258ms
257ms Ping
text/plain 104.115.82.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNhZGZiOTRkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.115.82.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-115-82-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6fd43a70.1eae1151
date: Sat, 02 Mar 2024 15:52:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240302155232377441C9FABA06F5A837-0650DB9E2A840695-00
x-cache: TCP_MISS from a104-115-82-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
x-parent-response-time: 155,104.115.82.4
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=58, inner; dur=55
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240302155232377441C9FABA06F5A837
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 58,23.220.104.215
x-tt-trace-host: 01c0d5b35f1fa7824b6195ab34ef9e2ac05b2f71f04db8702a49bc9239c64510e9113d2471ba4b6e87c10ccfca4a1d17da60960b7bc27fe228bcb37916eb3ecaf6336f54952efacdf7b302475829db83eb3f2508d12e1643b1a03584ab680cea615042f1391ca80ec165b25c7ce46bee87
access-control-allow-headers: Authorization,*
expires: Sat, 02 Mar 2024 15:52:32 GMT

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame F64D 18 KB
18 KB 41ms
41ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:11:56 GMT
age: 2436
x-guploader-uploadid: ABPtcPq5jOCHFbEScb6MrqEw5S9uE1k_LO0x9DuBJIHqFWIm64HR3WIU5kui9tVV-Qntv27j_4iDZKzBpw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Sat, 02 Mar 2024 16:11:56 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame F64D 4 KB
4 KB 40ms
40ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:00:49 GMT
age: 3103
x-guploader-uploadid: ABPtcPqQBbXpGnmYfN7QY_pEy5yML7IcwgIkNvHKe5YY-h4TGLuvVuP0FTJfbvXW-LDoE3emu1fDwbGsOw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
last-modified: Mon, 06 Nov 2023 11:24:16 GMT
server: UploadServer
etag: "2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation: 1699269856296451
x-goog-hash: crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4169
accept-ranges: bytes
expires: Sat, 02 Mar 2024 16:00:49 GMT

GET
H2 200 10169313.json Show response
s.yimg.com/wi/config/ Frame 3370 46 B
675 B 217ms
138ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10169313.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
x-amz-version-id: hvL9Loj6z8YGhQnJgF755hVho81fjX82
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 8PP121HXJBVF3KH5
age: 0
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: pbTqj76lNFuR3iP1KbzjZkPcttpPNRvafGQY8INjBoXc1vI0kJzX32UozfQvmB09kne4OcoOi+8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Mon, 07 Apr 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sat, 02 Mar 2024 15:45:07 GMT
server: ATS
etag: "169a76622cb3516047cff5f2cd73cd11"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 335614 Show response
beacon.sojern.com/pixel/p/ Frame F64D 4 KB
1 KB 153ms
52ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/335614?f_v=v6_js&p_v=1&f_v=v6_js&cid=&p_v=4&version=5&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&pc=https%3A%2F%2Fwww.mandai.com%2Fen.html&ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&vid=hot&domain=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&s=ccid_auto&pname=%3Ff_v%3Dv6_js%26p_v%3D4%26version%3D5%26auto_url%3Dhttps%253A%252F%252F11432329.fls.doubleclick.net%252Factivityi%253Bdc_pre%253DCPzV9tf31YQDFSjLOwIdegIEPg%253Bsrc%253D11432329%253Btype%253Dwrs%253Bcat%253Dwrsal0%253Bord%253D6787206721411%253Bnpa%253D1%253Bauiddc%253D492653310.1709394752%253Bpscdl%253Dnoapi%253Bgtm%253D45fe42t1z8865019465za201%253Bgcd%253D13l3l3l2l1%253Bdma_cps%253Dsypham%253Bdma%253D1%253Buaa%253D%253Buab%253D%253Buafvl%253D%253Buamb%253D0%253Buam%253D%253Buap%253D%253Buapv%253D%253Buaw%253D0%253Bepver%253D2%253B~oref%253Dhttps%25253A%25252F%25252Fwww.mandai.com%25252Fen.html%253F%26auto_ccid%3D8kxfu-d67zt-kdd9d-0a89b-vuzc9%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26ws%3D0x0%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%253D%26vd1%3D%26vd2%3D%26vf2%3D%26vn2%3D%26vf1%3D%26vs1%3D%26vn1%3D%26vb%3D%26pn%3D%26t%3D%26vp%3D%26vcu%3D%26vconfno%3D%26l%3D%26pc%3D%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&dc_pre=CPzV9tf31YQDFSjLOwIdegIEPg&src=11432329&type=wrs&cat=wrsal0&ord=6787206721411&npa=1&auiddc=492653310.1709394752&pscdl=noapi&gtm=45fe42t1z8865019465za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&uamb=0&uaw=0&epver=2&~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html&=undefined&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 0c7c453ef6eed5a125e6c0d9e1b5bd911bcf5a974c00ecff2427d385e78d0afc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:32 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 898

GET
H2 200 1626935178112.png
files.vouch.sg/files/60b9e36a547f7400165c552c/ 549 B
857 B 155ms
41ms Image
image/png 18.245.86.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/60b9e36a547f7400165c552c/1626935178112.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:26 GMT
via: 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 06:26:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 7
etag: "7ba90422931f52be89d1284b77f8b016"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 549
x-amz-cf-id: 7GgO_5Gc7NVejQ8-xhWiPfqZngLF9IByYFW0FPZ_UymVztHQ6kmLfg==

GET
H2 200 1655801521060.png
files.vouch.sg/files/613afb2ee42545001564fef5/ 514 B
821 B 155ms
40ms Image
image/png 18.245.86.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/613afb2ee42545001564fef5/1655801521060.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:26 GMT
via: 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:51:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 7
etag: "200984452bb9c370ccc880fdd1c6adce"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 514
x-amz-cf-id: eKrkBFLxRJFpCsfPAG9h83G160HMbo53luA8KrLyDmcOrsTRTZ2v1w==

GET
H2 200 / Show response
app.vouchconcierge.com/bot/ Frame 757B 2 KB
3 KB 708ms
707ms Document
text/html 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/widget3/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

ae1cfb6fc2593917e930c60f295bb094e86fed22417e34141fa1e62942df2626

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .twilio.com .twiliocdn.com .amazonaws.com .google.com; script-src 'self' .vouch-technologies.com .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com .facebook.net .fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' .bootstrapcdn.com fonts.googleapis.com .fontawesome.com https:; font-src 'self' .gstatic.com fonts.googleapis.com fonts.cdnfonts.com .bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com .amazonaws.com images.unsplash.com placeholdit.co drive.google.com .vouch-technologies.com .vouch.sg .vouchconcierge.com .twilio.com .twiliocdn.com blob: data: https:; connect-src 'self' .growthbook.io .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .microsoftonline.com .googleapis.com .google.com google.com .vouch3.sg .microsoft.com .google-analytics.com onesignal.com .onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
content-length: 1597
content-security-policy: default-src 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.twilio.com *.twiliocdn.com *.amazonaws.com *.google.com; script-src 'self' *.vouch-technologies.com *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.facebook.net *.fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com fonts.googleapis.com *.fontawesome.com https:; font-src 'self' *.gstatic.com fonts.googleapis.com fonts.cdnfonts.com *.bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com *.amazonaws.com images.unsplash.com placeholdit.co drive.google.com *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com *.twilio.com *.twiliocdn.com blob: data: https:; connect-src 'self' *.growthbook.io *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.microsoftonline.com *.googleapis.com *.google.com google.com *.vouch3.sg *.microsoft.com *.google-analytics.com onesignal.com *.onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
content-type: text/html
date: Sat, 02 Mar 2024 15:52:34 GMT
etag: "2e1bea8feb48742a2312865aefe7c0d8"
last-modified: Thu, 11 Jan 2024 10:07:57 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id: PEvSSVLq13f4QHrDkiblENYkhvrNd7BAcW1atGtp81IhRi1C3ETyEw==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: Yy8UsV6rbOS4VqrgDZL5dQ4PxvB6Pfgx
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H3 200 slick.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 41 KB
11 KB 1190ms
1190ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/slick.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f0c16d0ce5e099475f0c1638cc44098cd6f6874d2acea07b44b7559e3084d9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:10:36 GMT
server: cloudflare
etag: W/"0a64e715469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df62c4f4db6-FRA

GET
H3 200 generatetoken.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 4 KB
1 KB 555ms
554ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/generatetoken.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96d8fb75c57238505a06aec235ced6e2e41eaaf13e88c7a043199fcc11e34b8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:08 GMT
server: cloudflare
etag: W/"0d2cdad5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df64c624db6-FRA

GET
H3 200 debounce.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 739 B
846 B 537ms
536ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/debounce.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

110973afe37ac008e0b5da625081cbdbe0da67ee31159d507bdd3f836c570b1e

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:10:01 GMT
server: cloudflare
etag: W/"1ad7f5c5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df64c634db6-FRA

GET
H3 200 storagePolyfill.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 5 KB
2 KB 1184ms
1183ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/storagePolyfill.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6ba8a1b52632276b87ea047f596c8e6e79d089f41b0b7e39e49dc24c78e5f0

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:07:55 GMT
server: cloudflare
etag: W/"80ff57115469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df64c664db6-FRA

GET
H3 200 jquery.cookie.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 538ms
538ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.cookie.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc57c32c87c2cf440821e05e04701a71000cba21ef62c9b5a0f966928de369c

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:00 GMT
server: cloudflare
etag: W/"064cccc5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df64c674db6-FRA

GET
H2

200

src=11956783;dc_pre=CJXmqdj31YQDFVobogMdYssG6A;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_chil...
adservice.google.com/ddm/fls/z/ Frame F64D
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_fo...
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=CJXmqdj31YQDFVobogMdYssG6A;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html...
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CJXmqdj31YQDFVobogMdYssG6A;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;...

