www.mandai.com Open in urlscan Pro
2606:4700::6812:6004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.mandai.com/
Effective URL:
https://www.mandai.com/en.html
Submission: On October 20 via api (October 20th 2023, 9:14:53 am UTC) from US — Scanned from DE

Summary HTTP 214 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 68 IPs in 10 countries across 55 domains to perform 214 HTTP transactions. The main IP is 2606:4700::6812:6004, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandai.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 21st 2023. Valid for: a year.

This is the only time www.mandai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 75	2606:4700::68... 2606:4700::6812:6004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:480... 2a02:26f0:480:980::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	23.215.20.4 23.215.20.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
7	18.66.122.117 18.66.122.117	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	23.212.205.62 23.212.205.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 5	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
3	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	23.53.43.185 23.53.43.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	110.93.147.30 110.93.147.30	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223c:fe00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.140.62.164 63.140.62.164	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:247d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3 3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3 4	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
10	54.151.167.37 54.151.167.37	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.26 18.66.97.26	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:ea91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	18.158.5.115 18.158.5.115	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	63.34.140.194 63.34.140.194	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.211.144.29 52.211.144.29	16509 (AMAZON-02) (AMAZON-02)
1	52.48.146.251 52.48.146.251	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.193.87.68 18.193.87.68	16509 (AMAZON-02) (AMAZON-02)
1	54.149.47.18 54.149.47.18	() ()
1	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.69.99.248 3.69.99.248	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:24b1:82d2:577f:c7f2	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.255.244.27 34.255.244.27	16509 (AMAZON-02) (AMAZON-02)
1	52.59.106.121 52.59.106.121	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	52.210.15.67 52.210.15.67	16509 (AMAZON-02) (AMAZON-02)
1	3.136.99.86 3.136.99.86	() ()
1	34.120.195.249 34.120.195.249	() ()
214	68

75 2606:4700::6812:6004 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:980::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.20.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-20-4.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.122.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-117.fra60.r.cloudfront.net

app.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.205.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-205-62.deploy.static.akamaitechnologies.com

wcs.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

11432329.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.53.43.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-185.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.93.147.30 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

wcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:fe00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-164.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:247d (United States)

ASN13335 (CLOUDFLARENET, US)

js-tag.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.151.167.37 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

bpr.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vouch-api.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-26.fra56.r.cloudfront.net

files.vouch.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea91 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.91 (United States)

ASN54113 (FASTLY, US)

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.5.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-5-115.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.140.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-140-194.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.144.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-144-29.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.146.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-146-251.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.87.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-87-68.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.149.47.18 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.99.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-99-248.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:24b1:82d2:577f:c7f2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.244.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.106.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-106-121.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.15.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-67.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.136.99.86 (None, )

ASN- ()

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (None, )

ASN- ()

o412878.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	mandai.com 2 redirects www.mandai.com	7 MB
17	vouchconcierge.com app.vouchconcierge.com — Cisco Umbrella Rank: 516864 bpr.vouchconcierge.com — Cisco Umbrella Rank: 772516 vouch-api.vouchconcierge.com	4 MB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	9 KB
15	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	154 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4198 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 widget.as.criteo.com — Cisco Umbrella Rank: 53033 dis.criteo.com — Cisco Umbrella Rank: 648	34 KB
11	doubleclick.net 8 redirects 11432329.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 ad.doubleclick.net — Cisco Umbrella Rank: 173 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	6 KB
8	sojern.com static.sojern.com — Cisco Umbrella Rank: 15161 beacon.sojern.com — Cisco Umbrella Rank: 6176 pixel.sojern.com — Cisco Umbrella Rank: 8495	37 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118 fcmatch.google.com — Cisco Umbrella Rank: 4031	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	3 KB
4	teads.tv p.teads.tv — Cisco Umbrella Rank: 6335 cm.teads.tv — Cisco Umbrella Rank: 5596 t.teads.tv — Cisco Umbrella Rank: 3060 criteo-sync.teads.tv — Cisco Umbrella Rank: 2637	8 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 468	99 KB
3	vouch.sg files.vouch.sg	12 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1448 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	772 B
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643 cm.adform.net — Cisco Umbrella Rank: 1279	1 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	218 KB
3	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 6147 adservice.google.de — Cisco Umbrella Rank: 13042	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	227 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 85 fcmatch.youtube.com — Cisco Umbrella Rank: 4036	69 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1837	1 KB
2	growthbook.io cdn.growthbook.io — Cisco Umbrella Rank: 10130	5 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 687	7 KB
2	zemanta.com js-tag.zemanta.com — Cisco Umbrella Rank: 27624 p1.zemanta.com — Cisco Umbrella Rank: 17480	4 KB
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 665 match.adsrvr.org — Cisco Umbrella Rank: 402	297 B
2	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 8306 dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	216 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1348 pixel.quantserve.com — Cisco Umbrella Rank: 1147	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	90 KB
1	sentry.io o412878.ingest.sentry.io	600 B
1	thebrighttag.com s.thebrighttag.com	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2433	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2848	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33274	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2985	399 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	581 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 900	145 B
1	postrelease.com jadserve.postrelease.com	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1304	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10624	274 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 761	199 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 773	384 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	140 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1598	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	114 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 409	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 780	785 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	lr-in.com cdn.lr-in.com — Cisco Umbrella Rank: 19069	163 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1263	6 KB
1	naver.com wcs.naver.com — Cisco Umbrella Rank: 27781	628 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	naver.net wcs.naver.net — Cisco Umbrella Rank: 26424	7 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3381	361 B
214	55

	Domain	Requested by
75	www.mandai.com	2 redirects www.mandai.com
15	fonts.googleapis.com	app.vouchconcierge.com
15	analytics.tiktok.com	www.mandai.com analytics.tiktok.com
8	bpr.vouchconcierge.com	app.vouchconcierge.com
7	app.vouchconcierge.com	www.mandai.com app.vouchconcierge.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	11432329.fls.doubleclick.net	2 redirects www.googletagmanager.com adservice.google.com
4	ib.adnxs.com	3 redirects
4	static.sojern.com	11432329.fls.doubleclick.net static.sojern.com
4	assets.adobedtm.com	www.mandai.com assets.adobedtm.com
3	files.vouch.sg	www.mandai.com
3	pixel.sojern.com	static.sojern.com
3	cm.g.doubleclick.net	3 redirects
3	adservice.google.com	11432329.fls.doubleclick.net static.sojern.com
3	www.googletagmanager.com	www.mandai.com assets.adobedtm.com www.googletagmanager.com
2	vouch-api.vouchconcierge.com	app.vouchconcierge.com
2	fonts.gstatic.com	fonts.googleapis.com
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	cdn.growthbook.io	app.vouchconcierge.com
2	c1.adform.net	2 redirects
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	11432329.fls.doubleclick.net s.yimg.com
2	adservice.google.de	1 redirects adservice.google.com
2	www.facebook.com	www.mandai.com
2	connect.facebook.net	www.mandai.com connect.facebook.net
2	www.google.com	1 redirects www.mandai.com
2	www.youtube.com	www.mandai.com www.youtube.com
1	o412878.ingest.sentry.io	app.vouchconcierge.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	dpm.demdex.net
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cdn.lr-in.com	app.vouchconcierge.com
1	sp.analytics.yahoo.com	11432329.fls.doubleclick.net
1	match.adsrvr.org	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	beacon.sojern.com	static.sojern.com
1	p1.zemanta.com	11432329.fls.doubleclick.net
1	js-tag.zemanta.com	11432329.fls.doubleclick.net
1	insight.adsrvr.org	11432329.fls.doubleclick.net
1	widget.as.criteo.com	www.mandai.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	www.mandai.com
1	pixel.quantserve.com	www.mandai.com
1	adobedc.demdex.net	assets.adobedtm.com
1	www.gstatic.com	www.google.com
1	www.google.de	www.mandai.com
1	googleads.g.doubleclick.net	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	t.teads.tv	www.mandai.com
1	wcs.naver.com	wcs.naver.net
1	cm.teads.tv	p.teads.tv
1	dynamic.criteo.com	www.googletagmanager.com
1	secure.quantserve.com	www.mandai.com
1	p.teads.tv	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	wcs.naver.net	www.googletagmanager.com
1	s7.addthis.com	www.mandai.com
214	81

This site contains links to these domains. Also see Links.

Domain
members.mandai.com
rangerbuddies.mandai.com
www.instagram.com
www.facebook.com
www.tiktok.com
www.youtube.com
twitter.com
weibo.com
v.douyin.com

Subject Issuer	Validity	Valid
*.mandai.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-21` - `2024-08-20`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
vouchconcierge.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
ssl.pstatic.net GeoTrust RSA CA 2018	`2023-08-01` - `2024-08-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-29` - `2023-10-27`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
wcs.naver.com GeoTrust RSA CA 2018	`2023-08-01` - `2024-08-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-11-15`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.vouchconcierge.com Amazon RSA 2048 M01	`2023-07-01` - `2024-07-29`	a year	crt.sh
files.vouch.sg Amazon RSA 2048 M03	`2023-08-26` - `2024-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
lr-in.com E1	`2023-09-14` - `2023-12-13`	3 months	crt.sh
cdn.growthbook.io R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.mandai.com/en.html
Frame ID: 9D28E6F44168657BD61D1DBF32242BB5
Requests: 123 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 1BD63865C38CEAC5E4FD173DF2A8B93C
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 0B22EC3677284BB2F11901C4D9ADBF80
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 2D7D1F20209EE8ADCC19729B9BE11C7A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 94F0148BDBBBDCE2320AB2AF458F6DC3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.mandai.com&origin=onetag
Frame ID: 2FB22882D179E5CD30690572A6FCB2E0
Requests: 2 HTTP requests in this frame

Frame: https://www.mandai.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: 3B8566D5DFA2214CC9EB9AE269744490
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 01198BE8E7C8F70844C56D8B0A94A4C1
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: E49BA683F1E7629260A2138CAFE074ED
Requests: 8 HTTP requests in this frame

Frame: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: 5ECE6B4E52FBEB884AA6B1D3E1CD0860
Requests: 10 HTTP requests in this frame

Frame: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 8A68488BA3D8400B6199FDBEC955AC68
Requests: 32 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mV3OuGHZpAHm_TuJq4YIi2yUs-mgocnjJG21Kg&google_gid=CAESEBetdIgWSGfK5CTqKhE89W8&google_cver=1&google_ula=913071,0
Frame ID: B183FEA6007D41D7E1974D6C5A0C07CF
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mandai Wildlife Reserve | Singapore's Best Wildlife Experience

Page URL History Show full URLs

http://www.mandai.com/ HTTP 301
https://www.mandai.com/en.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

214
Requests

93 %
HTTPS

33 %
IPv6

55
Domains

81
Subdomains

68
IPs

10
Countries

12900 kB
Transfer

18529 kB
Size

51
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://members.mandai.com/login.html
Title: Member's login

Search URL Search Domain Scan URL

URL: https://rangerbuddies.mandai.com/
Title: Nurture your child into an conservation hero

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CGAnH8CHjTT/
Title: @jenicool23

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CsTy7H3p8hi/
Title: @krsnik.of.rivia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CL6wCHynI9v/
Title: @dianeeng

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CMikdPDAcIq/
Title: @gt.pics_

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CLEzFLqlVdD/
Title: @kailins.jpg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CsdwvziSPec/
Title: @chryseis_julien

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CEWC9S9HhtX/
Title: @axixe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MandaiWildlifeReserve/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mandaiwildlifereserve/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@mandaiwildlifereserve

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/MandaiWildlifeReserve

Search URL Search Domain Scan URL

URL: https://twitter.com/MandaiWildlife

Search URL Search Domain Scan URL

URL: https://weibo.com/SingaporeZoo

Search URL Search Domain Scan URL

URL: https://v.douyin.com/eRGaovr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.mandai.com/ HTTP 301
https://www.mandai.com/en.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 43

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 57

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1754038974.1697793275&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-kQyZamKNdeU7_UPhbaBwAw&sscte=1&crd=&eitems=ChEI8MrIqQYQ6ov78_z9q5uvARIdAIdnF7yrwkuHJUWewPu9CfM0AwDEGtjs05z5iGE&pscrd=Ek9DaEVJOE1ySXFRWVEtOG1UM0pMbjFfWHZBUkltQUM0d2VVdjVSN1k2VlNMcjBpOXl1RjFDd0t3U1Zyako5MzhBRGpMVVZJdG5WdnBUUk1FGlpDaEVJOE1ySXFRWVFxZDZKbXJtQXNyaXBBUkl1QUdtUTkwT005UW5HUEVRd2pWcGxSdGNwYk14eHJnRWhtMXVMSjFYR0pUZmtYYndMQmlIdzY1elVPLS1jbGciEwip77PopISCAxVXyrsIHQVbAMg HTTP 302
https://www.google.com/pagead/1p-conversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1754038974.1697793275&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1ySXFRWVEtOG1UM0pMbjFfWHZBUkltQUM0d2VVdjVSN1k2VlNMcjBpOXl1RjFDd0t3U1Zyako5MzhBRGpMVVZJdG5WdnBUUk1FGlpDaEVJOE1ySXFRWVFxZDZKbXJtQXNyaXBBUkl1QUdtUTkwT005UW5HUEVRd2pWcGxSdGNwYk14eHJnRWhtMXVMSjFYR0pUZmtYYndMQmlIdzY1elVPLS1jbGciEwip77PopISCAxVXyrsIHQVbAMg&is_vtc=1&ocp_id=-kQyZamKNdeU7_UPhbaBwAw&cid=CAQSKQDICaaNOOVSogSYCEYGJ6H7NMgv3c3ztue8dvwTc_wLwQWakkVOLAAu&eitems=ChEI8MrIqQYQ6ov78_z9q5uvARIdAIdnF7wGT-pCbNzSz3l7huP6Od39tBVerDGGhXw&random=53964543 HTTP 302
https://www.google.de/pagead/1p-conversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1754038974.1697793275&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1ySXFRWVEtOG1UM0pMbjFfWHZBUkltQUM0d2VVdjVSN1k2VlNMcjBpOXl1RjFDd0t3U1Zyako5MzhBRGpMVVZJdG5WdnBUUk1FGlpDaEVJOE1ySXFRWVFxZDZKbXJtQXNyaXBBUkl1QUdtUTkwT005UW5HUEVRd2pWcGxSdGNwYk14eHJnRWhtMXVMSjFYR0pUZmtYYndMQmlIdzY1elVPLS1jbGciEwip77PopISCAxVXyrsIHQVbAMg&is_vtc=1&ocp_id=-kQyZamKNdeU7_UPhbaBwAw&cid=CAQSKQDICaaNOOVSogSYCEYGJ6H7NMgv3c3ztue8dvwTc_wLwQWakkVOLAAu&eitems=ChEI8MrIqQYQ6ov78_z9q5uvARIdAIdnF7wGT-pCbNzSz3l7huP6Od39tBVerDGGhXw&random=53964543&ipr=y

Request Chain 68

https://www.mandai.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.mandai.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Request Chain 71

https://gum.criteo.com/sid/json?origin=onetag&domain=mandai.com&sn=ChromeSyncframe&so=0&topUrl=www.mandai.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=t-e7EXxXNzdNekltdUNDZHJJalFheDIzQ2IxaVI4WHc1a051K3NBdnd2bENBU0thVDg3T0ZWQnRRT2hDRDNiTXE1Tk92cWFuSFYyOXROekFvUTlacHFrK2tBWjVWNWNVTWw0dm1wVWRHdytRc05rTzlEREFhY1pKU2Z3VFlhM0ZTelF5RDB1cU0wU0dWWFA1dk90aytnMmRyOGN6cFJJRHZ1TWhZcWJXZVlZS1dzM1A3cVJWTGlOQUo3TGVmbmczK1RmOGZzSVJxTFQ1d3dycDk4UzdKUDdKcmpEQk0vUGRDN3pXVEJFWk41OTFhdkkvVm91QVBQUnA3NEQydzF2MlJmci9OK3VIdVczOHZFenhwNzhzaWVZaW9uQT09fA&cppv=2