42 B
107 B

82ms
82ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CJXmqdj31YQDFVobogMdYssG6A;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Mar 2024 15:52:33 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"10498600818199874492"}],"aggregatable_trigger_data":[{"filters":{"14":["12584028"]},"key_piece":"0x9a9d025c3cb09e9d","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xe22d49e1063543ca","not_filters":{"14":["12584028"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["12584028"]},"key_piece":"0xb93aecb3ca77150e","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x8137328ab417d217","not_filters":{"14":["12584028"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"7192426065859092274","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10498600818199874492","filters":{"14":["12584028"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"10498600818199874492","filters":{"14":["12584028"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"10498600818199874492","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"10498600818199874492","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["11956783"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CJXmqdj31YQDFVobogMdYssG6A;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%3A%2F%2Fwww.mandai.com%2Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame F64D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ZjEzNzg5NjAtYzY1ZS0yYmI4LTA0MmUtMmI5YWE5ZDQ2M2Y5&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=AWfxHIc6DkySFNgPOZrwXw4Uc...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AWfxHIc6DkySFNgPOZrwXw4Ucq86JQPpMgDnKTde-ilN7GknOCqwjNycYjhFmXcS&sjrn_ula=7361855079&google_gid=CAESEKAlSIKlB9fNXNjuDJ8wBDg&google_cver=1

42 B
275 B

58ms
57ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AWfxHIc6DkySFNgPOZrwXw4Ucq86JQPpMgDnKTde-ilN7GknOCqwjNycYjhFmXcS&sjrn_ula=7361855079&google_gid=CAESEKAlSIKlB9fNXNjuDJ8wBDg&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AWfxHIc6DkySFNgPOZrwXw4Ucq86JQPpMgDnKTde-ilN7GknOCqwjNycYjhFmXcS&sjrn_ula=7361855079&google_gid=CAESEKAlSIKlB9fNXNjuDJ8wBDg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame F64D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=ZjEzNzg5NjAtYzY1ZS0yYmI4LTA0MmUtMmI5YWE5ZDQ2M2Y5&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopJUCX7QqoxNU49mRQ8IbonN6OV1hpjZmvBprN0be_utY7i2xq79hKY3isPhu_secDB1fu0M03iV-zFh_c6uLEhbzLWBzr8H_MLzUOhdv5CLb00RntrbTLPoR7wFTflZLDX3UWP
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopJUCX7QqoxNU49mRQ8IbonN6OV1hpjZmvBprN0be_utY7i2xq79hKY3isPhu_secDB1fu0M03iV-zFh_c6uLEhbzLWBzr8H_MLzUOhdv5CLb00RntrbTLPoR7wFTflZLDX3UWP

170 B
432 B

190ms
85ms

Image
image/png

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopJUCX7QqoxNU49mRQ8IbonN6OV1hpjZmvBprN0be_utY7i2xq79hKY3isPhu_secDB1fu0M03iV-zFh_c6uLEhbzLWBzr8H_MLzUOhdv5CLb00RntrbTLPoR7wFTflZLDX3UWP

Requested by

Protocol

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopJUCX7QqoxNU49mRQ8IbonN6OV1hpjZmvBprN0be_utY7i2xq79hKY3isPhu_secDB1fu0M03iV-zFh_c6uLEhbzLWBzr8H_MLzUOhdv5CLb00RntrbTLPoR7wFTflZLDX3UWP
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidnb
ib.adnxs.com/ Frame F64D 43 B
701 B 187ms
106ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=AWfxHIc6DkySFNgPOZrwXw4Ucq86JQPpMgDnKTde-ilN7GknOCqwjNycYjhFmXcS

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
an-x-request-uuid: 83a30770-3659-453e-9767-8781bfe79586
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.104; 80.255.7.104; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F64D 70 B
148 B 59ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=AWfxHIc6DkySFNgPOZrwXw4Ucq86JQPpMgDnKTde-ilN7GknOCqwjNycYjhFmXcS&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame F64D
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9&party=1296
https://pixel.sojern.com/idsync/adf?adfid=7375091438816003704&cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9

0
209 B

50ms
49ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=7375091438816003704&cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=5&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&auto_ccid=8kxfu-d67zt-kdd9d-0a89b-vuzc9&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&ws=0x0&tz=-60&n=tf%3ANGd8MTB8MHw4fDE3fGVuLVVTfGVuLVVTLGVufFdpbjMyfGZhbHNlfHwxfDI0fDI0fDE2MDB8MTIwMHwzNzYwMDAwMDAwfEV1cm9wZS9CZXJsaW58ZmFsc2U%3D&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Mar 2024 15:52:33 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=7375091438816003704&cid=f1378960-c65e-2bb8-042e-2b9aa9d463f9
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 handlebars-v4.7.8.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 86 KB
27 KB 731ms
730ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/handlebars-v4.7.8.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af3841dc499956b7d3d3901729b8c559bdf3ed66f330223c34c45c5239338cb

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:12 GMT
server: cloudflare
etag: W/"0443d3f5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df64c6c4db6-FRA

GET
H3 200 iscroll.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 33 KB
9 KB 1190ms
1189ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/iscroll.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d645043d620f67f7fbd869ace474b4909374c521f94938bcabf84fa1b2fb6c9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:07:55 GMT
server: cloudflare
etag: W/"80ff57115469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df64c6f4db6-FRA

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
851 B 366ms
366ms Ping
text/plain 104.115.82.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNhZGZiOTRkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.115.82.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-115-82-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a45b7f42.1eae1536
date: Sat, 02 Mar 2024 15:52:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403021552337EB89515A57B01E7DFFF-578FBC374858EE97-00
x-cache: TCP_MISS from a104-115-82-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
x-parent-response-time: 272,104.115.82.4
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=172, inner; dur=167
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403021552337EB89515A57B01E7DFFF
x-cache-remote: TCP_MISS from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 172,23.48.100.137
x-tt-trace-host: 01c0d5b35f1fa7824b6195ab34ef9e2ac0bd3a437ee81b707c474b2f1c4abd26221c50f0c17bf9d44b690d802f3c3f5948776401dd393f9604d5bb8b53157ca8c79611e38ca1f8a766f22951b00bd945b0cbb3a212cd7bd675da4a0f7a04b9c7634dcc8a703a58b884c75f5022c7b9dfcd
access-control-allow-headers: Authorization,*
expires: Sat, 02 Mar 2024 15:52:33 GMT

GET
H3 200 jquery.matchHeight.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 537ms
535ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.matchHeight.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85833ef60a138b4ea9b905b53079cb8cc62ff61d8d0fde44048ed7491f980a8b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:05:21 GMT
server: cloudflare
etag: W/"80768db55369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df65c7a4db6-FRA

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 3370 43 B
633 B 216ms
67ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2002%20Mar%202024%2015%3A52%3A32%20GMT&n=-1&.yp=10169313&f=https%3A%2F%2F11432329.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzV9tf31YQDFSjLOwIdegIEPg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D6787206721411%3Bnpa%3D1%3Bauiddc%3D492653310.1709394752%3Bpscdl%3Dnoapi%3Bgtm%3D45fe42t1z8865019465za201%3Bgcd%3D13l3l3l2l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html%3F&enc=UTF-8&yv=1.15.1&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Mar 2024 15:52:33 GMT

GET
H3 200 lodash.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 72 KB
27 KB 551ms
551ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/lodash.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb749862a50b4348496cc822f59db8e7101e17dd01773220dcc3662e2bab7c30

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:06:00 GMT
server: cloudflare
etag: W/"064cccc5369da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df66c824db6-FRA

GET
H3 200 jquery-ui.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 249 KB
68 KB 926ms
926ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery-ui.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:18 GMT
server: cloudflare
etag: W/"0cbd0425469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df66c874db6-FRA

GET
H3 206 mandai-destination-desktop-1920x1080.mp4
www.mandai.com/content/dam/mandai/destination/masthead/ 3 MB
3 MB 565ms
564ms Media
video/mp4 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/content/dam/mandai/destination/masthead/mandai-destination-desktop-1920x1080.mp4

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfcc0770f8316dd669e39b35e58cb473932be8016104b2eb66fede93d54e9773

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
Content-Range: bytes 0-3663943/3663944
alt-svc: h3=":443"; ma=86400
Content-Length: 3663944
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:10:25 GMT
server: cloudflare
etag: "e9d166b5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28df69cc84db6-FRA

POST
H2 204 b
wcs.naver.com/ 0
630 B 2615ms
312ms Ping
text/plain 110.93.147.30
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:35 GMT
x-content-type-options: nosniff
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H3

200

activityi;dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;... Show response
12189703.fls.doubleclick.net/ Frame 0493
Redirect Chain

https://12189703.fls.doubleclick.net/activityi;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2...
https://12189703.fls.doubleclick.net/activityi;dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=no...