Request Chain 85

https://adservice.google.de/ddm/fls/i/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 86

https://sslwidget.criteo.com/event?a=108067&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=7PGrgl9qeCUyQmQlMkJPbmpqWnpHJTJCVHBsampydzJnN0F4T3F0NTVyMlJKRDRNJTJCZnFLQzJ1M0N2ZiUyQld5dUVlVHNqU1B3WTFuUTR5T1NBREdOd25nVDB6NCUyRmFnMUZhTnF0VmJ3JTJCUHhCQUFlbDRDTWpIYnN6WiUyRnI0ZE9tWkhkRTNlSGdJbW9ESExYQWoyY0k4VzZmeU15b0RZT01iNlZRJTNEJTNE&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=de8fce04-8882-4fd7-b04b-3286aae89e03&dtycbr=70673 HTTP 302
https://widget.as.criteo.com/event?a=108067&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=7PGrgl9qeCUyQmQlMkJPbmpqWnpHJTJCVHBsampydzJnN0F4T3F0NTVyMlJKRDRNJTJCZnFLQzJ1M0N2ZiUyQld5dUVlVHNqU1B3WTFuUTR5T1NBREdOd25nVDB6NCUyRmFnMUZhTnF0VmJ3JTJCUHhCQUFlbDRDTWpIYnN6WiUyRnI0ZE9tWkhkRTNlSGdJbW9ESExYQWoyY0k4VzZmeU15b0RZT01iNlZRJTNEJTNE&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=de8fce04-8882-4fd7-b04b-3286aae89e03&dtycbr=70673

Request Chain 99

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=COvFlOmkhIIDFaoOogMdZD4O3w;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COvFlOmkhIIDFaoOogMdZD4O3w;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=lGYm2g-kCu-b2KBAWqAk-g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM&sjrn_ula=7361855079 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM&sjrn_ula=7361855079&google_gid=CAESEI0Ez0dC8ChI7Qv2Zy9P4Jw&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_hm=lGYm2g-kCu-b2KBAWqAk-g&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopU3OrdAvF4mMgZPmK_3CTG64tyUuiDqRHAd05Naiee8NIyLq6TE_Q9k8twpQoNcVm5eJHsR-wb4Fq6rYWvbue5uYhsCH916-Z-FoW46CQIUARzWAc HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopU3OrdAvF4mMgZPmK_3CTG64tyUuiDqRHAd05Naiee8NIyLq6TE_Q9k8twpQoNcVm5eJHsR-wb4Fq6rYWvbue5uYhsCH916-Z-FoW46CQIUARzWAc

Request Chain 102

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DXiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM HTTP 302
https://pixel.sojern.com/idsync/apn?id=1432847696766110155&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM

Request Chain 104

https://c1.adform.net/serving/cookie/match?cid=946626da-0fa4-0aef-9bd8-a0405aa024fa&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=946626da-0fa4-0aef-9bd8-a0405aa024fa&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=2217950860191276270&cid=946626da-0fa4-0aef-9bd8-a0405aa024fa

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mV3OuGHZpAHm_TuJq4YIi2yUs-mgocnjJG21Kg&google_cm&google_hm=ay1tVjNPdUdIWnBBSG1fVHVKcTRZSWkyeVVzLW1nb2NuakpHMjFLZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mV3OuGHZpAHm_TuJq4YIi2yUs-mgocnjJG21Kg&google_gid=CAESEBetdIgWSGfK5CTqKhE89W8&google_cver=1&google_ula=913071,0

Request Chain 176

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1432847696766110155

Request Chain 186

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WF6_DWHZpAHm_TuJq4YIi2yUs-mJ9-4lUk-Nzw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WF6_DWHZpAHm_TuJq4YIi2yUs-mJ9-4lUk-Nzw&C=1

Request Chain 187

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eAyN-0rq1HA5-jIj-akOVTCml-46P-kr

Request Chain 205

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pQ0KGL_GWi6n3oehtRe3RzrKjaRVdnfx

Request Chain 206

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XBE1RnmzD3EBbCL8Azhiys8yjZYwJTfR

214 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en.html Show response
www.mandai.com/
Redirect Chain

http://www.mandai.com/
https://www.mandai.com/en.html

60 KB
11 KB

739ms
706ms

Document
text/html

2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77fb75a758288d7e7f8a20c64a77a0a0234894c9f54845b3e4b9f61b400f7a0

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: EXPIRED
cf-ray: 819026a19ffc913c-FRA
content-encoding: br
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
content-type: text/html
date: Fri, 20 Oct 2023 09:14:30 GMT
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
last-modified: Fri, 20 Oct 2023 08:51:30 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 819026a0fc1490d6-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 20 Oct 2023 09:14:29 GMT
Expires: Fri, 20 Oct 2023 10:14:29 GMT
Location: https://www.mandai.com/en.html
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
www.mandai.com/etc/designs/wrs/ 333 KB
48 KB 3419ms
3417ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa4822ab967e2a84dac962912a9b115d49e81a13268eb4ba0051906270813ba

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=348335
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Thu, 19 Oct 2023 10:55:12 GMT
server: cloudflare
etag: W/"068bfbb7a2da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a74825913c-FRA

GET
H2 200 fontawesome-webfont.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 3371ms
3369ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fontawesome-webfont.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:20 GMT
server: cloudflare
etag: W/"2b72f98f762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a7482d913c-FRA

GET
H2 200 fa-solid-900.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 169 KB
169 KB 3416ms
3413ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-solid-900.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:26:06 GMT
server: cloudflare
etag: W/"bc711cab762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a7482f913c-FRA

GET
H2 200 MandaiValueSerif-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 34 KB
34 KB 3415ms
3412ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 34992
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:31 GMT
server: cloudflare
etag: "54643296762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026a74833913c-FRA

GET
H2 200 MandaiValueSerif-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 36 KB
37 KB 3421ms
3418ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 37368
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:33:52 GMT
server: cloudflare
etag: "1be1ddc0772da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026a74836913c-FRA

GET
H2 200 Halant-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 3419ms
3417ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Halant-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 98116
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:49:44 GMT
server: cloudflare
etag: "602e8af8792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026a75849913c-FRA

GET
H2 200 Vollkorn.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 111 KB
111 KB 3421ms
3419ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Vollkorn.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 113280
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:59:25 GMT
server: cloudflare
etag: "7a17aa527b2da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026a7584b913c-FRA

GET
H2 200 Georgia.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 61 KB
61 KB 3422ms
3420ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Georgia.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 62456
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:33:27 GMT
server: cloudflare
etag: "583748b2772da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026a7584e913c-FRA

GET
H2 200 style.css
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 2 MB
204 KB 3412ms
3410ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe705d6d521b2088db2aaf7c12c4840d120cb95a277dff1e1d20cb4d5487780

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=1789178
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Thu, 19 Oct 2023 10:44:00 GMT
server: cloudflare
etag: W/"058342b792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a74827913c-FRA

GET
H2 200 clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css
www.mandai.com/etc/designs/wrs/ 994 B
560 B 3409ms
3408ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d648c9d116f94054bfe843ae8a909f6381fe2d1ef27cdda85423b195701f16ca

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:48:12 GMT
server: cloudflare
etag: W/"473c93c1792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a7482c913c-FRA

GET
H2 200 headLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 132 KB
50 KB 3410ms
3409ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77de65c6d493bb9e0baeba170afd33b4b271c9a0831b0e6877880352c8a0a7f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:42:56 GMT
server: cloudflare
etag: W/"0b8e5792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a75852913c-FRA

GET
H2 200 satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js Show response
assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/ 441 KB
96 KB 59ms
11ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0d31cf1561041c9811ed464bb9219b61e144ebd6881e685aadb637a930637dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:14 GMT
server: AkamaiNetStorage
etag: "d40e3247d490db3e769b90707d5a4ef0:1697698334.819212"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 97846
expires: Fri, 20 Oct 2023 10:14:34 GMT

GET
H3 200 md-tick.png
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 2 KB
2 KB 516ms
514ms Image
image/png 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-tick.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad13d34a45356e68d3a6c7969fc7ab9d4d5dc27c43aa8f101fec2b1ac588092

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 1923
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:48:19 GMT
server: cloudflare
etag: "0f5fcc5792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026bcfe5d9189-FRA

GET
H2 200 Logo-Mandai-SapWhiteLighter.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
3 KB 3413ms
3411ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-SapWhiteLighter.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:41:08 GMT
server: cloudflare
etag: W/"03aafc4782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a75854913c-FRA

GET
H2 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
4 KB 3416ms
3415ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=P6atdfusU_pL9rxzab37VbOoXHN2l14.uJz5YFjFuD8-1697793271-0-AUyxrxH_VzdM59LcYeXb-U0IH2k1vA07RPsRw6TCHjaDv_f70pScqWw45hBW3WMU_vLmi81SIUD40svUNFLCivoBjz5_cGNWmGNPO2qtlrrwWxvif8f-iuR3ZOevYlEh5HYgPHFxjOMb8o-UFRFuFIk; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:37:02 GMT
server: cloudflare
etag: W/"09be32782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=P6atdfusU_pL9rxzab37VbOoXHN2l14.uJz5YFjFuD8-1697793271-0-AUyxrxH_VzdM59LcYeXb-U0IH2k1vA07RPsRw6TCHjaDv_f70pScqWw45hBW3WMU_vLmi81SIUD40svUNFLCivoBjz5_cGNWmGNPO2qtlrrwWxvif8f-iuR3ZOevYlEh5HYgPHFxjOMb8o-UFRFuFIk"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026a75856913c-FRA

GET
H3 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/mandai/logo/ 11 KB
3 KB 514ms
512ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:40 GMT
server: cloudflare
etag: W/"0ae55ae792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bb8cad9189-FRA

GET
H3 200 Logo-BP.svg
www.mandai.com/content/dam/mandai/logo/ 7 KB
3 KB 523ms
522ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-BP.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26d5391c3fd298af377388f1537f4e694f8b79977f658cb5d4e72dbdf19d603

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:40 GMT
server: cloudflare
etag: W/"0ae55ae792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bbacc79189-FRA

GET
H3 200 Logo-SZ.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 194ms
193ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-SZ.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:27:04 GMT
server: cloudflare
etag: W/"0c9fcd762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bcfe589189-FRA

GET
H3 200 Logo-RW.svg
www.mandai.com/content/dam/mandai/logo/ 7 KB
3 KB 196ms
194ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-RW.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:24:57 GMT
server: cloudflare
etag: W/"8062ec81762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bcfe5f9189-FRA

GET
H3 200 Logo-NS.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 501ms
499ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-NS.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:42:40 GMT
server: cloudflare
etag: W/"05085fb782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bcfe609189-FRA

GET
H3 200 conservation-included-tag-250x107.png
www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/ 12 KB
12 KB 673ms
672ms Image
image/png 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/conservation-included-tag-250x107.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2f8af767e0d56e93f34eaa875d9e9b308f720b599da6094dce10b470e35aa24

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 12078
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:33:30 GMT
server: cloudflare
etag: "2662b7b3772da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026bcfe629189-FRA

GET
H3 200 footLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 18 KB
5 KB 516ms
514ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa33266a8b7bc1c4e2cdfd0ac436789f575a6c44e526646fc2641b1d01e8689

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:40 GMT
server: cloudflare
etag: W/"0ae55ae792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bcfe599189-FRA

GET
H3 200 wrs-lazyload.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 4 KB
1 KB 515ms
512ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/wrs-lazyload.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:27:04 GMT
server: cloudflare
etag: W/"0c9fcd762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bcfe5a9189-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 84ms
43ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9561327d88b1af3a3af6e817b60fc0e7da524b543dd0e8122bed75878f6885e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 20 Oct 2023 09:14:34 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 98ms
34ms Script
text/javascript 23.215.20.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.215.20.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-20-4.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Oct 2023 09:14:34 GMT
server: Oracle API Gateway
opc-request-id: /74FB8CCB8CC09CA619841340924225B5/F1DFDA3CE63B9802349B83670DA40E4C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 62ms
19ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f19c0a1483810e10f60f6db0a7cfbe846db99f93be0bc51af190ff2208bfb4d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 20 Oct 2023 09:14:34 GMT

GET
H2 200 app.css
app.vouchconcierge.com/widget3/css/ 3 KB
4 KB 724ms
668ms Stylesheet
text/css 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/widget3/css/app.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bb238435f872fc9384b0df1fb07281b344f70944b2412e9eae94971b0037c9ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .google-analytics.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com *.fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
x-amz-version-id: vn9Oanj87XxAvobvJOwDsvKF0A4X7bQY
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
content-security-policy: script-src 'self' *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3279
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Sep 2023 06:36:41 GMT
server: AmazonS3
etag: "8e16662b1b91ff65b026376e15268e2a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: 0mXl9NAaV1QqSnvcSlounSCJISBc1CvpSEr7s7mfGvIN3S3Z5-y8mA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 321 KB
93 KB 83ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0d2564dad7691b834578f98024cf78d472e1d6700cf3703563fce1065818dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 09:14:34 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 mandai-arrow-yellow-down.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 687 B
867 B 530ms
530ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-down.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a461faa9da67cc30ed1e8fe5367bd7b3a20ff12638c13a533c58ef18d72cb12

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 11:14:45 GMT
server: cloudflare
etag: W/"aac176777d2da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bd2ea19189-FRA

GET
H3 200 mandai-arrow-yellow-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 515ms
515ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b53441ece740f3f0e8bf0945450ea7f5b2ca69ced69663d5a45a647ab49d67

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:49:54 GMT
server: cloudflare
etag: W/"ac679dfe792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bd1e799189-FRA

GET
H3 200 mandai-arrow-yellow-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 545ms
545ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9df2ebf3a9633ac9fa0f83e21c35b2677dc37712a6d94989cd1085cd6bbd49f8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:48:13 GMT
server: cloudflare
etag: W/"33a781c2792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bd1e7c9189-FRA

GET
H3 200 md-back-to-top.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1004 B 514ms
514ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-back-to-top.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64729bab868cdce99817edb01de817763a58dd4b7752f691ad354a390e54e892

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:40 GMT
server: cloudflare
etag: W/"31b3d8ae792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bd1e829189-FRA

GET
H3 200 fa-regular-400.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 207 KB
208 KB 829ms
829ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-regular-400.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=J6oogzrIqj9c52H401fRKG3A4F5ln5mvX5GNVUlvEWU-1697793275-0-ASYXOQRrX_Nb-BAwblsqeS08H4YXLXkFOl8O6a32uYRkTNtp8MWW3ykYTpow36tRO1ax3AyrYj11TpRwJzFWGrEY4nqkTeZOXSf8165S-MQYQMwLKVDaeFjhyLV6c2gZGQgeafJA4pCR_qyGKXAEiGs; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:29:11 GMT
server: cloudflare
etag: W/"e1c86919772da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=J6oogzrIqj9c52H401fRKG3A4F5ln5mvX5GNVUlvEWU-1697793275-0-ASYXOQRrX_Nb-BAwblsqeS08H4YXLXkFOl8O6a32uYRkTNtp8MWW3ykYTpow36tRO1ax3AyrYj11TpRwJzFWGrEY4nqkTeZOXSf8165S-MQYQMwLKVDaeFjhyLV6c2gZGQgeafJA4pCR_qyGKXAEiGs"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026bd1e899189-FRA

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 74 KB
74 KB 525ms
524ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 75308
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:26:24 GMT
server: cloudflare
etag: "9eb73db6762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026bd1e8a9189-FRA

GET
H3 200 Poppins-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 49 KB
50 KB 793ms
793ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 50576
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:41:40 GMT
server: cloudflare
etag: "ceb28d8782da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026bd1e8c9189-FRA

GET
H3 200 Poppins-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 50 KB
50 KB 514ms
514ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c1dd01db85a00fb60520dce8e9fbce9e80ef72b602a6750689fe606fb626e8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 51148
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:28:21 GMT
server: cloudflare
etag: "82ff9bfb762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026bd1e8d9189-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
43 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=4100146427&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbebbdd6a650e05128293aaee829cc374d9f9c9d9afdd2d30858eaf93aaa62fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 09:14:34 GMT

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 20 KB
7 KB 312ms
245ms Script
application/javascript 23.212.205.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.212.205.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-205-62.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 09:14:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Mar 2023 06:30:22 GMT
Server: nginx
ETag: "6400427e-4e4d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1185
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6784
Expires: Fri, 20 Oct 2023 09:34:19 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/956687319/ 3 KB
2 KB 333ms
28ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/956687319/?random=1697793274549&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&bttype=purchase&auid=1754038974.1697793275&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

acfb1208b41f03a6b58167b40c9a6e006464c1b09c3a508cc11b4225f5bcc96f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=... Show response
11432329.fls.doubleclick.net/ Frame 1BD6
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or...
https://11432329.fls.doubleclick.net/activityi;dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0...