533 B
336 B

86ms
86ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12189703.fls.doubleclick.net/activityi;dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12189703

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b0f018e0221a02cbcec5491cfe24821e8b754a8f8247515d7976cce362c8aae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 312
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 15:52:33 GMT
expires: Sat, 02 Mar 2024 15:52:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 15:52:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12189703.fls.doubleclick.net/activityi;dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0FC1 14 KB
6 KB 164ms
47ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.mandai.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=108067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 15:52:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 327704
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 interact Show response
smetrics.mandai.com/ee/irl1/v1/ 371 B
736 B 222ms
76ms Fetch
application/json 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.mandai.com/ee/irl1/v1/interact?configId=e0dadaea-a164-437c-a78a-42cffc63b50a&requestId=dc6d48da-95fc-4ba7-a937-c8317433d0c0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

8e8707256a20f6114f709cd414a22c6d2f8544c2ab3a9fa990dc2becd7fd8e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mandai.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: dc6d48da-95fc-4ba7-a937-c8317433d0c0

GET
H2 200 chunk-vendors.d1397efa.js Show response
app.vouchconcierge.com/bot/js/ Frame 757B 2 MB
2 MB 751ms
750ms Script
application/javascript 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

e40481e4aa5d96e37e9885cc02aa9890fb3dab77ace78416d43aca2645ec7610

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .twilio.com .twiliocdn.com .amazonaws.com .google.com; script-src 'self' .vouch-technologies.com .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com .facebook.net .fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' .bootstrapcdn.com fonts.googleapis.com .fontawesome.com https:; font-src 'self' .gstatic.com fonts.googleapis.com fonts.cdnfonts.com .bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com .amazonaws.com images.unsplash.com placeholdit.co drive.google.com .vouch-technologies.com .vouch.sg .vouchconcierge.com .twilio.com .twiliocdn.com blob: data: https:; connect-src 'self' .growthbook.io .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .microsoftonline.com .googleapis.com .google.com google.com .vouch3.sg .microsoft.com .google-analytics.com onesignal.com .onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:35 GMT
x-amz-version-id: QRrJ.Sek_ECedsoymCATRGGEGF.ZoicL
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.twilio.com *.twiliocdn.com *.amazonaws.com *.google.com; script-src 'self' *.vouch-technologies.com *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.facebook.net *.fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com fonts.googleapis.com *.fontawesome.com https:; font-src 'self' *.gstatic.com fonts.googleapis.com fonts.cdnfonts.com *.bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com *.amazonaws.com images.unsplash.com placeholdit.co drive.google.com *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com *.twilio.com *.twiliocdn.com blob: data: https:; connect-src 'self' *.growthbook.io *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.microsoftonline.com *.googleapis.com *.google.com google.com *.vouch3.sg *.microsoft.com *.google-analytics.com onesignal.com *.onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2238129
last-modified: Thu, 11 Jan 2024 10:07:57 GMT
server: CloudFront
etag: "b7925b08c7df7e272edf11905d3cb2fe"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: Izs4lGPqpFr3r-DLlZkTLwpkJdPn5MGTRGVKOuHvHpWEnYGe01YMZQ==

GET
H2 200 app.a46c0155.js Show response
app.vouchconcierge.com/bot/js/ Frame 757B 265 KB
266 KB 780ms
780ms Script
application/javascript 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/js/app.a46c0155.js

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

bd214cbbd07651ab44ce865921f0e073c0d2ff43532660fd9ba49d4596a5d8d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .twilio.com .twiliocdn.com .amazonaws.com .google.com; script-src 'self' .vouch-technologies.com .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com .facebook.net .fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' .bootstrapcdn.com fonts.googleapis.com .fontawesome.com https:; font-src 'self' .gstatic.com fonts.googleapis.com fonts.cdnfonts.com .bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com .amazonaws.com images.unsplash.com placeholdit.co drive.google.com .vouch-technologies.com .vouch.sg .vouchconcierge.com .twilio.com .twiliocdn.com blob: data: https:; connect-src 'self' .growthbook.io .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .microsoftonline.com .googleapis.com .google.com google.com .vouch3.sg .microsoft.com .google-analytics.com onesignal.com .onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:35 GMT
x-amz-version-id: 73IE0GtrJTCYevdeWsHVMd7L8kakwvJd
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.twilio.com *.twiliocdn.com *.amazonaws.com *.google.com; script-src 'self' *.vouch-technologies.com *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.facebook.net *.fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com fonts.googleapis.com *.fontawesome.com https:; font-src 'self' *.gstatic.com fonts.googleapis.com fonts.cdnfonts.com *.bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com *.amazonaws.com images.unsplash.com placeholdit.co drive.google.com *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com *.twilio.com *.twiliocdn.com blob: data: https:; connect-src 'self' *.growthbook.io *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.microsoftonline.com *.googleapis.com *.google.com google.com *.vouch3.sg *.microsoft.com *.google-analytics.com onesignal.com *.onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 270951
last-modified: Thu, 11 Jan 2024 10:07:57 GMT
server: CloudFront
etag: "05f507c543c11a5b9416cd4cedf4653f"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: NcLneqzE96WnpKXgqPZN8w7J14JXf6Yw-0-Um7YVbn_hoVbbMAXGcw==

GET
H2 200 chunk-vendors.b104b00e.css
app.vouchconcierge.com/bot/css/ Frame 757B 361 KB
364 KB 750ms
750ms Stylesheet
text/css 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/css/chunk-vendors.b104b00e.css

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

122a021739d8a07cc9dd484bc5d8b24aafe2bf57772e117affbdaeb5f39ee071

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .twilio.com .twiliocdn.com .amazonaws.com .google.com; script-src 'self' .vouch-technologies.com .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com .facebook.net .fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' .bootstrapcdn.com fonts.googleapis.com .fontawesome.com https:; font-src 'self' .gstatic.com fonts.googleapis.com fonts.cdnfonts.com .bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com .amazonaws.com images.unsplash.com placeholdit.co drive.google.com .vouch-technologies.com .vouch.sg .vouchconcierge.com .twilio.com .twiliocdn.com blob: data: https:; connect-src 'self' .growthbook.io .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .microsoftonline.com .googleapis.com .google.com google.com .vouch3.sg .microsoft.com .google-analytics.com onesignal.com .onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:35 GMT
x-amz-version-id: H7HzW_sprWpUVI6zhJdaDX2y6AJB20li
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.twilio.com *.twiliocdn.com *.amazonaws.com *.google.com; script-src 'self' *.vouch-technologies.com *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.facebook.net *.fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com fonts.googleapis.com *.fontawesome.com https:; font-src 'self' *.gstatic.com fonts.googleapis.com fonts.cdnfonts.com *.bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com *.amazonaws.com images.unsplash.com placeholdit.co drive.google.com *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com *.twilio.com *.twiliocdn.com blob: data: https:; connect-src 'self' *.growthbook.io *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.microsoftonline.com *.googleapis.com *.google.com google.com *.vouch3.sg *.microsoft.com *.google-analytics.com onesignal.com *.onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 370168
last-modified: Thu, 11 Jan 2024 10:07:57 GMT
server: CloudFront
etag: "e82ac684ffb631c7c888637b8bc8b310"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: PB533312_qMSoU4fVI4ZWRDTcglLHZo9V9h1KFgrNh_NH97JkyEqEg==

GET
H2 200 app.19676251.css
app.vouchconcierge.com/bot/css/ Frame 757B 248 KB
250 KB 899ms
898ms Stylesheet
text/css 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/css/app.19676251.css

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

ab35edd0c3aff59ced3feb3d2a05e644b2f5002a2e99b51faef9aa38c987d553

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .twilio.com .twiliocdn.com .amazonaws.com .google.com; script-src 'self' .vouch-technologies.com .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com .facebook.net .fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' .bootstrapcdn.com fonts.googleapis.com .fontawesome.com https:; font-src 'self' .gstatic.com fonts.googleapis.com fonts.cdnfonts.com .bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com .amazonaws.com images.unsplash.com placeholdit.co drive.google.com .vouch-technologies.com .vouch.sg .vouchconcierge.com .twilio.com .twiliocdn.com blob: data: https:; connect-src 'self' .growthbook.io .vouch-technologies.com .vouchconcierge.com .vouch.sg .facebook.com .microsoftonline.com .googleapis.com .google.com google.com .vouch3.sg .microsoft.com .google-analytics.com onesignal.com .onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:35 GMT
x-amz-version-id: yhH4qZ8LYoXYOtuKEr80ChT_3KIhnlzo
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.twilio.com *.twiliocdn.com *.amazonaws.com *.google.com; script-src 'self' *.vouch-technologies.com *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.facebook.net *.fontawesome.com blob: data: 'sha256-2UK60ZX7KpDMVvBFxN2Yyg4SupN88sL38hAnLRn/NQo=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'sha256-7c27OgQo5L4LKevSIm19yWM2RTYfRQEcBow2/6b2Y1Q='; worker-src 'self' blob:; frame-ancestors 'self' https:; frame-src 'self' https:; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com fonts.googleapis.com *.fontawesome.com https:; font-src 'self' *.gstatic.com fonts.googleapis.com fonts.cdnfonts.com *.bootstrapcdn.com data: https:; img-src 'self' via.placeholder.com *.amazonaws.com images.unsplash.com placeholdit.co drive.google.com *.vouch-technologies.com *.vouch.sg *.vouchconcierge.com *.twilio.com *.twiliocdn.com blob: data: https:; connect-src 'self' *.growthbook.io *.vouch-technologies.com *.vouchconcierge.com *.vouch.sg *.facebook.com *.microsoftonline.com *.googleapis.com *.google.com google.com *.vouch3.sg *.microsoft.com *.google-analytics.com onesignal.com *.onesignal.com wss: https:; base-uri 'self' https:; form-action 'self' https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 254017
last-modified: Thu, 11 Jan 2024 10:07:57 GMT
server: CloudFront
etag: "304f62b2ae986d363bcb682185e4c2d5"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: wgjoa88WeN0sHQohtzX94H9ScyNeH1jLUMGik7rBMaMfQoNMVzQHfA==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0FC1
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=mandai.com&sn=ChromeSyncframe&so=0&topUrl=www.mandai.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=hgCDvnxCT2ZXYVk2WDBUTFJLS05RWmlkbVB6ZGpuZkMzYmM0Vm1Ka0JDTVgvckNQaC9kWGFwZXVBeElrTTl0UkluSlprai9mOHg0cmpGM0w1YS9WMUUvR3ZKRzVpQVJIUjF0NEovL0RxcHZjTko1UFdObFZTbnJsYzdPdV...