540 B
479 B

54ms
52ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

f4228e5998908dd9498dcba6ecc6fa95f520992345e709cba837a006960cd9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 303
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=... Show response
11432329.fls.doubleclick.net/ Frame 0B22
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or...
https://11432329.fls.doubleclick.net/activityi;dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0...

540 B
472 B

55ms
53ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

ce682800428034e21a8aa80f656c1fd7bd269c9b2d6c1f5659633d8662fa2b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 303
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 88ms
28ms Script
application/javascript 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2931a2192744d0d20f804ea197ff9606bd711b9647419f7cfa7491dec5f2bc66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 09:14:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 15:40:39 GMT
Server: AmazonS3
x-amz-request-id: 8YKP7GEM93TG1JHB
ETag: "0b1fd4478faa51d4a4297dc13d9045d4"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=121
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6274
x-amz-id-2: J96FReE2Xp3jfWzZaU96+xHn+x84HdC5qFKZU/3bm7kbxM8ntR0FG0onroY8tN5+NbyuYqdVVbE=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 286ms
14ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 20 Oct 2023 09:14:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: DMpKRMb3eavs2sGrdPcbq1A0b25HiGNj+4ni7qVJ+feMy2zdDuHBHMWPKreoX5sTKdNaE34R1o8SFGqYQxAJ0Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 381ms
116ms Script
application/javascript 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2TOBBC77U92N2SU4KG&lib=ttq
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9f0a0a2b95c9ee3ce51e2c5c313fd362561b929e28e6b28c84721a6a0bfe4f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id: 5506b67a.2afda195
date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 92,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=6, inner; dur=3
content-length: 2226
pragma: no-cache
server: nginx
x-tt-logid: 202310200914346977A0E6B53E382146F9
x-cache-remote: TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3.1605-50913535) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.218.223.23
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be165d7a6da3d65b53bebcff6b6e091e6c7c925489eed4cc22378b020742cf1f822520d653dca15d77ff3376043321c86f443b5d2569a65a034c892d20cad0314c05a44dcc0b7f45f70f0d59874e5d3893f0b09bee0c286573a05dcaa604a63fa4e5
expires: Fri, 20 Oct 2023 09:14:34 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 313ms
18ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:14:34 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 316ms
23ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108067

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1d6a35f7d2b84b161c42210e7a341fbeb41fd0ed1a9a06dee11a11113ed5dc50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWBT4H3HLL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH9TM4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c53b96b8080c75f150ac0c0dcdb10053a2eaf812ef83317d936ce53bf2e1322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 09:14:34 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 133 B
848 B 210ms
38ms Fetch
application/json 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.mandai.com%2Fen.html&buyer_pixel_id=9758
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 26c91a5271a33657fd4b086ee7c80da12f5bf5e94fd466583f5ef4febfe7890a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 09:14:34 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.mandai.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: A/ZN3JeVl863wk4gji5LwmyqD8tQETuBB/T7ruSp8OvPp/kIaJGhw4I8mpB3u4vvQoSH2zniTHlhvlBBOA1ZbAkAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2OTUxNjc5OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 133
Expires: Fri, 20 Oct 2023 09:14:34 GMT

POST
H2 204 b
wcs.naver.com/ 0
628 B 2057ms
1293ms Ping
text/plain 110.93.147.30
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:35 GMT
x-content-type-options: nosniff
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
134 B 394ms
46ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.15.1_cce2bd2&provider=tag&buyer_pixel_id=9758&referer=https%3A%2F%2Fwww.mandai.com%2Fen.html&user_session_id=41ea1982-72c8-41dd-9084-7d2455f432ca
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 20 Oct 2023 09:14:35 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 428162178859206 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 82ms
81ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/428162178859206?v=2.9.135&r=stable&domain=www.mandai.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ce01cfe66fc60def0f266cd8c7b1acb7e20a751f620fd3cc9aea008bf128ae9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 20 Oct 2023 09:14:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: s1mq8rG4QHeynfKK56MWAMWsdhLvQx0DKcbs/mWKya3CVXy7PDk+b9u0YNmGi8oj19cTtEPwiRvNZ3Lwb9WfUg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-BDGGPC8sPSpFR.js Show response
rules.quantcount.com/ 33 KB
6 KB 223ms
14ms Script
application/javascript 2600:9000:223c:fe00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BDGGPC8sPSpFR.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:fe00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e10b6bc33ca4bd9ee1c9a1c6802d503b937f9466c375de55bdee501b92153d15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:37:33 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 29 Sep 2023 05:13:01 GMT
server: AmazonS3
etag: W/"22176afd7986423656b6b8ff45f82e79"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: SBQz4BDUP9uoFohaAV6DjGCsF0U75dR9Z9zasYUrk0kqtxYXCIC6uQ==

GET
H2 200 dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2... Show response
adservice.google.com/ddm/fls/i/ Frame 2D7D 539 B
375 B 90ms
52ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821d53cb720d093124330c4d03764e6d845313546f59c2516b8785a6c596dbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2... Show response
adservice.google.com/ddm/fls/i/ Frame 94F0 539 B
679 B 88ms
51ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af2c69fbfaa544867d6259b65ff86895b20e12fbe0618f02ecdd4f82bcd5558a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/956687319/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&...
https://www.google.de/pagead/1p-conversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&l...

42 B
455 B

287ms
28ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1754038974.1697793275&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1ySXFRWVEtOG1UM0pMbjFfWHZBUkltQUM0d2VVdjVSN1k2VlNMcjBpOXl1RjFDd0t3U1Zyako5MzhBRGpMVVZJdG5WdnBUUk1FGlpDaEVJOE1ySXFRWVFxZDZKbXJtQXNyaXBBUkl1QUdtUTkwT005UW5HUEVRd2pWcGxSdGNwYk14eHJnRWhtMXVMSjFYR0pUZmtYYndMQmlIdzY1elVPLS1jbGciEwip77PopISCAxVXyrsIHQVbAMg&is_vtc=1&ocp_id=-kQyZamKNdeU7_UPhbaBwAw&cid=CAQSKQDICaaNOOVSogSYCEYGJ6H7NMgv3c3ztue8dvwTc_wLwQWakkVOLAAu&eitems=ChEI8MrIqQYQ6ov78_z9q5uvARIdAIdnF7wGT-pCbNzSz3l7huP6Od39tBVerDGGhXw&random=53964543&ipr=y

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/956687319/?random=1157630193&cv=11&fst=1697793274549&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1754038974.1697793275&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1ySXFRWVEtOG1UM0pMbjFfWHZBUkltQUM0d2VVdjVSN1k2VlNMcjBpOXl1RjFDd0t3U1Zyako5MzhBRGpMVVZJdG5WdnBUUk1FGlpDaEVJOE1ySXFRWVFxZDZKbXJtQXNyaXBBUkl1QUdtUTkwT005UW5HUEVRd2pWcGxSdGNwYk14eHJnRWhtMXVMSjFYR0pUZmtYYndMQmlIdzY1elVPLS1jbGciEwip77PopISCAxVXyrsIHQVbAMg&is_vtc=1&ocp_id=-kQyZamKNdeU7_UPhbaBwAw&cid=CAQSKQDICaaNOOVSogSYCEYGJ6H7NMgv3c3ztue8dvwTc_wLwQWakkVOLAAu&eitems=ChEI8MrIqQYQ6ov78_z9q5uvARIdAIdnF7wGT-pCbNzSz3l7huP6Od39tBVerDGGhXw&random=53964543&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/dd34ec3d/www-widgetapi.vflset/ 213 KB
66 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270c8f402a1eb1fe4617d33b37944b6e59c50d0aeb4605500f38f08cefc03191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67282
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Oct 2024 09:13:25 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 464 KB
186 KB 202ms
11ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190277
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 09:02:44 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2FB2 15 KB
6 KB 69ms
22ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.mandai.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=108067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 294171
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 main.MTEyYzFhMzhjNQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 424 KB
107 KB 18ms
17ms Script
application/javascript 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2TOBBC77U92N2SU4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 94a7497b4acc6da46e530c36f90da8478e910c377e6c0ab0cc46e64fa140bebe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id: 2afda278
date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231017111751BBE8DDEBB4FCE6B65196
vary: Accept-Encoding
x-cache: TCP_HIT from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018849e73c0004d8afa43b6e6e38849be44d1974a4c133ba1c22f7ced9a83ca5c75a9d728356e02e6361a7f38deb2d3c07f9670c001a9984b3723acd8a9cc9980aac63c0913b977e48951fa9e0238297c859350cd9380f0505e21b77db9c364f59
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 109083

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 136ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428162178859206&ev=ViewContent&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1697793275024&cd[content_type]=product&cd[content_ids]=%5B%22en.html%22%5D&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&fbp=fb.1.1697793275016.650429014&cs_est=true&est_source=411158113806146&ler=empty&it=1697793274911&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 20 Oct 2023 09:14:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 136ms
14ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428162178859206&ev=PageView&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1697793275025&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1697793275016.650429014&cs_est=true&ler=empty&it=1697793274911&coo=false&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 20 Oct 2023 09:14:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RC60b30ce13d294d708103f9b418815705-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/ 637 B
542 B 12ms
12ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/RC60b30ce13d294d708103f9b418815705-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a1d296c535560ec04536aabeec30f421864841b7d68fcece7ecc043b21b5e18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:15 GMT
server: AkamaiNetStorage
etag: "9acd30ef95f3cc302325a4ea8c51babf:1697698335.624727"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 306
expires: Fri, 20 Oct 2023 10:14:35 GMT

GET
H2 200 RCbe9f3d544292409c8c27afc763bb970b-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/ 3 KB
1 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/RCbe9f3d544292409c8c27afc763bb970b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a39d168db13e4849157fe4a52082eff9c45c9fd24dc78146c2cf521ed0698089

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:15 GMT
server: AkamaiNetStorage
etag: "9acd30ef95f3cc302325a4ea8c51babf:1697698335.624727"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 996
expires: Fri, 20 Oct 2023 10:14:35 GMT

GET
H2 200 RC93b7e6d666b140bf9b89c7ec29fd3502-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/ 2 KB
1 KB 13ms
12ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/b6a14d80265a/RC93b7e6d666b140bf9b89c7ec29fd3502-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b2edc21754409f966994ef527c1f62f80126fcd7ae38c69b36f05f4c14211a64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:35 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 06:52:15 GMT
server: AkamaiNetStorage
etag: "9acd30ef95f3cc302325a4ea8c51babf:1697698335.624727"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1009
expires: Fri, 20 Oct 2023 10:14:35 GMT

POST
H2 200 interact Show response
adobedc.demdex.net/ee/v1/ 796 B
932 B 151ms
67ms Fetch
application/json 63.140.62.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/interact?configId=e0dadaea-a164-437c-a78a-42cffc63b50a&requestId=04ba5f2f-b793-41ef-b114-6474d040226e

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

575c841f2c42e50f9a667fdf40d542e817418e3a2afe2f3e934e26810999e5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 09:14:34 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mandai.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 04ba5f2f-b793-41ef-b114-6474d040226e

GET
H3

200

main.js Show response
www.mandai.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame 3B85
Redirect Chain

https://www.mandai.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.mandai.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

7 KB
3 KB

77ms
76ms

Script
application/javascript

2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b415dfbbc7767fd0a5437dc0e4caa3b903fc0ce01987ec241ebb9abdc80a1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 819026d85e959189-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 20 Oct 2023 09:14:35 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 819026c1dc1a9189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 3 KB
1 KB 3587ms
3587ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/config.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3ee94015ab8995b08dc529e22919863b5c0ff68e43b0e3df390fb9f7c3f2a

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:41 GMT
server: cloudflare
etag: W/"8044eeae792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026c1ec319189-FRA

GET
H2 200 pixel;r=1676388154;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0...
pixel.quantserve.com/ 35 B
473 B 21ms
19ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1676388154;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1482268619-1697793274934;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=mandai.com;dst=1;et=1697793275261;tzo=-120;ogl=title.Homepage%2Cdescription.%2Cimage.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fcontent%2Fdam%2Fmandai%2Fabout-mandai%2FMasthead-1920x894-v2%252Ejpg%2Curl.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fen%252Ehtml%2Ctype.article;ses=3e5d7155-6c43-46de-8bb0-344a5460d7da;mdl=

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2FB2
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=mandai.com&sn=ChromeSyncframe&so=0&topUrl=www.mandai.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=t-e7EXxXNzdNekltdUNDZHJJalFheDIzQ2IxaVI4WHc1a051K3NBdnd2bENBU0thVDg3T0ZWQnRRT2hDRDNiTXE1Tk92cWFuSFYyOXROekFvUTlacHFrK2tBWjVWNWNVTWw0dm1wVWRHdytRc05rTzlEREFhY1pKU2Z3VF...