428 B
653 B

53ms
52ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hgCDvnxCT2ZXYVk2WDBUTFJLS05RWmlkbVB6ZGpuZkMzYmM0Vm1Ka0JDTVgvckNQaC9kWGFwZXVBeElrTTl0UkluSlprai9mOHg0cmpGM0w1YS9WMUUvR3ZKRzVpQVJIUjF0NEovL0RxcHZjTko1UFdObFZTbnJsYzdPdVorTXREWFJjSmdobGJkVE01RU5tZGtnc1owZVg2U29UNTVzQS9GN3YzdTJsOGFFRmJuQ01QV0o3bUhycnpwc3pmWDdFREVTejIrQUd3VEExbklFd3ZyT3hDREFFYXBCeDNoVXdjcjFyYVg1TlZ5TkQ3cmcrNFlWM1JJaFU3ZHM5NVVab0EzOS9CNnA0citmb3dXQWxFV3pZYjVrcXdYUT09fA&cppv=2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f3706655a25be6fc26f693cf0943ef757c3ca779f992deba75e17542ef48cb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1570300
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hgCDvnxCT2ZXYVk2WDBUTFJLS05RWmlkbVB6ZGpuZkMzYmM0Vm1Ka0JDTVgvckNQaC9kWGFwZXVBeElrTTl0UkluSlprai9mOHg0cmpGM0w1YS9WMUUvR3ZKRzVpQVJIUjF0NEovL0RxcHZjTko1UFdObFZTbnJsYzdPdVorTXREWFJjSmdobGJkVE01RU5tZGtnc1owZVg2U29UNTVzQS9GN3YzdTJsOGFFRmJuQ01QV0o3bUhycnpwc3pmWDdFREVTejIrQUd3VEExbklFd3ZyT3hDREFFYXBCeDNoVXdjcjFyYVg1TlZ5TkQ3cmcrNFlWM1JJaFU3ZHM5NVVab0EzOS9CNnA0citmb3dXQWxFV3pZYjVrcXdYUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 283431
content-length: 0
expires: 0

GET
H3 200 bird-paradise-mandai-masthead-desktop-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 404 KB
405 KB 1550ms
1550ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/bird-paradise-mandai-masthead-desktop-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee2b61ff2865982043bda6b4edf23dadb065aa4124290c04089c34e04fb215f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=431092
alt-svc: h3=":443"; ma=86400
content-length: 413822
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Feb 2024 08:07:48 GMT
server: cloudflare
etag: "7f4b9ad5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dfac8924db6-FRA

GET
H3 200 homepage-banner-parks-carousel-ns-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 263 KB
263 KB 1875ms
1874ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-ns-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c3a2e32273364c535dea0f502a5de525fa9af1ecab9b3f855b534442f4ad264

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=271144
alt-svc: h3=":443"; ma=86400
content-length: 269095
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Feb 2024 08:10:25 GMT
server: cloudflare
etag: "eb9dea6a5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dfa78344db6-FRA

GET
H3 200 homepage-banner-parks-carousel-rw-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 335 KB
336 KB 2224ms
2223ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-rw-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7518af32493bd599ef8f7f796d5addad2049d4ddb25a066baac64a57ea30f31f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=349439
alt-svc: h3=":443"; ma=86400
content-length: 343238
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Feb 2024 08:10:25 GMT
server: cloudflare
etag: "1d63ef6a5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dfa78354db6-FRA

GET
H3 200 homepage-banner-parks-carousel-sz-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 351 KB
352 KB 2845ms
2845ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-sz-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a6bd73203aca8852442ecf99507fa06128c0ba29a91aa242be705f028f5368

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=366357
alt-svc: h3=":443"; ma=86400
content-length: 359852
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Feb 2024 08:06:46 GMT
server: cloudflare
etag: "a23cfe85369da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dfa78364db6-FRA

GET
H3 200 background-d.jpg
www.mandai.com/content/dam/mandai/test/ 356 KB
356 KB 3383ms
3382ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/test/background-d.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93155145f364262848fc6be02a2a11420db20eaacba6b133e7e5d2c886381081

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=374277
alt-svc: h3=":443"; ma=86400
content-length: 364320
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Feb 2024 08:08:53 GMT
server: cloudflare
etag: "9666ee335469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dfa78374db6-FRA

GET
H3 200 dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=*;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab...
adservice.google.com/ddm/fls/z/ Frame 0493 42 B
63 B 88ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=*;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 12189703.fls.doubleclick.net
URL: https://12189703.fls.doubleclick.net/activityi;dc_pre=CIKawtj31YQDFdHLOwIdHUID8Q;src=12189703;type=invmedia;cat=manda006;ord=832001922738;npa=1;auiddc=492653310.1709394752;u10=%5BDomain%5D;pscdl=noapi;gtm=45fe42t1za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12189703.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jquery.simplePagination.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 6 KB
2 KB 7161ms
7161ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.simplePagination.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dcb5252d9e8512336e041c3e62a9247c2b0a292ba6e9ee4f1b76e0e5fec265

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:09:12 GMT
server: cloudflare
etag: W/"0443d3f5469da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dfa88494db6-FRA

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=108067&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-ha...
https://widget.as.criteo.com/event?a=108067&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-ha...

10 KB
5 KB

939ms
307ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=108067&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=LCOH0l9QQWNEU1BHWTdmOWJ6SkkwNURBbDA0JTJGdkM1Vnl1d29oMmlqTXVCT254TFhOb3RJd21zYSUyQmR2SFV3VGwlMkZvV051OWVDNTI3TFdROHYwZ2J4UERaMUlXRFZKeWRBUjVMVVRmNTJnTkV0ZWdTZ29JclFDenBqMkhac0pMOGF6aURwaHp6WFE0ZmVxbjczblJ4Z1gwRXNDY1ElM0QlM0Q&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=7e186a4c-5abc-448e-825b-0af1f632a62a&dtycbr=24182

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

284bf71facfbd6ae59604bcea79848418e9706c9929b9cdf6d6c2940129ae0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10740259
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.as.criteo.com/event?a=108067&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=LCOH0l9QQWNEU1BHWTdmOWJ6SkkwNURBbDA0JTJGdkM1Vnl1d29oMmlqTXVCT254TFhOb3RJd21zYSUyQmR2SFV3VGwlMkZvV051OWVDNTI3TFdROHYwZ2J4UERaMUlXRFZKeWRBUjVMVVRmNTJnTkV0ZWdTZ29JclFDenBqMkhac0pMOGF6aURwaHp6WFE0ZmVxbjczblJ4Z1gwRXNDY1ElM0QlM0Q&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=7e186a4c-5abc-448e-825b-0af1f632a62a&dtycbr=24182
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12177106
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 ajax-loader.gif
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 3 KB
3 KB 6655ms
6655ms Image
image/gif 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/ajax-loader.gif

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:35 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=4178, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 2592
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Feb 2024 08:11:48 GMT
server: cloudflare
etag: "776409c5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 85e28dfdab8c4db6-FRA

GET
H3 200 mandai-arrow-green-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 6646ms
6646ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa7eae80ef46e2ebb475c8a9fc67b18615e818f1c9f8197b4fb0944c849c789

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:10:00 GMT
server: cloudflare
etag: W/"41971b5c5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dfdbb9d4db6-FRA

GET
H3 200 mandai-arrow-green-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 6646ms
6646ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fea4280e8af070a44f949280e83d086408d3889188f1096b47700e086ce40bf

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 27 Feb 2024 08:11:49 GMT
server: cloudflare
etag: W/"4ffe2a9d5469da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dfdbb9e4db6-FRA

GET
H3 200 header Show response
www.mandai.com/bin/wrs/ 52 B
538 B 6627ms
6627ms XHR
application/json 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/bin/wrs/header

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.mandai.com/en.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
content-encoding: br
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 85e28dfddbb54db6-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 2 KB
666 B 189ms
89ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:29:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 1 KB
537 B 190ms
91ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Spectral

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b98c443a8057a3928030de498bdca44c33b774d6a17515758795acbba874c7d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:52:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 1 KB
507 B 158ms
59ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yrsa

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a4d424a71751fdb3ff0a967e132475941c6b17b469e5b2ec0379f33f26c2d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:52:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 1 KB
557 B 197ms
98ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba00c59fa9c5ca686b38f4d8a5c40816637e5ee1cd26697def2e56fa4a8be788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 757B 8 KB
860 B 190ms
92ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&display=swap

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acd9bc71515d2f6851aa5adc0a3ac9d1b937e9428acd3780e66e1b0667ff7272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:05:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 2 KB
628 B 186ms
87ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:37:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 2 KB
632 B 184ms
85ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:36:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 737 B
452 B 152ms
53ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sanchez

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5ebf1ebad8b61a829cbe6ba7606e5fc065f48e29361eacc238337f982c0b29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:52:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 2 KB
603 B 152ms
53ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cf47ea8985768c9c6480425d9792931ad69674444f109fe0b778031d0b9c093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:18:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 2 KB
623 B 186ms
88ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:37:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 730 B
783 B 147ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7fed33dfee4e3c9a00ff2f8e6901fd520865eaccd9f42657897d53fdd329826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:42:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 1 KB
542 B 148ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

145096f09a54e4d06a26f914e750470a64eb874e0059d0215980a378373122ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:52:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 1 KB
505 B 148ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