446 B
659 B

26ms
23ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=t-e7EXxXNzdNekltdUNDZHJJalFheDIzQ2IxaVI4WHc1a051K3NBdnd2bENBU0thVDg3T0ZWQnRRT2hDRDNiTXE1Tk92cWFuSFYyOXROekFvUTlacHFrK2tBWjVWNWNVTWw0dm1wVWRHdytRc05rTzlEREFhY1pKU2Z3VFlhM0ZTelF5RDB1cU0wU0dWWFA1dk90aytnMmRyOGN6cFJJRHZ1TWhZcWJXZVlZS1dzM1A3cVJWTGlOQUo3TGVmbmczK1RmOGZzSVJxTFQ1d3dycDk4UzdKUDdKcmpEQk0vUGRDN3pXVEJFWk41OTFhdkkvVm91QVBQUnA3NEQydzF2MlJmci9OK3VIdVczOHZFenhwNzhzaWVZaW9uQT09fA&cppv=2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a00b82a238c45d6d963b32a3e1dd0532bcdef24d8043796c300b3ab896165294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1301214
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=t-e7EXxXNzdNekltdUNDZHJJalFheDIzQ2IxaVI4WHc1a051K3NBdnd2bENBU0thVDg3T0ZWQnRRT2hDRDNiTXE1Tk92cWFuSFYyOXROekFvUTlacHFrK2tBWjVWNWNVTWw0dm1wVWRHdytRc05rTzlEREFhY1pKU2Z3VFlhM0ZTelF5RDB1cU0wU0dWWFA1dk90aytnMmRyOGN6cFJJRHZ1TWhZcWJXZVlZS1dzM1A3cVJWTGlOQUo3TGVmbmczK1RmOGZzSVJxTFQ1d3dycDk4UzdKUDdKcmpEQk0vUGRDN3pXVEJFWk41OTFhdkkvVm91QVBQUnA3NEQydzF2MlJmci9OK3VIdVczOHZFenhwNzhzaWVZaW9uQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 255467
content-length: 0
expires: 0

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/ 75 KB
75 KB 3462ms
3461ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 76764
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:34:58 GMT
server: cloudflare
etag: "df389be8772da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026c2ad1a9189-FRA

GET
H2 200 identify_6291e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 15ms
14ms Script
application/javascript 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_6291e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id: 2afda50d
date: Fri, 20 Oct 2023 09:14:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231017111610FC36B7C14749CF090827
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 013dbcef02fbfff05945f2b5698d755d1940a25b0d8fbd9d0578f589586070840364e41e8475d93ee8f3ed8d57cf21c2fe45364e934613a3e5ab1b3b972a97cd61b0466c11197aa54e938bfd07413ac07ba686e6fd2f36964bcf4da893ec593d47
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35749

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
647 B 119ms
118ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2afda545
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=6, origin; dur=94
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231020091435BCFAAE9A6CBE94637FF1
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 94,23.53.43.181
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be16da7c9d15b6f9533fe520fa33766c1818148862d7e7f03091f86c9d11dd83503ccd58ccae23d3bcf65c1b274fb77b18afd3700f952a7cbc6d2b72a4e28e8b8b483e41168e690c70fd2e17153e69b57525
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
648 B 123ms
122ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2afda547
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=7, origin; dur=100
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310200914357E9FAE7D363CF2BB45BF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,23.53.43.181
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be16da7c9d15b6f9533fe520fa33766c1818e218f9696cf177556ccbd02a27ed8f16ea9a754844afdf08d638822f42d4f4ff64debcb03a3e4752c116a661b9d720cf9325f74a1d2d4c1559e588cba75bbf08
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
789 B 119ms
118ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 32b83bf9.2afda549
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 96,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=12, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023102009143512DAC43E88CBC12A3A3F
x-cache-remote: TCP_MISS from a23-194-131-44.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.194.131.44
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be165d7a6da3d65b53bebcff6b6e091e6c7c45a900198e465a816586a4db3320161c5ce321dfb55b6e064af9c3bd80c4ed946218a4e72cd574b1aa83846888d7db1ab593f0de47c90d8cbce03f5b8e85f2861a25cb1d8c1fdebfbf3ddd576b23c0b0
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
789 B 130ms
129ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 13eabc19.2afda56c
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 100,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023102009143511B4CDCB7C894F32FCE1
x-cache-remote: TCP_MISS from a23-218-223-9.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3.1605-50913535) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.218.223.9
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be165d7a6da3d65b53bebcff6b6e091e6c7cbd8f17e5a81d08b3eb9769a3151b62e8ca0c4b9529ac7871882dcd516cdff75067fe5a294cfcc16f21e370acd6c1dad9ae5632e06ae940444bce71fd364798a50f48aaea7f4434548ce2e26a417966e1
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
647 B 129ms
129ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2afda572
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=7, origin; dur=99
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231020091435A41AAC92DB8EA0310B98
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,23.53.43.181
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be16da7c9d15b6f9533fe520fa33766c1818ce7bf29378312a48753f74827b669564b7da5328186b4377465130463596caf68fc981a25cb2eaffaaa1967709d62bf850326a921bffdd85e474cf7622525a37
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
645 B 130ms
129ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2afda573
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=5, origin; dur=101
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231020091435514902EB038895B0501C
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,23.53.43.181
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be16da7c9d15b6f9533fe520fa33766c1818e686855a6f6c2a2abac311970cb1aa2f4f14e5e069dd1407290da37b82059452a3520063c3b609c366be2be4667febf4e022214a8cdbf85d2a7f3c16f72a75ff
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
646 B 140ms
139ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2afda574
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=22, origin; dur=97
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023102009143567D467F83B14A2268681
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,23.53.43.181
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be16da7c9d15b6f9533fe520fa33766c1818d0514c2e001204512ce519272b8655e646d42baac12fa59500278adb5280642540ae35d4cad667e3993b4a1f905b5669f9d1d49270e8b7c8e99eccce40bad84c
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
788 B 148ms
147ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 32b837d1.2afda58c
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 109,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=19, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231020091435E91BE9EE23C027263C66
x-cache-remote: TCP_MISS from a23-194-131-44.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.194.131.44
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be165d7a6da3d65b53bebcff6b6e091e6c7c45a900198e465a816586a4db3320161c73d0fdc1c29fa48bb4890cf647f6547bcf51f8f8d3a33cff23565602ac9ed731e7a79795f2e226e4287ea656a84da6852db016d9bf06cb7102744cc1fd634a4e
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 282ms
282ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 93623704.2afda58d
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 245,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=159, inner; dur=139
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231020091435B0B030D11EA36A2D9677
x-cache-remote: TCP_MISS from a23-194-131-53.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 159,23.194.131.53
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be165d7a6da3d65b53bebcff6b6e091e6c7c3b86c3baf9ca35060e8fbf1863bf9a45f4aaece9d68f42d2ffd8294aa7e4b9b2d064709468a5e675e26125ee15d679b451170d847caf850732b0ae09c07a6b313d87ee0d818683e2f4dbe3bc8f8af441
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
648 B 166ms
166ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2afda58e
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing: inner; dur=24, cdn-cache; desc=MISS, edge; dur=6, origin; dur=117
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231020091435336345EF8B2EEF302607
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 117,23.53.43.181
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be16da7c9d15b6f9533fe520fa33766c181821af14f3fc1fb01bfbeebdd9e269199876f7ab2de179c0ceb8eece14d7f79c6d444dfebc6ef33ec7d3e339b12447cedb81170809958e8b8c06ab07794be8a591
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

GET
H2 200 dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2... Show response
adservice.google.de/ddm/fls/i/ Frame 0119 194 B
193 B 106ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMKXqOikhIIDFdpKkQUdABkLPA;src=11432329;type=wrs;cat=wrs_h0;ord=2348058216516;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:35 GMT
expires: Fri, 20 Oct 2023 09:14:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2... Show response
11432329.fls.doubleclick.net/ddm/fls/r/ Frame E49B
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0...

4 KB
1 KB

67ms
63ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

a19f9d53b1889a821b5ed19e30d6528694b346b6639a5d5546a7e4609d8e3668

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1462
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:35 GMT
expires: Fri, 20 Oct 2023 09:14:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=108067&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%2...
https://widget.as.criteo.com/event?a=108067&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%2...

10 KB
5 KB

1999ms
1392ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=108067&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=7PGrgl9qeCUyQmQlMkJPbmpqWnpHJTJCVHBsampydzJnN0F4T3F0NTVyMlJKRDRNJTJCZnFLQzJ1M0N2ZiUyQld5dUVlVHNqU1B3WTFuUTR5T1NBREdOd25nVDB6NCUyRmFnMUZhTnF0VmJ3JTJCUHhCQUFlbDRDTWpIYnN6WiUyRnI0ZE9tWkhkRTNlSGdJbW9ESExYQWoyY0k4VzZmeU15b0RZT01iNlZRJTNEJTNE&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=de8fce04-8882-4fd7-b04b-3286aae89e03&dtycbr=70673

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

53020f00d151c02c52ae5351e5096874b7a3238be354b7b75091763af0037c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14143492
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.as.criteo.com/event?a=108067&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520User%252523%252523%255D&p1=e%3Dce%26m%3D%255B%252523%252523SHA256-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dsha256&p2=e%3Dce%26m%3D%255B%252523%252523MD5-hashed%252520Email%252520Address%252520of%252520User%252523%252523%255D%26h%3Dmd5&p3=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p4=e%3Dvh&p5=e%3Ddis&adce=1&bundle=7PGrgl9qeCUyQmQlMkJPbmpqWnpHJTJCVHBsampydzJnN0F4T3F0NTVyMlJKRDRNJTJCZnFLQzJ1M0N2ZiUyQld5dUVlVHNqU1B3WTFuUTR5T1NBREdOd25nVDB6NCUyRmFnMUZhTnF0VmJ3JTJCUHhCQUFlbDRDTWpIYnN6WiUyRnI0ZE9tWkhkRTNlSGdJbW9ESExYQWoyY0k4VzZmeU15b0RZT01iNlZRJTNEJTNE&tld=mandai.com&dy=1&fu=https%253A%252F%252Fwww.mandai.com%252Fen.html&ceid=de8fce04-8882-4fd7-b04b-3286aae89e03&dtycbr=70673
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4558812
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
787 B 128ms
121ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 13a160be.2afda610
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 103,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=13, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231020091435E2746AFCE881E22975DC
x-cache-remote: TCP_MISS from a23-194-131-87.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.194.131.87
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be165d7a6da3d65b53bebcff6b6e091e6c7c2cbe32cbe6c9c41418e75770dc2e2d46bbb294259ea04265aae4f3db3de2eca94c3b2e71a82626e925ba2bd3528e94336a6494a18fefac8b5353b7bd7e3acf1c0eafd5da2c8474dd749bf81473d40919
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
791 B 152ms
149ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 13eabd58.2afda69a
date: Fri, 20 Oct 2023 09:14:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 116,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=29, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023102009143531AA96E97E33701E2E09
x-cache-remote: TCP_MISS from a23-218-223-9.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3.1605-50913535) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.218.223.9
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be165d7a6da3d65b53bebcff6b6e091e6c7cbd8f17e5a81d08b3eb9769a3151b62e8edf30df3e2c242e65daf51988dcded0c559348e4d510d06074f395f35bb268de63439f521031ecad677c73bc787c4261f1b7b956b449f116ac5d4b102f14f684
access-control-allow-headers: Authorization,*
expires: Fri, 20 Oct 2023 09:14:35 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame E49B 70 B
149 B 417ms
74ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=44pt0k5&ct=0:yvg0lt3&fmt=3
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ Frame E49B 6 KB
7 KB 331ms
16ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 37eeaa67d12f7ca53b3504eb0ca468e061e668ebadd8ca90489dc880e0dc2386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:26:12 GMT
age: 2903
x-guploader-uploadid: ADPycdud_I3M81V5Xhvrn21lG3Usum8-jShXaiCkX5bVaAR9eLL695Qi3eVXW7sCQS5PbYbjgBLmjFqh4yWtIMlTueqi2Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6498
last-modified: Wed, 18 Oct 2023 10:56:02 GMT
server: UploadServer
etag: "048681c6866b4e6dc976c18db720b39d"
x-goog-generation: 1697626562063771
x-goog-hash: crc32c=lrxT6w==, md5=BIaBxoZrTm3JdsGNtyCznQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 6498
accept-ranges: bytes
expires: Fri, 20 Oct 2023 09:26:12 GMT

GET
H2 200 zcpt.js Show response
js-tag.zemanta.com/ Frame E49B 8 KB
3 KB 343ms
38ms Script
application/javascript 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-tag.zemanta.com/zcpt.js
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 08:53:31 GMT
server: cloudflare
x-amz-request-id: 48VYZ8FJTSNW70GR
age: 4830
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 819026c6d9723602-FRA
x-amz-id-2: E7BQ48vLULlgOnujJxreW8UrxxlKscbii277V4vtZCZm7qUrGF463iUpelOuKmHTV+R+s4+4Mbs=

GET
H2 200 66017.html Show response
static.sojern.com/cip/a/ Frame 5ECE 6 KB
6 KB 153ms
152ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0135f22780f6e4558f5b4c0723b00aa5b83224d78565daa4ef155f2ca6f5b153

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 6085
content-type: text/html
date: Fri, 20 Oct 2023 09:14:36 GMT
etag: "93c61ff6077e7fd4f60d1e8d45ca480c"
expires: Fri, 20 Oct 2023 10:14:36 GMT
last-modified: Mon, 02 Oct 2023 05:13:04 GMT
server: UploadServer
x-goog-generation: 1696223584615176
x-goog-hash: crc32c=KUu7rQ== md5=k8Yf9gd+f9T2DR6NRcpIDA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6085
x-guploader-uploadid: ABPtcPqhkz8BBPoK-u-rJXtTOi1jr5EpGr8qawCDiU31n3NQ7s9vn_gr9QrJl3WdktWOHivbzE95KshKZQ7s1ChiDA-B6w

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame E49B 18 KB
7 KB 73ms
34ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:13:53 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1P6EGKP596PESY6V
age: 44
x-amz-server-side-encryption: AES256
x-amz-id-2: MGN/0Gw32+ax6/ZB+uQchZdPzTgvgzXtCmiqBmKIsoG8W8KT6Q1YNwhm2tmaP4SPoRILZPgmthE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 /
p1.zemanta.com/v2/p/js/60144/PAGE_VIEW/ Frame E49B 26 B
134 B 505ms
485ms Image
image/gif 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.zemanta.com/v2/p/js/60144/PAGE_VIEW/?bust=07760400109345924&optOut=false&url_referer=https%3A%2F%2Fadservice.google.com%2F
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=CImXqOikhIIDFRWKsgod9zoJiQ;src=11432329;type=wrs;cat=wrsal0;ord=5469990782698;auiddc=1754038974.1697793275;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-robots-tag: none
cf-ray: 819026c7aa593602-FRA
content-length: 26
content-type: image/gif

GET
H2 200 10169313.json Show response
s.yimg.com/wi/config/ Frame E49B 46 B
695 B 516ms
250ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10169313.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:22:08 GMT
x-amz-version-id: 3gCjLeZ06xAlg6ITNOH0rGogNvE1pQZp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: ZKXAMF2D5YEQP7TE
age: 57149
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: mXbSIGZlve8VGkefDaxByWxr6o0Lm4ou6QWitET7CnSoaEEwY+1uAQT5uDiBiMakoyVekNQMGGmYFx78YTtgJoV/1FnCAh7u
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 09 Feb 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 04 Jan 2023 16:55:37 GMT
server: ATS
etag: "169a76622cb3516047cff5f2cd73cd11"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 5ECE 18 KB
18 KB 17ms
14ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:43:50 GMT
age: 1846
x-guploader-uploadid: ABPtcPofmsO2zfVQcFDr2rnKp0Yo4xtcXqITi4-2kNy7a7btEJHKqUYen0iZQj0eohnpCLE-BdaIlCX9GR0Uq8No-JJDg-SRfJyW
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Fri, 20 Oct 2023 09:43:50 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 5ECE 4 KB
4 KB 20ms
17ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:38:21 GMT
age: 2175
x-guploader-uploadid: ADPycdu44MgmAYKZn5Az7gP9pPGJ3bXwY9hxeW5VJYbnU3b8FG-ots9MdyPMmjC96pWzAPDX66KvHAYkzUu6L0u53ToEfVeikfZT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4219
last-modified: Wed, 26 Apr 2023 13:18:45 GMT
server: UploadServer
etag: "c4ca3af5c34884e0dfd4291b07f65037"
x-goog-generation: 1682515125984075
x-goog-hash: crc32c=eNqgAQ==, md5=xMo69cNIhODf1CkbB/ZQNw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4219
accept-ranges: bytes
expires: Fri, 20 Oct 2023 09:38:21 GMT

GET
H2 200 335614 Show response
beacon.sojern.com/pixel/p/ Frame 5ECE 4 KB
1 KB 84ms
33ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/335614?f_v=v6_js&p_v=1&f_v=v6_js&cid=&p_v=4&version=3&ws=0x0&tz=-120&pc=https%3A%2F%2Fwww.mandai.com%2Fen.html&ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&vid=hot&domain=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&s=ccid_auto&pname=%3Ff_v%3Dv6_js%26p_v%3D4%26version%3D3%26auto_url%3Dhttps%253A%252F%252F11432329.fls.doubleclick.net%252Fddm%252Ffls%252Fr%252Fdc_pre%253DCImXqOikhIIDFRWKsgod9zoJiQ%253Bsrc%253D11432329%253Btype%253Dwrs%253Bcat%253Dwrsal0%253Bord%253D5469990782698%253Bauiddc%253D1754038974.1697793275%253Bgtm%253D45He3ai0%253Buaa%253D%253Buab%253D%253Buafvl%253D%253Buamb%253D0%253Buam%253D%253Buap%253D%253Buapv%253D%253Buaw%253D0%253Bepver%253D2%253B~oref%253Dhttps%25253A%25252F%25252Fwww.mandai.com%25252Fen.html%26auto_ccid%3Daiyfg-4t6vz-d77c9-rbpno-gi0r2%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D0x0%26tz%3D-120%26vd1%3D%26vd2%3D%26vf2%3D%26vn2%3D%26vf1%3D%26vs1%3D%26vn1%3D%26vb%3D%26pn%3D%26t%3D%26vp%3D%26vcu%3D%26vconfno%3D%26l%3D%26pc%3D%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&src=11432329&type=wrs&cat=wrsal0&ord=5469990782698&auiddc=1754038974.1697793275&gtm=45He3ai0&uamb=0&uaw=0&epver=2&~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 5c36913400a7eb38217942d8c4d3630f6f4b5837ef205ee906ac9cca9fd6bb3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
access-control-allow-origin: *
content-type: application/javascript
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 861

GET
H2

200

src=11956783;dc_pre=COvFlOmkhIIDFaoOogMdZD4O3w;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_...
adservice.google.com/ddm/fls/z/ Frame 5ECE
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid...
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=COvFlOmkhIIDFaoOogMdZD4O3w;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252...
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COvFlOmkhIIDFaoOogMdZD4O3w;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252F...