129ea3f502ada840bf7841f8499e4f82b752f3c77ce1d3510785c241bb63a7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:32:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 758 B
462 B 150ms
52ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

394474efa0fcb4ae2f64bd842c00e92b9961d311150b4600392c73a50a3e5e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 14:47:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 757B 2 KB
818 B 152ms
55ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.19676251.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9da5021af60ad21941dfa0ba57085436ef111383c7ff9aca07f513ec487db074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:40:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 15:52:36 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-in.com/ Frame 757B 832 KB
165 KB 191ms
73ms Script
text/javascript 2606:4700:3038::6815:ea90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc34228d42ae4a1ef624472cf4282840a1fbbcacf89b519bc457933400a36a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:36 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-vie6382-VIE
last-modified: Fri, 01 Mar 2024 23:19:18 GMT
server: cloudflare
x-timer: S1709335209.300324,VS0,VE71
etag: W/"9ad7440dcf68dec85ec417ae8845bdc06b7b6cd39e27404dc22f13dd55480337-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQybKieA2cGWIm%2F%2BEdhaxbv0FrfOc6VoBQdypKCavWew3J44ol1EQtr6X4MqLOR0YAIOEyN1X01Lv66gumbKV9GADwXMtFFmPdFAMerHPKakO9LEmUQh2dVwEfFHJwrm5HVsyeDQ6btUqDYb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 85e28e0d7e76c2b1-VIE
x-cache-hits: 0

GET
H2 200 sdk-hiKwpyzQp0LCEZ2W Show response
cdn.growthbook.io/api/features/ Frame 757B 407 KB
10 KB 141ms
40ms Fetch
application/json 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-hiKwpyzQp0LCEZ2W
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 238e4ed16038501f32350f04dc3126c48231b2b5a4be1e007b27f526d05e5b22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-sse-support: enabled
date: Sat, 02 Mar 2024 15:52:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 133
x-powered-by: Express
x-cache: HIT, HIT
content-length: 9417
x-served-by: cache-iad-kcgs7200151-IAD, cache-fra-etou8220136-FRA
x-timer: S1709394757.776235,VS0,VE1
etag: W/"65c3d-To+B4ETTzO28ohiqSzexeHZkceI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-sse-support
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges: bytes
x-cache-hits: 146821, 1

GET
H2 200 sdk-hiKwpyzQp0LCEZ2W
cdn.growthbook.io/sub/ Frame 757B 22 B
0 137ms
137ms EventSource
text/event-stream 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-hiKwpyzQp0LCEZ2W
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://app.vouchconcierge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200145-IAD, cache-fra-etou8220136-FRA
date: Sat, 02 Mar 2024 15:52:36 GMT
via: 1.1 varnish, 1.1 varnish
age: 13
x-timer: S1709394757.830003,VS0,VE91
x-powered-by: Express
x-cache: HIT, MISS
content-type: text/event-stream
access-control-allow-origin: *
cache-control: private, no-store
accept-ranges: bytes
x-cache-hits: 7, 0

GET
BLOB 200
OK 7486c90c-1fa8-41e6-a76e-b015278b0fd1
https://app.vouchconcierge.com/ Frame 757B 463 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vouchconcierge.com/7486c90c-1fa8-41e6-a76e-b015278b0fd1
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4c839503feccb0af51b0a7242207dc3a50a56c85f5612dbfbc70fe1378a751f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 474107
Content-Type

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 757B 15 KB
16 KB 153ms
46ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouchconcierge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:53:04 GMT
x-content-type-options: nosniff
age: 370773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:53:04 GMT

GET
H2 200 style Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 757B 22 KB
22 KB 2632ms
2629ms XHR
application/json 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

f077db2448e9afa2327d72ab05f72950c5862e94a7a95c4d23ea2e32bf10c890

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Sat, 02 Mar 2024 15:52:40 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 22075
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"563b-lQrzNdP7SbzZyTr3+Wjx6Jf+s+I"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 style
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 3458ms
3458ms Preflight 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 02 Mar 2024 15:52:37 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 403 / Show response
o412878.ingest.sentry.io/api/6013215/envelope/ Frame 757B 61 B
388 B 1123ms
88ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o412878.ingest.sentry.io/api/6013215/envelope/?sentry_key=b1bb39461ded4ea69691618431dc6229&sentry_version=7

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.vouchconcierge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Mar 2024 15:52:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame EB7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-FJWw89BQHzZIx5Sia8yMUug41ZOinK_y_-ivJg&google_cm&google_hm=ay1GSld3ODlCUUh6Wkl4NVNpYTh5TVV1ZzQxWk9pbktfe...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FJWw89BQHzZIx5Sia8yMUug41ZOinK_y_-ivJg&google_gid=CAESEKh23Lhxdxe834q9sSB7moM&google_cver=1&google_ula=913071,0

43 B
369 B

93ms
92ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FJWw89BQHzZIx5Sia8yMUug41ZOinK_y_-ivJg&google_gid=CAESEKh23Lhxdxe834q9sSB7moM&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 693415
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FJWw89BQHzZIx5Sia8yMUug41ZOinK_y_-ivJg&google_gid=CAESEKh23Lhxdxe834q9sSB7moM&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame EB7B 43 B
235 B 2575ms
49ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vxZjTNBQHzZIx5Sia8yMUug41ZOWi0rx52UrHQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 15:52:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame EB7B
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6033308873677875957

43 B
370 B

50ms
50ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6033308873677875957

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1145081
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:43 GMT
an-x-request-uuid: e8ac0891-743e-44c2-8d7b-475a10ab73a0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6033308873677875957
x-proxy-origin: 80.255.7.104; 80.255.7.104; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame EB7B 53 B
810 B 2710ms
186ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-v7ZncdBQHzZIx5Sia8yMUug41ZP9VdJg9pNPIg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 15:52:43 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Sat, 02 Mar 2024 15:52:43 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame EB7B 0
239 B 2615ms
45ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0aQJQ9BQHzZIx5Sia8yMUug41ZPtWvnYsYMHSw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame EB7B 43 B
163 B 2572ms
48ms Image
image/gif 81.17.55.173
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-qKWamtBQHzZIx5Sia8yMUug41ZPWo1LAopFdKA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame EB7B 0
99 B 3025ms
495ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-A7AGT9BQHzZIx5Sia8yMUug41ZPuO7lsuLBDpQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 54262

GET
H2 200 um
criteo-sync.teads.tv/ Frame EB7B 23 B
163 B 2652ms
87ms Image
image/gif 2.17.0.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-cSE-MtBQHzZIx5Sia8yMUug41ZPF7zKj95LulA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.0.11 Ballerup Municipality, Denmark, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-0-11.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Sat, 02 Mar 2024 15:52:43 GMT
pragma: no-cache
date: Sat, 02 Mar 2024 15:52:43 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame EB7B 37 B
140 B 2572ms
48ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-U8nxOdBQHzZIx5Sia8yMUug41ZNcunw4-DN0hw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
hb.yahoo.net/ Frame EB7B 52 B
315 B 2670ms
86ms Image
image/gif 104.124.11.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-52mIDtBQHzZIx5Sia8yMUug41ZPlV6cRQocHug

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.27 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 02 Mar 2024 15:52:43 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 52
x-mnet-hl2: E
expires: Sat, 02 Mar 2024 15:52:43 GMT

GET
H2 200 pixel
cm.adform.net/ Frame EB7B 43 B
163 B 2570ms
47ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ClKxu9BQHzZIx5Sia8yMUug41ZO65H27privTA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
last-modified: Thu, 11 May 2023 08:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "645cabc9-2b"
content-length: 43
content-type: image/gif

GET sync
visitor.omnitagjs.com/visitor/ Frame EB7B 0
0

GET
H2

200

rum
r.casalemedia.com/ Frame EB7B
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3rBJtBQHzZIx5Sia8yMUug41ZMxv4dkwyTxkQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3rBJtBQHzZIx5Sia8yMUug41ZMxv4dkwyTxkQ&C=1

43 B
322 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-w3rBJtBQHzZIx5Sia8yMUug41ZMxv4dkwyTxkQ&C=1
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWv6EDLyl50upKzNE7fBvCzq3W84FSTcXHST3xzyVJc1fIbscZ4TaVO0xuUBkMlxGME8EQ8wj4i1ox2GcmWXMbdi1SMyWmNeeX53IjQ2r44Ti82UwwCiAzV%2Fo7HWeqKR2yxZ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85e28e38688b450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmESMuvdwc4Xgz1VjUh4WexUcbIh%2Bc0eiU%2Fy7Dno8DU0W5tai9THaVeXHYEkaYrtOuR8my6NcOPMGq%2BY%2Bd9s7u6AMDPjTvzerw3v4hXfxKdTcIMVkCIPWLvTCn1HP0GLMtMa"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-w3rBJtBQHzZIx5Sia8yMUug41ZMxv4dkwyTxkQ&C=1
cache-control: no-cache
cf-ray: 85e28e37ef57450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

ibs:dpid=28645&dpuuid=T97DoLECmxWOTCYjDp2TAqyMnayZpLtB
dpm.demdex.net/ Frame EB7B
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=T97DoLECmxWOTCYjDp2TAqyMnayZpLtB

42 B
718 B

236ms
61ms

Image
image/gif

54.74.69.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=T97DoLECmxWOTCYjDp2TAqyMnayZpLtB

Protocol

Server

54.74.69.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-74-69-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v057-0c06e5a95.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sat, 02 Mar 2024 15:52:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: drMOoXbVSB8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=T97DoLECmxWOTCYjDp2TAqyMnayZpLtB
date: Sat, 02 Mar 2024 15:52:40 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 750290
content-length: 0