42 B
118 B

64ms
51ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COvFlOmkhIIDFaoOogMdZD4O3w;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COvFlOmkhIIDFaoOogMdZD4O3w;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 5ECE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=lGYm2g-kCu-b2KBAWqAk-g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM&sjrn_ula=7361855079&google_gid=CAESEI0Ez0dC8ChI7Qv2Zy9P4Jw&google_cver=1

42 B
285 B

108ms
25ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM&sjrn_ula=7361855079&google_gid=CAESEI0Ez0dC8ChI7Qv2Zy9P4Jw&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM&sjrn_ula=7361855079&google_gid=CAESEI0Ez0dC8ChI7Qv2Zy9P4Jw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 5ECE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=lGYm2g-kCu-b2KBAWqAk-g&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopU3OrdAvF4mMgZPmK_3CTG64tyUuiDqRHAd05Naiee8NIyLq6TE_Q9k8twpQoNcVm5eJHsR-wb4Fq6rYWvbue5uYhsCH916-Z-FoW46CQIUARzWAc
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopU3OrdAvF4mMgZPmK_3CTG64tyUuiDqRHAd05Naiee8NIyLq6TE_Q9k8twpQoNcVm5eJHsR-wb4Fq6rYWvbue5uYhsCH916-Z-FoW46CQIUARzWAc

170 B
432 B

143ms
61ms

Image
image/png

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopU3OrdAvF4mMgZPmK_3CTG64tyUuiDqRHAd05Naiee8NIyLq6TE_Q9k8twpQoNcVm5eJHsR-wb4Fq6rYWvbue5uYhsCH916-Z-FoW46CQIUARzWAc

Requested by

Protocol

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopU3OrdAvF4mMgZPmK_3CTG64tyUuiDqRHAd05Naiee8NIyLq6TE_Q9k8twpQoNcVm5eJHsR-wb4Fq6rYWvbue5uYhsCH916-Z-FoW46CQIUARzWAc
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 5ECE
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DXiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM
https://pixel.sojern.com/idsync/apn?id=1432847696766110155&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM

42 B
266 B

114ms
26ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=1432847696766110155&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
an-x-request-uuid: 0534c57c-118e-4b79-b58d-a4b82f719b47
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=1432847696766110155&sjrn_id=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM
x-proxy-origin: 80.255.10.201; 80.255.10.201; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5ECE 70 B
148 B 45ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=XiNEkkPMgyuPAenmUWbxAazURUybUB44XbI5yZzc1i9wXrj2882JTO5y_VNlg3bM&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame 5ECE
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=946626da-0fa4-0aef-9bd8-a0405aa024fa&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=946626da-0fa4-0aef-9bd8-a0405aa024fa&party=1296
https://pixel.sojern.com/idsync/adf?adfid=2217950860191276270&cid=946626da-0fa4-0aef-9bd8-a0405aa024fa

0
210 B

26ms
25ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=2217950860191276270&cid=946626da-0fa4-0aef-9bd8-a0405aa024fa
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=3&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=aiyfg-4t6vz-d77c9-rbpno-gi0r2&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=-120&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:36 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=2217950860191276270&cid=946626da-0fa4-0aef-9bd8-a0405aa024fa
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame E49B 43 B
632 B 147ms
41ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2020%20Oct%202023%2009%3A14%3A36%20GMT&n=-2d&.yp=10169313&f=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCImXqOikhIIDFRWKsgod9zoJiQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5469990782698%3Bauiddc%3D1754038974.1697793275%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.15.1&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 20 Oct 2023 09:14:36 GMT

GET
H3 200 config-layout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
3 KB 501ms
500ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/config-layout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099040eb47363eec5e39db282c36658387ce5310e2bb24544d7b56051e2138b6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:16 GMT
server: cloudflare
etag: W/"08e3f8d762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86eb09189-FRA

GET
H3 200 tracking-data.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 5 KB
2 KB 521ms
520ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/tracking-data.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25549cf31a55882533bfaf8a9ada58770b8de823e08e7b2f7fb3f4958f82ba2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:41:41 GMT
server: cloudflare
etag: W/"80a05ad8782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86eb49189-FRA

GET
H3 200 header.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 23 KB
5 KB 510ms
509ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/header.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f33d2e79191cc09d3e442d3dc03a2aad357b756de32bc3911fe67f6985881326

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:17 GMT
server: cloudflare
etag: W/"8024d88d762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86eb79189-FRA

GET
H3 200 bodyScrollLock.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 525ms
523ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/bodyScrollLock.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3326e61fd69bdd39b71b359ce95168787a017ea0249dffcad5defa31c16aabdc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:41:41 GMT
server: cloudflare
etag: W/"80a05ad8782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86eb99189-FRA

GET
H3 200 modal.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
3 KB 507ms
505ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/modal.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b333113819590fa035dbec4f092d483ed573f4726e6cf00e31005f8ec6d45a1

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:43:05 GMT
server: cloudflare
etag: W/"8026ca792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ebd9189-FRA

GET
H3 200 logout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 973 B
760 B 525ms
522ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/logout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b628f4d6ec810c1fc5b51ca0a7924a5e447760f5835223f6b7b5600e968a412

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:43 GMT
server: cloudflare
etag: W/"103b88b0792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ebe9189-FRA

GET
H3 200 navbar-search.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
2 KB 520ms
518ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/navbar-search.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6436400d015db6bcbf0dcce1cf4d6fc77e7c7de93dff3ff78e54a51c747ea22e

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:43 GMT
server: cloudflare
etag: W/"80711fb0792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ebf9189-FRA

GET
H3 200 search-component.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 4 KB
2 KB 525ms
523ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/search-component.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a8f1934beae71be11ac02309674df7b612b5884928c43b22229ba10ccd1cc91

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:16 GMT
server: cloudflare
etag: W/"08e3f8d762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ec09189-FRA

GET
H3 200 md-destination-masthead.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 4 KB
1 KB 526ms
524ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-destination-masthead.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b35d72382942c6421be18314f91925ca5baabc9264ce340d1e7e00edbc1dfdc3

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:32:37 GMT
server: cloudflare
etag: W/"80d01a94772da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ec19189-FRA

GET
H3 200 background-change.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 2 KB
968 B 193ms
191ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/background-change.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d0e69bced02a7940b5f34440fa8d81c33288b27c885eb90120890174768174

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:36 GMT
server: cloudflare
etag: W/"51c25099762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ec59189-FRA

GET
H3 200 md-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 530ms
528ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5f34e29ea4cba890b6175a5a447cf3ccc4596cc8642daf72af0e666b43536a4

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:49:55 GMT
server: cloudflare
etag: W/"80bcdfe792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ec79189-FRA

GET
H3 200 masthead-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 10 KB
3 KB 523ms
523ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/masthead-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b045b70ae477fed438b0646acb38278f1663a8d2301fb1799f258e996587851

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:36 GMT
server: cloudflare
etag: W/"0502b99762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ec99189-FRA

GET
H3 200 match-height.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
827 B 529ms
527ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/match-height.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2074c9401cd07a01c79cdae18b7be41091c4d7dbb7ca7240265f7047f11f680

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:42:25 GMT
server: cloudflare
etag: W/"21f81ef3782da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ecb9189-FRA

GET
H3 200 back-to-top.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
928 B 505ms
504ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/back-to-top.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4bee997fb047efa04e748c15937d8cdd1221a0ba420fb0153dbca2dc4e8fd7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:48:09 GMT
server: cloudflare
etag: W/"6464f4bf792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ecd9189-FRA

GET
H3 200 list-social.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 530ms
529ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/list-social.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8c95880c191331a9fd82216001770860fff83dcd5d9a94af99602adb2f75d8b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:29:55 GMT
server: cloudflare
etag: W/"80938b33772da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ece9189-FRA

GET
H3 200 accordion-footer.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 530ms
529ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/accordion-footer.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

554897823e2d49ec098fb07b1e040e16134b9c446857f5484b403397bc47d9cc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:48:09 GMT
server: cloudflare
etag: W/"80ba9ebf792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026d86ed29189-FRA

POST
H3 200 819026a19ffc913c Show response
www.mandai.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3B85 0
268 B 55ms
51ms XHR
text/plain 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mandai.com/cdn-cgi/challenge-platform/h/b/jsd/r/819026a19ffc913c
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
content-encoding: br
server: cloudflare
cf-ray: 819026d9c88b9189-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 bird-paradise-mandai-masthead-desktop-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 421 KB
422 KB 827ms
826ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/bird-paradise-mandai-masthead-desktop-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2d49da5049f8a2216cb829247d10c62b288f085b41a70df038c60cf50f1132

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 431092
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:43:03 GMT
server: cloudflare
etag: "64ce549792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026d9f8ed9189-FRA

GET
H3 200 homepage-banner-parks-carousel-ns-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 263 KB
263 KB 528ms
526ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-ns-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c3a2e32273364c535dea0f502a5de525fa9af1ecab9b3f855b534442f4ad264

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=271144
alt-svc: h3=":443"; ma=86400
content-length: 269095
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 19 Oct 2023 10:28:24 GMT
server: cloudflare
etag: "e82968fd762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026d9f8ef9189-FRA

GET
H3 200 homepage-banner-parks-carousel-rw-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 341 KB
342 KB 512ms
511ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-rw-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa84a5453b4580d357e409198d46e8bc79b2257cfa607e1bd47826acf032c947

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 349439
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:43:02 GMT
server: cloudflare
etag: "dd50299792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026d9f8f19189-FRA

GET
H3 200 homepage-banner-parks-carousel-sz-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 358 KB
358 KB 1513ms
1511ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-sz-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbeee5eb65eb3d90fa4a4191e1c70b4391b7999d931658b9b45dd2c783194eb5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 366357
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:28:24 GMT
server: cloudflare
etag: "609d6dfd762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026d9f8f39189-FRA

GET
H3 200 background-d.jpg
www.mandai.com/content/dam/mandai/test/ 356 KB
356 KB 1807ms
1806ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/test/background-d.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93155145f364262848fc6be02a2a11420db20eaacba6b133e7e5d2c886381081

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=374277
alt-svc: h3=":443"; ma=86400
content-length: 364320
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 19 Oct 2023 10:24:59 GMT
server: cloudflare
etag: "67289983762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026d9f8f49189-FRA

GET
H3 200 conservation-banner-1920x933.jpg
www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/ 141 KB
142 KB 2071ms
2070ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/conservation-banner-1920x933.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d41e455bc8c1c6c5a4c44a09679dc43442b114adff9b22acbbc233976454518d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 144855
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:41:29 GMT
server: cloudflare
etag: "8c6453d1782da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026d9f8f69189-FRA

GET
H3 200 handlebars-v4.7.8.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 86 KB
27 KB 1867ms
1865ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/handlebars-v4.7.8.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af3841dc499956b7d3d3901729b8c559bdf3ed66f330223c34c45c5239338cb

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:42:59 GMT
server: cloudflare
etag: W/"807bd86792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbab2c9189-FRA

GET
H3 200 iscroll.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 33 KB
9 KB 201ms
199ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/iscroll.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d645043d620f67f7fbd869ace474b4909374c521f94938bcabf84fa1b2fb6c9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:36:29 GMT
server: cloudflare
etag: W/"8034631e782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbab2f9189-FRA

GET
H3 200 generatetoken.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 4 KB
1 KB 208ms
206ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/generatetoken.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96d8fb75c57238505a06aec235ced6e2e41eaaf13e88c7a043199fcc11e34b8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:41:41 GMT
server: cloudflare
etag: W/"80a05ad8782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbab319189-FRA

GET
H3 200 debounce.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 739 B
846 B 1874ms
1872ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/debounce.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

110973afe37ac008e0b5da625081cbdbe0da67ee31159d507bdd3f836c570b1e

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:18 GMT
server: cloudflare
etag: W/"b765fd8e762da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbab339189-FRA

GET
H3 200 storagePolyfill.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 5 KB
2 KB 1874ms
1872ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/storagePolyfill.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6ba8a1b52632276b87ea047f596c8e6e79d089f41b0b7e39e49dc24c78e5f0

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:48:15 GMT
server: cloudflare
etag: W/"804132c3792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbab349189-FRA

GET
H3 200 jquery.cookie.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 1880ms
1878ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.cookie.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc57c32c87c2cf440821e05e04701a71000cba21ef62c9b5a0f966928de369c

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:43 GMT
server: cloudflare
etag: W/"80711fb0792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbab359189-FRA

GET
H3 200 lodash.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 72 KB
27 KB 1873ms
1872ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/lodash.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb749862a50b4348496cc822f59db8e7101e17dd01773220dcc3662e2bab7c30

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:17 GMT
server: cloudflare
etag: W/"8024d88d762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbbb3f9189-FRA

GET
H3 200 jquery-ui.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 249 KB
68 KB 1883ms
1881ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery-ui.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:33:33 GMT
server: cloudflare
etag: W/"80bc7bb5772da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbbb439189-FRA

GET
H3 200 jquery.simplePagination.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 6 KB
2 KB 1911ms
1909ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.simplePagination.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dcb5252d9e8512336e041c3e62a9247c2b0a292ba6e9ee4f1b76e0e5fec265

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:48:38 GMT
server: cloudflare
etag: W/"0c7e7d0792da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dbbb459189-FRA

GET
H3 206 bird-paradise-paradise-is-here-1920x1080.mp4
www.mandai.com/content/dam/mandai/destination/masthead/ 4 MB
4 MB 1907ms
1906ms Media
video/mp4 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/content/dam/mandai/destination/masthead/bird-paradise-paradise-is-here-1920x1080.mp4

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce348c50da6c6ab72e823c91ba00d15653c230648325f6c4688ebd7ae5cb6ca

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 20 Oct 2023 09:14:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
Content-Range: bytes 0-3729645/3729646
alt-svc: h3=":443"; ma=86400
Content-Length: 3729646
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:57:38 GMT
server: cloudflare
etag: "39e4e4127b2da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dcdc989189-FRA

GET
H3 200 slick.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 41 KB
11 KB 4660ms
4660ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/slick.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f0c16d0ce5e099475f0c1638cc44098cd6f6874d2acea07b44b7559e3084d9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:25:38 GMT
server: cloudflare
etag: W/"07d5c9a762da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dcdc999189-FRA

GET
H3 200 jquery.matchHeight.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 4690ms
4689ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.matchHeight.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85833ef60a138b4ea9b905b53079cb8cc62ff61d8d0fde44048ed7491f980a8b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:35:48 GMT
server: cloudflare
etag: W/"01af35782da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026dcdc9b9189-FRA