GET
H2 200 match
ad.360yield.com/ Frame EB7B 43 B
199 B 190ms
61ms Image
image/gif 52.30.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-tKp2Z9BQHzZIx5Sia8yMUug41ZMoVYKWIR0ktA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.30.150.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-150-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Mar 2024 15:52:43 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame EB7B 42 B
265 B 144ms
52ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-VhA7RdBQHzZIx5Sia8yMUug41ZN-BQd307EJuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:42 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame EB7B 0
885 B 141ms
45ms Image
text/html 52.28.148.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ZJagZtBQHzZIx5Sia8yMUug41ZOPgYEMSTlbtw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.148.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-148-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame EB7B 43 B
423 B 2202ms
426ms Image
image/gif 34.211.216.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-ysxhuNBQHzZIx5Sia8yMUug41ZMWPPh6D14nbw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.216.39 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:45 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame EB7B 0
218 B 513ms
119ms Image
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-lYn15NBQHzZIx5Sia8yMUug41ZNqj-mw2x3toQ&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 15:52:43 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 7d1974c6d160af466b3015d43a93246a
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame EB7B 0
225 B 389ms
42ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-T_UkZtBQHzZIx5Sia8yMUug41ZM6xlosnjU41w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 02 Mar 2024 15:52:42 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame EB7B 0
35 B 157ms
44ms Image
text/plain 54.93.196.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-9b_4sdBQHzZIx5Sia8yMUug41ZPJaSskjR06xw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.196.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-196-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame EB7B 43 B
399 B 422ms
118ms Image
image/gif 2600:1f18:612b:4216:9059:6cd:28f6:515d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-CU4hjNBQHzZIx5Sia8yMUug41ZMQ8yhV5ncHSg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:9059:6cd:28f6:515d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 02 Mar 2024 15:52:43 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame EB7B 43 B
153 B 117ms
34ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-r6G0aNBQHzZIx5Sia8yMUug41ZNJRRxxz9aWaA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Mar 2024 15:52:43 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame EB7B 0
235 B 162ms
62ms Image
text/plain 72.246.169.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-k0_vVdBQHzZIx5Sia8yMUug41ZPS3-UGIhTEWA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.246.169.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Mar 2024 15:52:43 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 01 Mar 2024 15:52:43 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame EB7B 0
38 B 302ms
60ms Image
text/plain 54.73.97.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-KzRqRNBQHzZIx5Sia8yMUug41ZONrJr7Q-rW_Q&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.97.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-97-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame EB7B 0
44 B 159ms
46ms Image
text/plain 3.73.179.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-_jAzO9BQHzZIx5Sia8yMUug41ZPnng8QpNbCMw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.179.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-179-60.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
server: awselb/2.0

GET
H2 200 conversion
cm.teads.tv/v3/ 0
376 B 83ms
83ms Image
text/plain 2.17.0.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=timeSpent10&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=9758&referer=https%3A%2F%2Fwww.mandai.com%2Fen.html&user_session_id=738bd76c-a37b-4505-85c5-8ce32dc096ec
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.0.11 Ballerup Municipality, Denmark, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-0-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"7","priority":"0","deduplication_key":"3418789526","filters":[{"trigger_data_label":["timespent10"],"source_type":["navigation"]}]}],"debug_reporting":true}
cache-control: max-age=0, no-cache, no-store
date: Sat, 02 Mar 2024 15:52:43 GMT
observe-browsing-topics: ?1
content-length: 0
expires: Sat, 02 Mar 2024 15:52:43 GMT

OPTIONS
H2 204 configs
vouch-api.vouchconcierge.com/core/api/v2/widget/ Frame 0
0 252ms
243ms Preflight 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vouch-api.vouchconcierge.com/core/api/v2/widget/configs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
date: Sat, 02 Mar 2024 15:52:43 GMT
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 configs Show response
vouch-api.vouchconcierge.com/core/api/v2/widget/ Frame 757B 38 B
361 B 276ms
276ms XHR
application/json 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vouch-api.vouchconcierge.com/core/api/v2/widget/configs
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4edb8c14ee0fbe88d962c0e767cc71f5afa62b61a7c4141fefd62de0a9dbafe3

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
x-powered-by: Express
etag: W/"26-MTspz4ZSQcWSuGwg7Pi2i5vOSng"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
access-control-allow-credentials: true
content-length: 38

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 757B 16 KB
16 KB 82ms
81ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouchconcierge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:07:03 GMT
x-content-type-options: nosniff
age: 369940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16292
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:07:03 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame EB7B 43 B
1 KB 44ms
44ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-1vS9ctBQHzZIx5Sia8yMUug41ZNwZ5OiUs-IwA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 15:52:43 GMT
an-x-request-uuid: 5d5c8633-5f43-4cd1-a6d3-d8b1852f7ba6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame EB7B
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7-DnNde5GEpz8TGLNEQWyWGe6YfNWyYJ

0
44 B

729ms
602ms

Image
text/plain

34.252.26.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7-DnNde5GEpz8TGLNEQWyWGe6YfNWyYJ
Protocol: H2
Server: 34.252.26.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-26-191.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:43 GMT
server: awselb/2.0

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7-DnNde5GEpz8TGLNEQWyWGe6YfNWyYJ
date: Sat, 02 Mar 2024 15:52:43 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 728639
content-length: 0

GET
H2 200 defaultlang Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 757B 168 B
885 B 301ms
296ms XHR
application/json 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Sat, 02 Mar 2024 15:52:44 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 168
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"a8-ABMHoOoyasvFFdqjZUdfsSlL5hk"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 defaultlang
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 205ms
205ms Preflight 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 02 Mar 2024 15:52:43 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 defaultlang Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 757B 168 B
885 B 285ms
285ms XHR
application/json 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.d1397efa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Sat, 02 Mar 2024 15:52:44 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 168
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"a8-ABMHoOoyasvFFdqjZUdfsSlL5hk"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 defaultlang
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 292ms
292ms Preflight 18.136.152.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.136.152.138 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-136-152-138.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 02 Mar 2024 15:52:44 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 1631504305444.jpeg
files.vouch.sg/files/613afb2ee42545001564fef5/ Frame 757B 10 KB
10 KB 379ms
379ms Image
image/jpeg 18.245.86.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/613afb2ee42545001564fef5/1631504305444.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6de5fcc37139444f3f1d43d5a67dbdd795abb9faed69461dd0d1ab6e946db80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:52:46 GMT
via: 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 03:38:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: "45bddc0c3bf12a11b30d8edc7c8c86a1"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-length: 9967
x-amz-cf-id: AMClW4JNValhlyAAOrej0OJt4-ptOSxzLKukbiesqHRCGmZotAcK1w==

GET empty.html
static.criteo.net/ Frame 6B8E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Unve-NBQHzZIx5Sia8yMUug41ZPUFj8UYDhpFQ

Domain: static.criteo.net
URL: https://static.criteo.net/empty.html

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mandai.com/	1969-12-31 23:59:59	Name: svrid Value: s186
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: TzG2r6KnVsc
.youtube.com/	1970-01-20 23:09:06	Name: VISITOR_INFO1_LIVE Value: jnOthzgUYdI
.mandai.com/	1970-01-20 20:59:30	Name: _gcl_au Value: 1.1.492653310.1709394752
.demdex.net/	1970-01-20 23:09:06	Name: demdex Value: 52390271463480504951040513314243237126
.mandai.com/	1970-01-21 04:18:42	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_identity Value: CiY1MjExMzM4NzE4MDM3NTU3NjU0MTA1MTAzMDU5NjEyMTQwNjYzOVITCKzj9_7fMRABGAEqBElSTDEwAPABrOP3_t8x
.mandai.com/	1970-01-20 18:49:56	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_cluster Value: irl1
.mandai.com/	1970-01-21 04:11:30	Name: AMCV_44243DF7584A9D790A495ECF%40AdobeOrg Value: MCMID\|52113387180375576541051030596121406639
.mandai.com/	1970-01-21 03:35:30	Name: cf_clearance Value: iIVdLjWQ.r507LV3kWAxiCNRy9TJt1WKFMXq_qsf5Ig-1709394751-1.0.1.1-F.RuApHJ1mswOcxRiz_j.IuwIN67WQpPlkcg3IPZW9xGmm4xqPdZR5Ayne.fP4jVA.fzr9dWfweKFHgHJiGA4g
.mandai.com/	1970-01-20 18:49:56	Name: tfpsi Value: 738bd76c-a37b-4505-85c5-8ce32dc096ec
.quantserve.com/	1970-01-21 04:20:09	Name: mc Value: 65e34b40-56e58-92dcf-7c096
.mandai.com/	1970-01-21 04:14:23	Name: __qca Value: P0-116316973-1709394752160
.mandai.com/	1970-01-20 20:59:30	Name: _fbp Value: fb.1.1709394752382.445637153
.doubleclick.net/	1970-01-20 23:09:06	Name: receive-cookie-deprecation Value: 1
.tiktok.com/	1970-01-21 04:11:30	Name: _ttp Value: 2d8fiOSNMakx1ZteP5ShFkSXYPH
.mandai.com/	1970-01-21 04:11:30	Name: _tt_enable_cookie Value: 1
.mandai.com/	1970-01-21 04:11:30	Name: _ttp Value: EI54PbBqcRVzwpERCfwZ0uP5yO_
.doubleclick.net/	1970-01-21 04:11:30	Name: IDE Value: AHWqTUnIrVtp-LOZvi-_DBoQoLvx77YwItxXxQcCZYgk8xME55d0L1y6wULRxsnd7DA
.adform.net/	1970-01-20 19:34:33	Name: C Value: 1
.adnxs.com/	1970-01-21 04:25:54	Name: receive-cookie-deprecation Value: 1
.sojern.com/	1970-01-21 03:35:30	Name: gid Value: CAESEKAlSIKlB9fNXNjuDJ8wBDg
.sojern.com/	1970-01-21 03:35:30	Name: cid Value: f1378960-c65e-2bb8-042e-2b9aa9d463f9#1709337600000
.adform.net/	1970-01-20 20:16:18	Name: uid Value: 7375091438816003704
.yahoo.com/	1970-01-21 03:35:52	Name: A3 Value: d=AQABBEFL42UCECIX2d7kClq7b-EIZ3vIkdAFEgEBAQGc5GXtZeAOyiMA_eMAAA&S=AQAAApQnKljKMfgxDzIqB8Hvng0
.sojern.com/	1970-01-21 03:35:30	Name: adfid Value: 7375091438816003704
.doubleclick.net/	1970-01-20 19:33:06	Name: ar_debug Value: 1
.mandai.com/	1970-01-21 04:25:54	Name: _fwb Value: 80gRVxMAcbvTZIvw6faZcF.1709394753429
www.mandai.com/	1970-01-21 04:25:54	Name: wcs_bt Value: s_4e5eb1ff922a:1709394753
.criteo.com/	1970-01-21 04:11:30	Name: uid Value: 7b83abe8-146b-47e3-a5a2-599f6dd7bef5
.criteo.com/	1970-01-21 04:11:30	Name: receive-cookie-deprecation Value: 1
.mandai.com/	1970-01-21 04:19:18	Name: cto_bundle Value: LCOH0l9QQWNEU1BHWTdmOWJ6SkkwNURBbDA0JTJGdkM1Vnl1d29oMmlqTXVCT254TFhOb3RJd21zYSUyQmR2SFV3VGwlMkZvV051OWVDNTI3TFdROHYwZ2J4UERaMUlXRFZKeWRBUjVMVVRmNTJnTkV0ZWdTZ29JclFDenBqMkhac0pMOGF6aURwaHp6WFE0ZmVxbjczblJ4Z1gwRXNDY1ElM0QlM0Q
.wcs.naver.com/	1970-01-21 04:25:54	Name: NWB Value: 153bdc8501b146e3ef41faed89672910.1709394755893
www.mandai.com/	1969-12-31 23:59:59	Name: renderid Value: rend01
www.mandai.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: node06s67g6nkq8l11tv98qr1vjp60940292.node0
.adnxs.com/	1970-01-20 20:59:30	Name: XANDR_PANID Value: fJOcBiTNU1N2uxn72UJ-i9CUKNHKWt5z42zlvvO-l6Cn1alA6HcgfS5pm0twLp1uzj-_Vni6MtGamxDjZzPNYOCVtaypmNOQj3WWMvrVTZM.
.adnxs.com/	1970-01-20 20:59:30	Name: uuid2 Value: 6033308873677875957
.adnxs.com/	1970-01-20 20:59:30	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C$SrEy]x!]tbPl@/D!9hy6]/Cwi2H+dle%x)11f$-:4hV?AYA+!04z9+g0-vQj6BfwAT)s:??m+Vm]y`y%nugO%v4VB%no`i+Arm1
.dpm.demdex.net/	1970-01-20 23:09:06	Name: dpm Value: 52390271463480504951040513314243237126
.media.net/	1970-01-21 03:35:30	Name: visitor-id Value: 3523963639085605000V10
.media.net/	1970-01-20 19:33:06	Name: data-c-ts Value: 1709394763
.media.net/	1970-01-20 19:33:06	Name: data-c Value: k-v7ZncdBQHzZIx5Sia8yMUug41ZP9VdJg9pNPIg~~3
exchange.mediavine.com/	1970-01-20 19:10:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22e81e79f0-d8ac-11ee-9666-8fd6e36fa26d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 19:10:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22e81e79f0-d8ac-11ee-9666-8fd6e36fa26d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 19:10:04	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22e81e79f0-d8ac-11ee-9666-8fd6e36fa26d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 19:10:04	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22e81e79f0-d8ac-11ee-9666-8fd6e36fa26d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 19:10:04	Name: criteo Value: %7B%22id%22%3A%22k-ZJagZtBQHzZIx5Sia8yMUug41ZOPgYEMSTlbtw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-21 03:35:30	Name: CMID Value: ZeNLS1VbLdMAAHfdAHWyJwAA
.casalemedia.com/	1970-01-20 20:59:30	Name: CMPS Value: 3397
.casalemedia.com/	1970-01-20 20:59:30	Name: CMPRO Value: 3397
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.tremorhub.com/	1970-01-21 03:35:51	Name: tvid Value: 03c94a0be5cc46c19baa28428323e6c5
.tremorhub.com/	1970-01-20 19:33:06	Name: tv_UICR Value: k-CU4hjNBQHzZIx5Sia8yMUug41ZMQ8yhV5ncHSg