GET
H2 200 app.js Show response
app.vouchconcierge.com/widget3/js/ 415 KB
416 KB 683ms
682ms Script
application/javascript 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/widget3/js/app.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0edc9a1eb59894a4ed60acf921163d13d1d078cda9a39cb575492f9b03c3f5d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .google-analytics.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com .stripe.com *.fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:41 GMT
x-amz-version-id: OsCp7zH1JtWE_L0B8Z3nt_sCQfMTkM5y
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
content-security-policy: script-src 'self' *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com *.fontawesome.com 'sha256-0uJRvY9oDTcI6qqrb0nPA/y/vSQ5AjYke39aqotXS4s=' 'sha256-OzIkmP2bQgjGaWaTgLnsFh23f00nRLHurLdg4xBCOR4=' 'sha256-bJv/fUXKmgFMB3+o43DZ7833092ZlQ6Rd/wGHGuLL0U=' 'sha256-bCpg78MgCGFztarFImodyBjPF6dDtwO+lkTn8v4Gny8=' 'sha256-dO+1dNe64f8iK8B03daJpAeqgmv56qzOrSd9L8kSJw0=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-kBZLXcYMwebGAgp4gyoD7PywKPiIlfWvq6dzqJPZIcI=';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 424729
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Sep 2023 06:36:41 GMT
server: AmazonS3
etag: "cbff1a163ac646a142c6270d89fc067f"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: XIspJfMAqx7Ki1UmmxkKKwt-LFSQ_HCcwo04I4c2XOQJU6PJIBQ3Fw==

GET
H3 200 header Show response
www.mandai.com/bin/wrs/ 52 B
567 B 2824ms
2824ms XHR
application/json 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/bin/wrs/header

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.mandai.com/en.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026e789269189-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 style Show response
bpr.vouchconcierge.com/api/v2/widget/ 22 KB
22 KB 1108ms
1107ms XHR
application/json 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/widget3/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

a61c15f8ba16566c44127a70e20f36262c2ca029ab233889213bbb25cb995ea1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Oct 2023 09:14:43 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 22075
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandai.com
etag: W/"563b-rEhI40P/FGfFnFYssPW9Yjvf4ZE"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 style
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 546ms
171ms Preflight 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type
Access-Control-Request-Method: GET
Origin: https://www.mandai.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mandai.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 20 Oct 2023 09:14:42 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 1626935178112.png
files.vouch.sg/files/60b9e36a547f7400165c552c/ 549 B
855 B 429ms
358ms Image
image/png 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/60b9e36a547f7400165c552c/1626935178112.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:44 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 06:26:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "7ba90422931f52be89d1284b77f8b016"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 549
x-amz-cf-id: 59dBtpb7N7_LkqRCwD3jIublaKdsJGSMqaCX-8QnphGp26QZj-Cc8A==

GET
H2 200 1655801521060.png
files.vouch.sg/files/613afb2ee42545001564fef5/ 514 B
820 B 271ms
201ms Image
image/png 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/613afb2ee42545001564fef5/1655801521060.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:44 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:51:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "200984452bb9c370ccc880fdd1c6adce"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 514
x-amz-cf-id: Jn-KHlLppw-ljbddt-dYwoJ9hUVS4gtxAVqVQNUj8daHS5KM5RaPoQ==

GET
H2 200 / Show response
app.vouchconcierge.com/bot/ Frame 8A68 2 KB
2 KB 719ms
718ms Document
text/html 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/widget3/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

71631f0023e8160b33d6730d79337f74d99456fbe43142fea1c26d733ac6f4ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com *.stripe.com blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
content-length: 1789
content-security-policy: script-src 'self' 'unsafe-inline' *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com blob: data:;
content-type: text/html
date: Fri, 20 Oct 2023 09:14:44 GMT
etag: "8e1114d1b0b4195b3c320fa8a36afb06"
last-modified: Wed, 27 Sep 2023 06:53:35 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-id: Yc0gHw8kYa2_qrvj-MaUklXv7gbDa5bYbRoZ9vb8s9QbkNa_-Su80w==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: mi6G3D2aI9v2JjEfRaja3Ta8Cn8MUFw6
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 chunk-vendors.13033fe1.js Show response
app.vouchconcierge.com/bot/js/ Frame 8A68 3 MB
3 MB 184ms
182ms Script
application/javascript 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ab308185fab87d6c7675a579a9f3071e467a5094ce7df3bf880d5681358ec850

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com *.stripe.com blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Origin: https://app.vouchconcierge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:45 GMT
x-amz-version-id: .IiHtXxi9ZM2u7wvlv3_41SWI6ard3p0
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
content-security-policy: script-src 'self' 'unsafe-inline' *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com blob: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3291451
last-modified: Wed, 27 Sep 2023 06:53:35 GMT
server: AmazonS3
etag: "4e3d87fe66646ece7fa80425533b4e6e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: qAhgEIWqgdNVloqSQqEmXY2jUAxCn_yzZ6pHQLsJdwWk5eVxPKcaaw==

GET
H2 200 app.d6a7295f.js Show response
app.vouchconcierge.com/bot/js/ Frame 8A68 269 KB
270 KB 757ms
756ms Script
application/javascript 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/js/app.d6a7295f.js

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6d9e98428177463bdda7c2a26bcb139df1484ef913611c15083dc00f2787b85c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com *.stripe.com blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Origin: https://app.vouchconcierge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:45 GMT
x-amz-version-id: .J9alYYtXMRxl4EkL79udlE1GHHChgf6
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
content-security-policy: script-src 'self' 'unsafe-inline' *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com blob: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 275459
last-modified: Wed, 27 Sep 2023 06:53:35 GMT
server: AmazonS3
etag: "572273fd810edf2b39526603205b4b73"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: OrdEEP6HHjGIcy4b1HypQqgArSucYf7QgfNYEUbSSAzddk4A5xL3MA==

GET
H2 200 chunk-vendors.8663072a.css
app.vouchconcierge.com/bot/css/ Frame 8A68 367 KB
368 KB 739ms
738ms Stylesheet
text/css 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/css/chunk-vendors.8663072a.css

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

af618a66111ed9bf071fd016d857728b8651e9464e0f60ca1ff51cbfe3abbc63

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com *.stripe.com blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:45 GMT
x-amz-version-id: A2p.aoLB2bL9mtOmrMwxejzLUtBmkZWB
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
content-security-policy: script-src 'self' 'unsafe-inline' *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com blob: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 375878
last-modified: Wed, 27 Sep 2023 06:53:35 GMT
server: AmazonS3
etag: "cb81afb1c5ecaa7bb4827cc11169337a"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: qONqQDg22cOQrU34H3ZecUsQAYaWzMocJa5J7AytZrgsc7XyeGjFAg==

GET
H2 200 app.53038d12.css
app.vouchconcierge.com/bot/css/ Frame 8A68 254 KB
255 KB 746ms
745ms Stylesheet
text/css 18.66.122.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vouchconcierge.com/bot/css/app.53038d12.css

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9ee7204c88673325f419cc410795b93034c782b12891f44f66e3049593f91303

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' .vouchconcierge.com onesignal.com .onesignal.com .google.com .googletagmanager.com .gstatic.com .lr-in.com .jsdelivr.net .smartlook.com *.stripe.com blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:45 GMT
x-amz-version-id: tfH_8ZUGzfOHWyCy.vTUxK7q4dRNpBNT
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
content-security-policy: script-src 'self' 'unsafe-inline' *.vouchconcierge.com onesignal.com *.onesignal.com *.google.com *.googletagmanager.com *.gstatic.com *.lr-in.com *.jsdelivr.net *.smartlook.com *.stripe.com blob: data:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 259938
last-modified: Wed, 27 Sep 2023 06:53:35 GMT
server: AmazonS3
etag: "d8f3258fee209d04abc91215024a0f00"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-store,no-cache,must-revalidate,proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: MiFUWf6lt5YTnUBTpp3ZYHj-_TjOqHRmt4PFubJpVKsxEVK5yPr-Qg==

GET
H3 200 ajax-loader.gif
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 3 KB
3 KB 505ms
505ms Image
image/gif 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/ajax-loader.gif

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.a8beff2af281d5346285c62fe00bc5c0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:44 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=4178, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 2592
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 19 Oct 2023 10:48:17 GMT
server: cloudflare
etag: "69b397c4792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 819026f99f839189-FRA

GET
H3 200 mandai-arrow-green-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 520ms
519ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa7eae80ef46e2ebb475c8a9fc67b18615e818f1c9f8197b4fb0944c849c789

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:54:09 GMT
server: cloudflare
etag: W/"118c7967a2da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026f9cfaa9189-FRA

GET
H3 200 mandai-arrow-green-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 516ms
515ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fea4280e8af070a44f949280e83d086408d3889188f1096b47700e086ce40bf

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 19 Oct 2023 10:47:44 GMT
server: cloudflare
etag: W/"525a2ab1792da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
cf-ray: 819026f9cfb29189-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 2 KB
643 B 88ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:04:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 1 KB
560 B 81ms
42ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Spectral

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ae2aa0c41cc024110a92e7457fd847c0a3e49e3ac2e81f3905dcdadd8c4c221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:14:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 1 KB
530 B 86ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yrsa

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d56ddb7a1b57e424963b293ef30c72c925d9a56e34d784f8bee3d5ef16d65f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:14:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 1 KB
556 B 80ms
41ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

def32acc1f3b6d1d2e88b997fe5eddaaf22f8c06730e527a61c6632ea5dd7092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 08:44:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8A68 8 KB
836 B 83ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&display=swap

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1c7fa88239175b75665aa8b7a4b465532bf32035841372f4adb24cbbe3cb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 07:40:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 2 KB
964 B 62ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:13:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 2 KB
632 B 81ms
44ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 07:21:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 737 B
452 B 82ms
44ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sanchez

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7c6976ad116c73c1cd362573becfdfcf06addef03198c58eca9f2d33ca1179d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:01:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 2 KB
603 B 80ms
43ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ad61e6094e5bdc2688ddf01cf03dcd97dc1a7ff7e26bda92c99d7d6e3184c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 07:29:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 2 KB
623 B 85ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39b752928c723222cf1a05d1a77a7f64ce5a8f055f3d1052ad03a2f2d6370265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:04:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 730 B
447 B 87ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 07:19:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 1 KB
542 B 86ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42f6b66e96de85486e161c09bf3d3eba7960066fa68b7d07c26f9b074bfbdfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 08:48:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 1013 B
496 B 84ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 07:36:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 758 B
462 B 83ms
46ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

898928b209be925c637c25dbff08f42a74700d87a67c6266a20f4a6cf9adf5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 08:19:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A68 2 KB
663 B 82ms
46ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/css/app.53038d12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a980ee924c42eec124ecd82fd69bc5a54b201421c80540c4188a0e180ca01ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 07:24:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:14:45 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-in.com/ Frame 8A68 821 KB
163 KB 143ms
58ms Script
text/javascript 2606:4700:3038::6815:ea91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2be5b9ca3b21d0c8757baf3ce05a2ce8bbb659de9ec1075fcc5be94fd07958fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-lcy-eglc8600064-LCY
last-modified: Thu, 19 Oct 2023 21:57:02 GMT
server: cloudflare
x-timer: S1697752810.618022,VS0,VE1
etag: W/"19369d400a606805ac1740354f4e94e664d1b635441d8ace5eb11f602b26d3e5-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAocesZACwesvbRBXC5Zr732N6esGYGbmaPzHykq1ZoBOPrlTCeGUaB8Hp9i6HLSK5%2Fa6fZ1NVkShpYU5xBKkMYG0rfcvKGrdt7vjlj4iBcyK9VJvzIwLrQyq0TeoiXtN3zPgjee9bD71Lxq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 81902705da48dd83-LHR
x-cache-hits: 1

GET
H2 200 sdk-hiKwpyzQp0LCEZ2W Show response
cdn.growthbook.io/api/features/ Frame 8A68 77 KB
5 KB 85ms
29ms Fetch
application/json 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-hiKwpyzQp0LCEZ2W
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 0600c751ac942557843be8c12d1640409ccd45b79fe3ddc26c021e3b24c5d940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-sse-support: enabled
date: Fri, 20 Oct 2023 09:14:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 119
x-powered-by: Express
x-cache: HIT, HIT
content-length: 4886
x-served-by: cache-iad-kcgs7200151-IAD, cache-fra-eddf8230026-FRA
x-timer: S1697793286.266343,VS0,VE1
etag: W/"13326-bDxCLxyoagKM/9+beyQMyRoPHeA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-sse-support
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 sdk-hiKwpyzQp0LCEZ2W
cdn.growthbook.io/sub/ Frame 8A68 14 B
0 112ms
111ms EventSource
text/event-stream 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-hiKwpyzQp0LCEZ2W
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://app.vouchconcierge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200145-IAD, cache-fra-eddf8230026-FRA
date: Fri, 20 Oct 2023 09:14:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 4
x-timer: S1697793286.318956,VS0,VE97
x-powered-by: Express
x-cache: HIT, MISS
content-type: text/event-stream
access-control-allow-origin: *
cache-control: private, no-store
accept-ranges: bytes
x-cache-hits: 5, 0

GET
BLOB 200
OK 04b30b05-5b5c-43ca-bd57-5de7319c66f8
https://app.vouchconcierge.com/ Frame 8A68 455 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vouchconcierge.com/04b30b05-5b5c-43ca-bd57-5de7319c66f8
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0e83b74292efeff0810a0c39283bca3fa8f5c4debd09775e048716ba8926491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 465762
Content-Type

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B183
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mV3OuGHZpAHm_TuJq4YIi2yUs-mgocnjJG21Kg&google_cm&google_hm=ay1tVjNPdUdIWnBBSG1fVHVKcTRZSWkyeVVzLW1nb2Nua...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mV3OuGHZpAHm_TuJq4YIi2yUs-mgocnjJG21Kg&google_gid=CAESEBetdIgWSGfK5CTqKhE89W8&google_cver=1&google_ula=913071,0

43 B
370 B

252ms
19ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mV3OuGHZpAHm_TuJq4YIi2yUs-mgocnjJG21Kg&google_gid=CAESEBetdIgWSGfK5CTqKhE89W8&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 529527
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mV3OuGHZpAHm_TuJq4YIi2yUs-mgocnjJG21Kg&google_gid=CAESEBetdIgWSGfK5CTqKhE89W8&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B183 43 B
146 B 268ms
13ms Image
image/gif 18.158.5.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-4UpUS2HZpAHm_TuJq4YIi2yUs-k7sboGoO08HA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.5.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-5-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B183
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1432847696766110155

43 B
370 B

164ms
26ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1432847696766110155

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6934707
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:46 GMT
an-x-request-uuid: a780208a-6c32-410c-8826-6bda19355d0d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1432847696766110155
x-proxy-origin: 80.255.10.201; 80.255.10.201; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B183 53 B
785 B 322ms
48ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-cqzfiGHZpAHm_TuJq4YIi2yUs-lzAhW7x1rsCA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:14:46 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 20 Oct 2023 09:14:46 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B183 0
239 B 345ms
18ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-VvpXNGHZpAHm_TuJq4YIi2yUs-lmPL1DZqSM-A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame B183 43 B
114 B 281ms
26ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-yj3xSmHZpAHm_TuJq4YIi2yUs-ncswC_AyMAwg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B183 0
99 B 374ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KItLRmHZpAHm_TuJq4YIi2yUs-nXibWT6nJw9g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20841

GET
H2 200 um
criteo-sync.teads.tv/ Frame B183 23 B
163 B 291ms
37ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-l1SqyGHZpAHm_TuJq4YIi2yUs-kVbMc-rFmt2Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 09:14:46 GMT
pragma: no-cache
date: Fri, 20 Oct 2023 09:14:46 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B183 37 B
140 B 283ms
20ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-ufscvWHZpAHm_TuJq4YIi2yUs-l9qDJ8Hai72g&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame B183 0
125 B 281ms
18ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Dj4A3GHZpAHm_TuJq4YIi2yUs-nMlaynpb1R5w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame B183 43 B
163 B 291ms
28ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-DoRO72HZpAHm_TuJq4YIi2yUs-nvBBtG9tUvWA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
last-modified: Thu, 11 May 2023 08:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "645cabc9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B183 49 B
384 B 295ms
42ms Image
image/gif 63.34.140.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-zzzZ7mHZpAHm_TuJq4YIi2yUs-n-Pv3xm_NUxw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.140.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-140-194.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:46 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 5
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame B183
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WF6_DWHZpAHm_TuJq4YIi2yUs-mJ9-4lUk-Nzw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WF6_DWHZpAHm_TuJq4YIi2yUs-mJ9-4lUk-Nzw&C=1