87 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.mandai.com/en.html(Line 60) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/428162178859206?v=2.9.148&r=stable&domain=www.mandai.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://o412878.ingest.sentry.io/api/6013215/envelope/?sentry_key=b1bb39461ded4ea69691618431dc6229&sentry_version=7 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandai.com/en.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11432329.fls.doubleclick.net
12189703.fls.doubleclick.net
a.twiago.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
adobedc.demdex.net
adservice.google.com
analytics.tiktok.com
app.vouchconcierge.com
assets.adobedtm.com
beacon.krxd.net
beacon.sojern.com
bpr.vouchconcierge.com
c1.adform.net
cdn.growthbook.io
cdn.lr-in.com
cm.adform.net
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fcmatch.google.com
fcmatch.youtube.com
files.vouch.sg
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
insight.adsrvr.org
jadserve.postrelease.com
js-tag.zemanta.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
o412878.ingest.sentry.io
p.teads.tv
p1.zemanta.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
r.casalemedia.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.yimg.com
s7.addthis.com
secure.quantserve.com
simage2.pubmatic.com
smetrics.mandai.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.sojern.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.teads.tv
tracking-x.com
visitor.omnitagjs.com
vouch-api.vouchconcierge.com
wcs.naver.com
wcs.naver.net
widget.as.criteo.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.mandai.com
www.youtube.com
x.bidswitch.net
static.criteo.net
visitor.omnitagjs.com
104.115.82.8
104.124.11.27
107.178.244.119
110.93.147.30
13.248.245.213
141.226.228.48
142.250.184.230
142.250.185.130
142.250.186.166
142.250.186.66
15.197.193.217
151.101.129.91
172.64.151.101
178.250.1.9
18.136.152.138
18.245.86.11
18.66.122.117
182.161.74.16
198.47.127.205
2.17.0.11
2.17.190.170
2.19.100.4
212.82.100.181
23.63.84.152
2600:1f18:612b:4216:9059:6cd:28f6:515d
2600:9000:223c:7600:6:44e3:f8c0:93a1
2606:4700:10::ac43:247d
2606:4700:3038::6815:ea90
2606:4700::6812:6004
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1288:80:807::1
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:591::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.73.179.60
34.117.157.22
34.120.195.249
34.211.216.39
34.252.26.191
35.214.149.91
35.244.188.9
37.157.5.84
37.157.6.243
37.252.173.215
45.8.157.123
52.28.148.212
52.30.150.129
54.73.97.67
54.74.69.97
54.93.196.121
63.140.62.17
64.202.112.159
69.173.144.165
72.246.169.205
81.17.55.173
85.215.5.31
95.101.148.20
009baddfae2833cb82a49f6daff42d6c657c7aa4887746fdcd618e422245c5ea
010d72978e7348dcf5e054225ba09b71142f6a221e8084225738e99060ce37f9
0135f22780f6e4558f5b4c0723b00aa5b83224d78565daa4ef155f2ca6f5b153
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d
074fd3612c1f7027fdf59e1ac28df93d9e9319f09a5294f0cf0512abeee3ae54
099040eb47363eec5e39db282c36658387ce5310e2bb24544d7b56051e2138b6
0a4bee997fb047efa04e748c15937d8cdd1221a0ba420fb0153dbca2dc4e8fd7
0a8f1934beae71be11ac02309674df7b612b5884928c43b22229ba10ccd1cc91
0b045b70ae477fed438b0646acb38278f1663a8d2301fb1799f258e996587851
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7c453ef6eed5a125e6c0d9e1b5bd911bcf5a974c00ecff2427d385e78d0afc
0d31cf1561041c9811ed464bb9219b61e144ebd6881e685aadb637a930637dbc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efbb8a41ea63440302911633154f0909706810e20d18d8432bc9ffb3db4aef4
0fa7eae80ef46e2ebb475c8a9fc67b18615e818f1c9f8197b4fb0944c849c789
0fc57c32c87c2cf440821e05e04701a71000cba21ef62c9b5a0f966928de369c
10d8abd81c527bee64e0d0a578121060cf3734f00454e9c8f259a6c0b79dd5f5
110973afe37ac008e0b5da625081cbdbe0da67ee31159d507bdd3f836c570b1e
11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
122a021739d8a07cc9dd484bc5d8b24aafe2bf57772e117affbdaeb5f39ee071
129ea3f502ada840bf7841f8499e4f82b752f3c77ce1d3510785c241bb63a7c7
12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e
145096f09a54e4d06a26f914e750470a64eb874e0059d0215980a378373122ee
14b7d740d01bfd407dd850b0fb2110c294bb9733cc8fed31a86bc26bddbb180a
16a6bd73203aca8852442ecf99507fa06128c0ba29a91aa242be705f028f5368
1a461faa9da67cc30ed1e8fe5367bd7b3a20ff12638c13a533c58ef18d72cb12
1da514f1eb04caea4c0f2f883f4b189fbf699ac9958da413be7e1d4f19fface3
1fea4280e8af070a44f949280e83d086408d3889188f1096b47700e086ce40bf
200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc
238e4ed16038501f32350f04dc3126c48231b2b5a4be1e007b27f526d05e5b22
24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2
27223cc2abb21d5a348ec67ac0bfce286bd77e103e2288d498b8b048cb9da858
284bf71facfbd6ae59604bcea79848418e9706c9929b9cdf6d6c2940129ae0d9
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3326e61fd69bdd39b71b359ce95168787a017ea0249dffcad5defa31c16aabdc
394474efa0fcb4ae2f64bd842c00e92b9961d311150b4600392c73a50a3e5e6b
3b628f4d6ec810c1fc5b51ca0a7924a5e447760f5835223f6b7b5600e968a412
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d645043d620f67f7fbd869ace474b4909374c521f94938bcabf84fa1b2fb6c9
3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14
4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
492b333512ad9eec456bb5f14ba2e164019a4d61973ca71f830fffe3aa0f1fa9
49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265
4a1d296c535560ec04536aabeec30f421864841b7d68fcece7ecc043b21b5e18
4ad13d34a45356e68d3a6c7969fc7ab9d4d5dc27c43aa8f101fec2b1ac588092
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edb8c14ee0fbe88d962c0e767cc71f5afa62b61a7c4141fefd62de0a9dbafe3
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554897823e2d49ec098fb07b1e040e16134b9c446857f5484b403397bc47d9cc
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4
59dcb5252d9e8512336e041c3e62a9247c2b0a292ba6e9ee4f1b76e0e5fec265
5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7
5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
6436400d015db6bcbf0dcce1cf4d6fc77e7c7de93dff3ff78e54a51c747ea22e
64729bab868cdce99817edb01de817763a58dd4b7752f691ad354a390e54e892
67c8277777108aa344afbfbc101411955839b86c3034493b93605a4253c7fb1d
69b5ac9bcf2ca14c474bad85bd5c97abc2d8ace612485dae632d3133e796236b
6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35
6bebb8541a7244770e022d529052759c244f52e6935ce74bb6819753ffba7fb8
6d6c35ac1b3b06c085eb2c72894a4973fe618f1f68dbd075c29eba7a116b3d57
6de5fcc37139444f3f1d43d5a67dbdd795abb9faed69461dd0d1ab6e946db80b
70d0e69bced02a7940b5f34440fa8d81c33288b27c885eb90120890174768174
7518af32493bd599ef8f7f796d5addad2049d4ddb25a066baac64a57ea30f31f
7bd03851e3e84926fcf32756e7275aeec02d6f2bc9bf8292a2f7bb42cbfeab83
7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
81ae63d2a08d0bb0b01b3ef0d31bad46db06b63de0f455fd75132b4e57f50169
8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5
8344b30c4f0eb1c6f29e7515183b8d91e55f80563104c8f15b6d156217091f00
85833ef60a138b4ea9b905b53079cb8cc62ff61d8d0fde44048ed7491f980a8b
8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f
88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4d424a71751fdb3ff0a967e132475941c6b17b469e5b2ec0379f33f26c2d32
8cf47ea8985768c9c6480425d9792931ad69674444f109fe0b778031d0b9c093
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8707256a20f6114f709cd414a22c6d2f8544c2ab3a9fa990dc2becd7fd8e37
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
93155145f364262848fc6be02a2a11420db20eaacba6b133e7e5d2c886381081
934fc6076f28f6c1704ae83fb5c57b4c339b1bfb9877bf0edd619fadf3f53d68
98864f99158f4f333e0ff446673f165f585185b93ae1c191aad370f96ff6a249
9af3841dc499956b7d3d3901729b8c559bdf3ed66f330223c34c45c5239338cb
9c3a2e32273364c535dea0f502a5de525fa9af1ecab9b3f855b534442f4ad264
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
9da5021af60ad21941dfa0ba57085436ef111383c7ff9aca07f513ec487db074
9ddb3586e77b12ae5d28c7fd8e290ec0b87eab490db78089f82b463d89bc5880
9df2ebf3a9633ac9fa0f83e21c35b2677dc37712a6d94989cd1085cd6bbd49f8
9e6ba8a1b52632276b87ea047f596c8e6e79d089f41b0b7e39e49dc24c78e5f0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2074c9401cd07a01c79cdae18b7be41091c4d7dbb7ca7240265f7047f11f680
a2c1dd01db85a00fb60520dce8e9fbce9e80ef72b602a6750689fe606fb626e8
a39d168db13e4849157fe4a52082eff9c45c9fd24dc78146c2cf521ed0698089
a58c79fa74a3e79bf64f2745f5cbaa2a3c6fe4980686bf040048cb09decc9f2e
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a78cf06af1ef30e7927154ca4ec96e83d4f55731479f293140a611d6b71671ae
a96d8fb75c57238505a06aec235ced6e2e41eaaf13e88c7a043199fcc11e34b8
ab35edd0c3aff59ced3feb3d2a05e644b2f5002a2e99b51faef9aa38c987d553
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
acd9bc71515d2f6851aa5adc0a3ac9d1b937e9428acd3780e66e1b0667ff7272
ae1cfb6fc2593917e930c60f295bb094e86fed22417e34141fa1e62942df2626
afc34228d42ae4a1ef624472cf4282840a1fbbcacf89b519bc457933400a36a8
b0f018e0221a02cbcec5491cfe24821e8b754a8f8247515d7976cce362c8aae9
b0f0c16d0ce5e099475f0c1638cc44098cd6f6874d2acea07b44b7559e3084d9
b1228dcc9ae2c01d31fb43e531c1f73923d994a751ba7a63da63cac8c755e7ca
b1412b06ee170a306a479f9cc099bb9a64cd6271ff88a2f90a860fa34472837d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2edc21754409f966994ef527c1f62f80126fcd7ae38c69b36f05f4c14211a64
b35d72382942c6421be18314f91925ca5baabc9264ce340d1e7e00edbc1dfdc3
b4fb3b13be048db12d4cec890dff35f4ede9453d2635d562272a651056377e7d
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3
b8c95880c191331a9fd82216001770860fff83dcd5d9a94af99602adb2f75d8b
b98c443a8057a3928030de498bdca44c33b774d6a17515758795acbba874c7d7
b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7
ba00c59fa9c5ca686b38f4d8a5c40816637e5ee1cd26697def2e56fa4a8be788
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb238435f872fc9384b0df1fb07281b344f70944b2412e9eae94971b0037c9ca
bd214cbbd07651ab44ce865921f0e073c0d2ff43532660fd9ba49d4596a5d8d9
bfcc0770f8316dd669e39b35e58cb473932be8016104b2eb66fede93d54e9773
c4c839503feccb0af51b0a7242207dc3a50a56c85f5612dbfbc70fe1378a751f
c5f34e29ea4cba890b6175a5a447cf3ccc4596cc8642daf72af0e666b43536a4
ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899
cb749862a50b4348496cc822f59db8e7101e17dd01773220dcc3662e2bab7c30
ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2
cfa33266a8b7bc1c4e2cdfd0ac436789f575a6c44e526646fc2641b1d01e8689
d26d5391c3fd298af377388f1537f4e694f8b79977f658cb5d4e72dbdf19d603
d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12
d5ebf1ebad8b61a829cbe6ba7606e5fc065f48e29361eacc238337f982c0b29e
d7fed33dfee4e3c9a00ff2f8e6901fd520865eaccd9f42657897d53fdd329826
d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18
dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb
dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2
de5e6592a18cc4a6526bf9d8d0f65eecee8ff7dde49150bd6a153df21a105972
dec3ee94015ab8995b08dc529e22919863b5c0ff68e43b0e3df390fb9f7c3f2a
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e2e062a4a89be393c213cd93bea92644711020ae93ce1792fc5d670c271f981d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40481e4aa5d96e37e9885cc02aa9890fb3dab77ace78416d43aca2645ec7610
e77de65c6d493bb9e0baeba170afd33b4b271c9a0831b0e6877880352c8a0a7f
e9b53441ece740f3f0e8bf0945450ea7f5b2ca69ced69663d5a45a647ab49d67
eda56a0d5d8ffee73e861000b48c5a110cf86104352fa038af0005a6813ffe39
eee2b61ff2865982043bda6b4edf23dadb065aa4124290c04089c34e04fb215f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f077db2448e9afa2327d72ab05f72950c5862e94a7a95c4d23ea2e32bf10c890
f25549cf31a55882533bfaf8a9ada58770b8de823e08e7b2f7fb3f4958f82ba2
f3706655a25be6fc26f693cf0943ef757c3ca779f992deba75e17542ef48cb91
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f90de736f6ff83da489522cee313c012ce3309322e062293f92680c64489f151
fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.mandai.com Open in urlscan Pro 2606:4700::6812:6004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

92 %HTTPS

33 %IPv6

57 Domains

83 Subdomains

65 IPs

10 Countries

11770 kBTransfer

18014 kBSize

52 Cookies

16 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandai.com Open in urlscan Pro
2606:4700::6812:6004 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

92 %
HTTPS

33 %
IPv6

57
Domains

83
Subdomains

65
IPs

10
Countries

11770 kB
Transfer

18014 kB
Size

52
Cookies

206 HTTP transactions
4 data transactions