43 B
548 B

33ms
32ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WF6_DWHZpAHm_TuJq4YIi2yUs-mJ9-4lUk-Nzw&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9U5HOffin5n8Nk0m1MTaBIwzyxyAIPyT68mN%2BC6UkCLXcvNuqz6A7xPdEODTs8k0UVd%2BVslt%2F8NHLGJgC43VgIRuBn2tbpOjRmVFwZZV%2F2YvlJQF4XULwbGYG1JDZhicRe4N"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8190270bcb6c30d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5DfPQvNhy4e8FWU%2B8Iw4efnujfqEsdXbP2vpc%2B72QjI6pzfCUPrPWgHuzC2vCjDaKqL6x84Stcm3U35Ap3djmyQe2mJovD122IkWEpceDAxLxAlkI577ka4lJnlwK78xfqo"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-WF6_DWHZpAHm_TuJq4YIi2yUs-mJ9-4lUk-Nzw&C=1
cache-control: no-cache
cf-ray: 8190270b6b0630d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=eAyN-0rq1HA5-jIj-akOVTCml-46P-kr
dpm.demdex.net/ Frame B183
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eAyN-0rq1HA5-jIj-akOVTCml-46P-kr

42 B
942 B

200ms
43ms

Image
image/gif

52.211.144.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eAyN-0rq1HA5-jIj-akOVTCml-46P-kr

Protocol

HTTP/1.1

Server

52.211.144.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-144-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v052-03d304291.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ex7OFK94Sl0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eAyN-0rq1HA5-jIj-akOVTCml-46P-kr
date: Fri, 20 Oct 2023 09:14:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 635618
content-length: 0

GET
H2 200 match
ad.360yield.com/ Frame B183 43 B
199 B 587ms
186ms Image
image/gif 52.48.146.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Cb8rEGHZpAHm_TuJq4YIi2yUs-lLCiQss2NWMg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.48.146.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 Oct 2023 09:14:47 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame B183 42 B
274 B 342ms
21ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-u_AqbWHZpAHm_TuJq4YIi2yUs-kON_4B4OPrPw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B183 0
882 B 346ms
25ms Image
text/html 18.193.87.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dRFsjmHZpAHm_TuJq4YIi2yUs-nxZcwHdlfceQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.87.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-87-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:47 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame B183 43 B
422 B 2530ms
939ms Image
image/gif 54.149.47.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-2bp6vWHZpAHm_TuJq4YIi2yUs-nLVk0rHE4S-g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.47.18 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:48 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B183 0
145 B 544ms
96ms Image
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-jIPUdmHZpAHm_TuJq4YIi2yUs-mccaucjnTk2A&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 09:14:47 GMT
Cache-Control: no-cache
X-TraceId: 24cdb7e93226217de05bb5fea58cc137
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B183 42 B
581 B 141ms
25ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-tqlkbWHZpAHm_TuJq4YIi2yUs-ng5ZcIS6HiJg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 09:14:46 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B183 0
35 B 357ms
16ms Image
text/plain 3.69.99.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-hlRmYWHZpAHm_TuJq4YIi2yUs-lEgLPykv8Ing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.99.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-99-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:47 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B183 43 B
399 B 399ms
88ms Image
image/gif 2600:1f18:612b:4280:24b1:82d2:577f:c7f2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-gVa2TmHZpAHm_TuJq4YIi2yUs-ngToYvggdEkw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:24b1:82d2:577f:c7f2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 20 Oct 2023 09:14:47 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B183 43 B
153 B 333ms
30ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-qL_C2mHZpAHm_TuJq4YIi2yUs-n9797rUkOOZA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 Oct 2023 09:14:47 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B183 0
235 B 69ms
26ms Image
text/plain 23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-TEUHeGHZpAHm_TuJq4YIi2yUs-nqE1jfQ8DK1w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 09:14:47 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 19 Oct 2023 09:14:47 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B183 0
38 B 196ms
42ms Image
text/plain 34.255.244.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-2ENihGHZpAHm_TuJq4YIi2yUs-n1ipTVP2P5Iw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.244.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:47 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame B183 0
44 B 144ms
11ms Image
text/plain 52.59.106.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-_IcFHWHZpAHm_TuJq4YIi2yUs-lK0Z4QZbONpA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.106.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-106-121.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:47 GMT
server: awselb/2.0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8A68 15 KB
16 KB 57ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouchconcierge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 18474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 04:06:52 GMT

GET
H2 200 style Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 8A68 22 KB
22 KB 672ms
671ms XHR
application/json 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

a61c15f8ba16566c44127a70e20f36262c2ca029ab233889213bbb25cb995ea1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Fri, 20 Oct 2023 09:14:47 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 22075
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"563b-rEhI40P/FGfFnFYssPW9Yjvf4ZE"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 style
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 172ms
170ms Preflight 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 20 Oct 2023 09:14:46 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame B183 0
15 B 23ms
20ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-Dj4A3GHZpAHm_TuJq4YIi2yUs-nMlaynpb1R5w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame B183 43 B
853 B 16ms
16ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-N-ETUGHZpAHm_TuJq4YIi2yUs-lxgV4Rc8QloA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:46 GMT
an-x-request-uuid: 089b60f1-4ee5-4609-826a-8b96d1dd7a75
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.201; 80.255.10.201; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B183
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pQ0KGL_GWi6n3oehtRe3RzrKjaRVdnfx

0
338 B

145ms
39ms

Image
text/plain

52.210.15.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pQ0KGL_GWi6n3oehtRe3RzrKjaRVdnfx
Protocol: H2
Server: 52.210.15.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Fri, 20 Oct 2023 09:14:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1697793287
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pQ0KGL_GWi6n3oehtRe3RzrKjaRVdnfx
date: Fri, 20 Oct 2023 09:14:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 720777
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame B183
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XBE1RnmzD3EBbCL8Azhiys8yjZYwJTfR

35 B
268 B

896ms
126ms

Image
image/gif

3.136.99.86

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XBE1RnmzD3EBbCL8Azhiys8yjZYwJTfR
Protocol: H2
Server: 3.136.99.86 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:14:48 GMT
x-bt-requestid: 1e0a7c50-6f29-11ee-88c8-0000ac17034f
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XBE1RnmzD3EBbCL8Azhiys8yjZYwJTfR
date: Fri, 20 Oct 2023 09:14:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 991428
content-length: 0

OPTIONS
H2 204 configs
vouch-api.vouchconcierge.com/core/api/v2/widget/ Frame 0
0 1255ms
1160ms Preflight 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vouch-api.vouchconcierge.com/core/api/v2/widget/configs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
date: Fri, 20 Oct 2023 09:14:48 GMT
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 configs Show response
vouch-api.vouchconcierge.com/core/api/v2/widget/ Frame 8A68 38 B
360 B 293ms
292ms XHR
application/json 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vouch-api.vouchconcierge.com/core/api/v2/widget/configs
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4edb8c14ee0fbe88d962c0e767cc71f5afa62b61a7c4141fefd62de0a9dbafe3

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Fri, 20 Oct 2023 09:14:49 GMT
x-powered-by: Express
etag: W/"26-MTspz4ZSQcWSuGwg7Pi2i5vOSng"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
access-control-allow-credentials: true
content-length: 38

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 8A68 16 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouchconcierge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:19:16 GMT
x-content-type-options: nosniff
age: 53731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16292
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:19:16 GMT

POST
H2 429 / Show response
o412878.ingest.sentry.io/api/6013215/envelope/ Frame 8A68 198 B
600 B 114ms
46ms Fetch
application/json 34.120.195.249

General

Check archive.org

Show headers Download Go to

Full URL

https://o412878.ingest.sentry.io/api/6013215/envelope/?sentry_key=b1bb39461ded4ea69691618431dc6229&sentry_version=7

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.vouchconcierge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 09:14:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-sentry-rate-limits: 39:transaction;profile:organization:transaction_usage_exceeded
retry-after: 39

GET
H2 200 defaultlang Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 8A68 168 B
885 B 278ms
276ms XHR
application/json 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Fri, 20 Oct 2023 09:14:49 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 168
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"a8-ABMHoOoyasvFFdqjZUdfsSlL5hk"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 defaultlang
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 175ms
173ms Preflight 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 20 Oct 2023 09:14:49 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 defaultlang Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 8A68 168 B
885 B 369ms
367ms XHR
application/json 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot/js/chunk-vendors.13033fe1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Fri, 20 Oct 2023 09:14:50 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 168
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"a8-ABMHoOoyasvFFdqjZUdfsSlL5hk"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 defaultlang
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 217ms
207ms Preflight 54.151.167.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.151.167.37 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-151-167-37.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 20 Oct 2023 09:14:49 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 1631504305444.jpeg
files.vouch.sg/files/613afb2ee42545001564fef5/ Frame 8A68 10 KB
10 KB 361ms
361ms Image
image/jpeg 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/613afb2ee42545001564fef5/1631504305444.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6de5fcc37139444f3f1d43d5a67dbdd795abb9faed69461dd0d1ab6e946db80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:14:51 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 03:38:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "45bddc0c3bf12a11b30d8edc7c8c86a1"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-length: 9967
x-amz-cf-id: NRn25qBp81rht3eGPyxSwKeAjKPvwguirJLCFnr-KPWUxHJl0myNDg==

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: yauAfWPGrzE
.youtube.com/	1970-01-20 19:55:45	Name: VISITOR_INFO1_LIVE Value: Mh1741jxTJA
.mandai.com/	1970-01-20 17:46:09	Name: _gcl_au Value: 1.1.1754038974.1697793275
www.mandai.com/	1970-01-21 01:12:33	Name: wcs_bt Value: s_4e5eb1ff922a:1697793274
.mandai.com/	1970-01-20 15:36:35	Name: tfpsi Value: 41ea1982-72c8-41dd-9084-7d2455f432ca
.tiktok.com/	1970-01-21 00:58:09	Name: _ttp Value: 2X1Om7Kk0plFKp3VZ4JYFtQspNX
.mandai.com/	1970-01-20 17:46:09	Name: _fbp Value: fb.1.1697793275016.650429014
.doubleclick.net/	1970-01-21 00:58:09	Name: IDE Value: AHWqTUkwqXQTSYPBxAivLXPWqrPbubALNjmRkvC4OCLlnEU015Kmur819pYxAfVp
.criteo.com/	1970-01-21 00:58:09	Name: uid Value: 08736ae2-b172-4fbe-8d83-ed7cd82b4a3f
.quantserve.com/	1970-01-20 17:46:09	Name: d Value: EM8BBgGdKgISAeqKvw2e6bRu
.quantserve.com/	1970-01-21 01:06:47	Name: mc Value: 653244fb-4282a-58703-7a0ec
.demdex.net/	1970-01-20 19:55:45	Name: demdex Value: 67962751689953912291238125510712411938
.mandai.com/	1970-01-21 00:58:09	Name: _tt_enable_cookie Value: 1
.mandai.com/	1970-01-21 00:58:09	Name: _ttp Value: UIx6Nl7WT1dfvHbuLNvqOjaJlZi
.mandai.com/	1970-01-21 01:01:02	Name: __qca Value: P0-1482268619-1697793274934
.mandai.com/	1970-01-21 01:05:21	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_identity Value: CiY2ODI1MDk5NTEyODc2MTkxNTcyMTI4MTI5NTA0MDczMDU0NTgwM1ITCPPq9eK0MRABGAEqBElSTDEwAPAB8-r14rQx
.mandai.com/	1970-01-20 15:36:35	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_cluster Value: irl1
.mandai.com/	1970-01-21 00:58:09	Name: AMCV_44243DF7584A9D790A495ECF%40AdobeOrg Value: MCMID\|68250995128761915721281295040730545803
.mandai.com/	1970-01-21 01:05:57	Name: cto_bundle Value: 7PGrgl9qeCUyQmQlMkJPbmpqWnpHJTJCVHBsampydzJnN0F4T3F0NTVyMlJKRDRNJTJCZnFLQzJ1M0N2ZiUyQld5dUVlVHNqU1B3WTFuUTR5T1NBREdOd25nVDB6NCUyRmFnMUZhTnF0VmJ3JTJCUHhCQUFlbDRDTWpIYnN6WiUyRnI0ZE9tWkhkRTNlSGdJbW9ESExYQWoyY0k4VzZmeU15b0RZT01iNlZRJTNEJTNE
.adnxs.com/	1970-01-20 17:46:09	Name: uuid2 Value: 1432847696766110155
.adform.net/	1970-01-20 16:21:11	Name: C Value: 1
.sojern.com/	1970-01-21 00:22:09	Name: gid Value: CAESEI0Ez0dC8ChI7Qv2Zy9P4Jw
.sojern.com/	1970-01-21 00:22:09	Name: cid Value: 946626da-0fa4-0aef-9bd8-a0405aa024fa#1697760000000
.sojern.com/	1970-01-20 17:46:09	Name: apnid Value: 1432847696766110155
.adform.net/	1970-01-20 17:02:57	Name: uid Value: 2217950860191276270
.sojern.com/	1970-01-21 00:22:09	Name: adfid Value: 2217950860191276270
.yahoo.com/	1970-01-21 00:22:30	Name: A3 Value: d=AQABBPxEMmUCEHg9Qlg_govrPJwbgd0A5PYFEgEBAQGWM2U8ZeAYyiMA_eMAAA&S=AQAAAs8sWXk5S5_154FpL4mPug0
.wcs.naver.com/	1970-01-21 01:12:33	Name: NWB Value: 15c004e932adf48eaa91ebee9af85ccb.1697793275753
.mandai.com/	1970-01-21 00:22:09	Name: cf_clearance Value: 1DmYrqIpXuGP7gitxFfM58Ox2bif.IceauHCRSF3z_w-1697793279-0-1-e2d0bad3.4369cdf.d4a275c0-0.2.1697793279
www.mandai.com/	1969-12-31 23:59:59	Name: renderid Value: rend02
www.mandai.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: node0tioej4zxxoqykmtyo6ii54kd369665.node0
www.mandai.com/	1969-12-31 23:59:59	Name: svrid Value: s223
.omnitagjs.com/	1970-01-20 16:19:45	Name: ayl_visitor Value: fc9cc0764535a38ecad918d4c192248a
.adnxs.com/	1970-01-20 17:46:09	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2H`eEc^05!@wnfH1YdP.dEXlSkiwMqTcI%rPeM[peLk.?]1:v))^kz@$NqDVtBJoEjPBI(]aiR1.%SkI`D4]9RFMZ9T5_m!wy:w+0LvB
.media.net/	1970-01-21 00:22:09	Name: visitor-id Value: 3407948869172169000V10
.media.net/	1970-01-20 16:19:45	Name: data-c-ts Value: 1697793286
.media.net/	1970-01-20 16:19:45	Name: data-c Value: k-cqzfiGHZpAHm_TuJq4YIi2yUs-lzAhW7x1rsCA~~3
.casalemedia.com/	1970-01-21 00:22:09	Name: CMID Value: ZTJFBn1cm77JEzweaROn7AAA
.casalemedia.com/	1970-01-20 17:46:09	Name: CMPS Value: 2153
.casalemedia.com/	1970-01-20 17:46:09	Name: CMPRO Value: 2153
.pubmatic.com/	1970-01-20 16:19:45	Name: KRTBCOOKIE_97 Value: 3385-uid:k-tqlkbWHZpAHm_TuJq4YIi2yUs-ng5ZcIS6HiJg&KRTB&23144-uid:k-tqlkbWHZpAHm_TuJq4YIi2yUs-ng5ZcIS6HiJg&KRTB&23286-uid:k-tqlkbWHZpAHm_TuJq4YIi2yUs-ng5ZcIS6HiJg&KRTB&23287-uid:k-tqlkbWHZpAHm_TuJq4YIi2yUs-ng5ZcIS6HiJg
.pubmatic.com/	1970-01-20 16:19:45	Name: PugT Value: 1697793286
exchange.mediavine.com/	1970-01-20 15:56:42	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%221d5b0270-6f29-11ee-a7ef-2365f67ea921%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:56:42	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221d5b0270-6f29-11ee-a7ef-2365f67ea921%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:56:42	Name: am_tokens Value: %7B%22mv_uuid%22%3A%221d5b0270-6f29-11ee-a7ef-2365f67ea921%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:56:42	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221d5b0270-6f29-11ee-a7ef-2365f67ea921%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:56:42	Name: criteo Value: %7B%22id%22%3A%22k-dRFsjmHZpAHm_TuJq4YIi2yUs-nxZcwHdlfceQ%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/	1970-01-20 19:55:45	Name: dpm Value: 67962751689953912291238125510712411938
.tremorhub.com/	1970-01-21 00:22:30	Name: tvid Value: b729ce084fcf418595cccf844cfffd59
.tremorhub.com/	1970-01-20 16:19:45	Name: tv_UICR Value: k-gVa2TmHZpAHm_TuJq4YIi2yUs-ngToYvggdEkw
.krxd.net/	1970-01-20 19:55:45	Name: _kuid_ Value: P3bEGka4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.mandai.com/en.html(Line 60) Message: <link rel=preload> has an unsupported `type` value
network	error	URL: https://o412878.ingest.sentry.io/api/6013215/envelope/?sentry_key=b1bb39461ded4ea69691618431dc6229&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11432329.fls.doubleclick.net
a.twiago.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
adobedc.demdex.net
adservice.google.com
adservice.google.de
analytics.tiktok.com
app.vouchconcierge.com
assets.adobedtm.com
beacon.krxd.net
beacon.sojern.com
bpr.vouchconcierge.com
c1.adform.net
cdn.growthbook.io
cdn.lr-in.com
cm.adform.net
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fcmatch.google.com
fcmatch.youtube.com
files.vouch.sg
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
insight.adsrvr.org
jadserve.postrelease.com
js-tag.zemanta.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
o412878.ingest.sentry.io
p.teads.tv
p1.zemanta.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
r.casalemedia.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.thebrighttag.com
s.yimg.com
s7.addthis.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.sojern.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.teads.tv
ups.analytics.yahoo.com
visitor.omnitagjs.com
vouch-api.vouchconcierge.com
wcs.naver.com
wcs.naver.net
widget.as.criteo.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.mandai.com
www.youtube.com
x.bidswitch.net
104.18.26.193
107.178.244.119
110.93.147.30
141.226.228.48
142.250.185.230
142.250.185.66
142.250.186.102
151.101.129.91
172.217.16.194
178.250.1.9
18.158.5.115
18.193.87.68
18.66.122.117
18.66.97.26
182.161.74.16
184.30.20.22
185.64.191.210
185.86.139.94
2.16.97.41
2.18.161.51
212.82.100.181
23.212.205.62
23.215.20.4
23.32.185.192
23.53.43.185
2600:1f18:612b:4280:24b1:82d2:577f:c7f2
2600:9000:223c:fe00:6:44e3:f8c0:93a1
2606:4700:10::ac43:247d
2606:4700:3038::6815:ea91
2606:4700::6812:6004
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1288:80:807::2
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:480:980::1e80
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.136.99.86
3.69.99.248
3.71.149.231
34.117.157.22
34.120.195.249
34.255.244.27
35.244.188.9
37.157.2.229
37.157.6.243
37.252.172.123
52.210.15.67
52.211.144.29
52.223.40.198
52.48.146.251
52.59.106.121
54.149.47.18
54.151.167.37
63.140.62.164
63.34.140.194
69.173.144.138
70.42.32.255
76.223.111.18
85.215.5.31
0135f22780f6e4558f5b4c0723b00aa5b83224d78565daa4ef155f2ca6f5b153
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0600c751ac942557843be8c12d1640409ccd45b79fe3ddc26c021e3b24c5d940
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
099040eb47363eec5e39db282c36658387ce5310e2bb24544d7b56051e2138b6
0a4bee997fb047efa04e748c15937d8cdd1221a0ba420fb0153dbca2dc4e8fd7
0a8f1934beae71be11ac02309674df7b612b5884928c43b22229ba10ccd1cc91
0b045b70ae477fed438b0646acb38278f1663a8d2301fb1799f258e996587851
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2d49da5049f8a2216cb829247d10c62b288f085b41a70df038c60cf50f1132
0ce01cfe66fc60def0f266cd8c7b1acb7e20a751f620fd3cc9aea008bf128ae9
0d31cf1561041c9811ed464bb9219b61e144ebd6881e685aadb637a930637dbc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0edc9a1eb59894a4ed60acf921163d13d1d078cda9a39cb575492f9b03c3f5d1
0fa7eae80ef46e2ebb475c8a9fc67b18615e818f1c9f8197b4fb0944c849c789
0fc57c32c87c2cf440821e05e04701a71000cba21ef62c9b5a0f966928de369c
110973afe37ac008e0b5da625081cbdbe0da67ee31159d507bdd3f836c570b1e
11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e
12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
1a461faa9da67cc30ed1e8fe5367bd7b3a20ff12638c13a533c58ef18d72cb12
1d6a35f7d2b84b161c42210e7a341fbeb41fd0ed1a9a06dee11a11113ed5dc50
1fea4280e8af070a44f949280e83d086408d3889188f1096b47700e086ce40bf
24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2
26c91a5271a33657fd4b086ee7c80da12f5bf5e94fd466583f5ef4febfe7890a
270c8f402a1eb1fe4617d33b37944b6e59c50d0aeb4605500f38f08cefc03191
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
2931a2192744d0d20f804ea197ff9606bd711b9647419f7cfa7491dec5f2bc66
2be5b9ca3b21d0c8757baf3ce05a2ce8bbb659de9ec1075fcc5be94fd07958fb
3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3326e61fd69bdd39b71b359ce95168787a017ea0249dffcad5defa31c16aabdc
37eeaa67d12f7ca53b3504eb0ca468e061e668ebadd8ca90489dc880e0dc2386
39b752928c723222cf1a05d1a77a7f64ce5a8f055f3d1052ad03a2f2d6370265
3b333113819590fa035dbec4f092d483ed573f4726e6cf00e31005f8ec6d45a1
3b628f4d6ec810c1fc5b51ca0a7924a5e447760f5835223f6b7b5600e968a412
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c53b96b8080c75f150ac0c0dcdb10053a2eaf812ef83317d936ce53bf2e1322
3d645043d620f67f7fbd869ace474b4909374c521f94938bcabf84fa1b2fb6c9
3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14
4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc
42f6b66e96de85486e161c09bf3d3eba7960066fa68b7d07c26f9b074bfbdfc5
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265
4a1d296c535560ec04536aabeec30f421864841b7d68fcece7ecc043b21b5e18
4aa4822ab967e2a84dac962912a9b115d49e81a13268eb4ba0051906270813ba
4ad13d34a45356e68d3a6c7969fc7ab9d4d5dc27c43aa8f101fec2b1ac588092
4ae2aa0c41cc024110a92e7457fd847c0a3e49e3ac2e81f3905dcdadd8c4c221
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edb8c14ee0fbe88d962c0e767cc71f5afa62b61a7c4141fefd62de0a9dbafe3
4fe705d6d521b2088db2aaf7c12c4840d120cb95a277dff1e1d20cb4d5487780
53020f00d151c02c52ae5351e5096874b7a3238be354b7b75091763af0037c05
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554897823e2d49ec098fb07b1e040e16134b9c446857f5484b403397bc47d9cc
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
575c841f2c42e50f9a667fdf40d542e817418e3a2afe2f3e934e26810999e5b0
58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4
59dcb5252d9e8512336e041c3e62a9247c2b0a292ba6e9ee4f1b76e0e5fec265
5ad61e6094e5bdc2688ddf01cf03dcd97dc1a7ff7e26bda92c99d7d6e3184c3e
5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7
5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f
5c36913400a7eb38217942d8c4d3630f6f4b5837ef205ee906ac9cca9fd6bb3d
5d56ddb7a1b57e424963b293ef30c72c925d9a56e34d784f8bee3d5ef16d65f8
6436400d015db6bcbf0dcce1cf4d6fc77e7c7de93dff3ff78e54a51c747ea22e
64729bab868cdce99817edb01de817763a58dd4b7752f691ad354a390e54e892
6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35
6d9e98428177463bdda7c2a26bcb139df1484ef913611c15083dc00f2787b85c
6de5fcc37139444f3f1d43d5a67dbdd795abb9faed69461dd0d1ab6e946db80b
70d0e69bced02a7940b5f34440fa8d81c33288b27c885eb90120890174768174
71631f0023e8160b33d6730d79337f74d99456fbe43142fea1c26d733ac6f4ff
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee
7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6
821d53cb720d093124330c4d03764e6d845313546f59c2516b8785a6c596dbc4
8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85833ef60a138b4ea9b905b53079cb8cc62ff61d8d0fde44048ed7491f980a8b
8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f
88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2
898928b209be925c637c25dbff08f42a74700d87a67c6266a20f4a6cf9adf5a0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f
93155145f364262848fc6be02a2a11420db20eaacba6b133e7e5d2c886381081
94a7497b4acc6da46e530c36f90da8478e910c377e6c0ab0cc46e64fa140bebe
9561327d88b1af3a3af6e817b60fc0e7da524b543dd0e8122bed75878f6885e3
9af3841dc499956b7d3d3901729b8c559bdf3ed66f330223c34c45c5239338cb
9b415dfbbc7767fd0a5437dc0e4caa3b903fc0ce01987ec241ebb9abdc80a1e5
9c3a2e32273364c535dea0f502a5de525fa9af1ecab9b3f855b534442f4ad264
9ce348c50da6c6ab72e823c91ba00d15653c230648325f6c4688ebd7ae5cb6ca
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85
9df2ebf3a9633ac9fa0f83e21c35b2677dc37712a6d94989cd1085cd6bbd49f8
9e6ba8a1b52632276b87ea047f596c8e6e79d089f41b0b7e39e49dc24c78e5f0
9ee7204c88673325f419cc410795b93034c782b12891f44f66e3049593f91303
9f0a0a2b95c9ee3ce51e2c5c313fd362561b929e28e6b28c84721a6a0bfe4f5f
a00b82a238c45d6d963b32a3e1dd0532bcdef24d8043796c300b3ab896165294
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a19f9d53b1889a821b5ed19e30d6528694b346b6639a5d5546a7e4609d8e3668
a2074c9401cd07a01c79cdae18b7be41091c4d7dbb7ca7240265f7047f11f680
a2c1dd01db85a00fb60520dce8e9fbce9e80ef72b602a6750689fe606fb626e8
a39d168db13e4849157fe4a52082eff9c45c9fd24dc78146c2cf521ed0698089
a61c15f8ba16566c44127a70e20f36262c2ca029ab233889213bbb25cb995ea1
a96d8fb75c57238505a06aec235ced6e2e41eaaf13e88c7a043199fcc11e34b8
a980ee924c42eec124ecd82fd69bc5a54b201421c80540c4188a0e180ca01ac0
aa84a5453b4580d357e409198d46e8bc79b2257cfa607e1bd47826acf032c947
ab308185fab87d6c7675a579a9f3071e467a5094ce7df3bf880d5681358ec850
acfb1208b41f03a6b58167b40c9a6e006464c1b09c3a508cc11b4225f5bcc96f
af2c69fbfaa544867d6259b65ff86895b20e12fbe0618f02ecdd4f82bcd5558a
af618a66111ed9bf071fd016d857728b8651e9464e0f60ca1ff51cbfe3abbc63
b0e83b74292efeff0810a0c39283bca3fa8f5c4debd09775e048716ba8926491
b0f0c16d0ce5e099475f0c1638cc44098cd6f6874d2acea07b44b7559e3084d9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2edc21754409f966994ef527c1f62f80126fcd7ae38c69b36f05f4c14211a64
b35d72382942c6421be18314f91925ca5baabc9264ce340d1e7e00edbc1dfdc3
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b8c95880c191331a9fd82216001770860fff83dcd5d9a94af99602adb2f75d8b
b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb238435f872fc9384b0df1fb07281b344f70944b2412e9eae94971b0037c9ca
bbeee5eb65eb3d90fa4a4191e1c70b4391b7999d931658b9b45dd2c783194eb5
c5f34e29ea4cba890b6175a5a447cf3ccc4596cc8642daf72af0e666b43536a4
ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899
cb749862a50b4348496cc822f59db8e7101e17dd01773220dcc3662e2bab7c30
ce682800428034e21a8aa80f656c1fd7bd269c9b2d6c1f5659633d8662fa2b0e
cfa33266a8b7bc1c4e2cdfd0ac436789f575a6c44e526646fc2641b1d01e8689
d0d2564dad7691b834578f98024cf78d472e1d6700cf3703563fce1065818dcb
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
d26d5391c3fd298af377388f1537f4e694f8b79977f658cb5d4e72dbdf19d603
d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12
d41e455bc8c1c6c5a4c44a09679dc43442b114adff9b22acbbc233976454518d
d648c9d116f94054bfe843ae8a909f6381fe2d1ef27cdda85423b195701f16ca
d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18
dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb
dec3ee94015ab8995b08dc529e22919863b5c0ff68e43b0e3df390fb9f7c3f2a
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
def32acc1f3b6d1d2e88b997fe5eddaaf22f8c06730e527a61c6632ea5dd7092
e10b6bc33ca4bd9ee1c9a1c6802d503b937f9466c375de55bdee501b92153d15
e2f8af767e0d56e93f34eaa875d9e9b308f720b599da6094dce10b470e35aa24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77de65c6d493bb9e0baeba170afd33b4b271c9a0831b0e6877880352c8a0a7f
e7c6976ad116c73c1cd362573becfdfcf06addef03198c58eca9f2d33ca1179d
e9b53441ece740f3f0e8bf0945450ea7f5b2ca69ced69663d5a45a647ab49d67
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19c0a1483810e10f60f6db0a7cfbe846db99f93be0bc51af190ff2208bfb4d3
f25549cf31a55882533bfaf8a9ada58770b8de823e08e7b2f7fb3f4958f82ba2
f33d2e79191cc09d3e442d3dc03a2aad357b756de32bc3911fe67f6985881326
f4228e5998908dd9498dcba6ecc6fa95f520992345e709cba837a006960cd9c2
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77fb75a758288d7e7f8a20c64a77a0a0234894c9f54845b3e4b9f61b400f7a0
fb1c7fa88239175b75665aa8b7a4b465532bf32035841372f4adb24cbbe3cb0c
fbebbdd6a650e05128293aaee829cc374d9f9c9d9afdd2d30858eaf93aaa62fd
fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5

www.mandai.com Open in urlscan Pro 2606:4700::6812:6004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

214 Requests

93 %HTTPS

33 %IPv6

55 Domains

81 Subdomains

68 IPs

10 Countries

12900 kBTransfer

18529 kBSize

51 Cookies

16 Outgoing links

Page URL History

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandai.com Open in urlscan Pro
2606:4700::6812:6004 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

93 %
HTTPS

33 %
IPv6

55
Domains

81
Subdomains

68
IPs

10
Countries

12900 kB
Transfer

18529 kB
Size

51
Cookies

214 HTTP transactions
3 data transactions