www.mandai.com Open in urlscan Pro
2606:4700::6812:6004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mandai.com/
Effective URL:
https://www.mandai.com/en.html
Submission: On September 25 via manual (September 25th 2022, 8:11:54 am UTC) from SG — Scanned from DE

Summary HTTP 194 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 30 domains to perform 194 HTTP transactions. The main IP is 2606:4700::6812:6004, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandai.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 24th 2022. Valid for: a year.

This is the only time www.mandai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:5f04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 78	2606:4700::68... 2606:4700::6812:6004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.51.9.157 184.51.9.157	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3 10	52.222.236.76 52.222.236.76	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 3	34.250.104.41 34.250.104.41	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3 7	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	79.125.44.37 79.125.44.37	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	52.17.180.229 52.17.180.229	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206e:4c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223d:ea00:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:402... 2a00:1450:4025:402::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
4	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
8	18.138.2.111 18.138.2.111	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.64 18.66.97.64	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:cefe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	() ()
194	39

1 2606:4700::6812:5f04 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 2606:4700::6812:6004 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.157 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-157.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.222.236.76 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-76.fra56.r.cloudfront.net

app.vouch.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.104.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-104-41.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.230 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

11432329.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.44.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-44-37.eu-west-1.compute.amazonaws.com

wrs.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.180.229 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-180-229.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:4c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:ea00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.138.2.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

bpr.vouch.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-64.fra56.r.cloudfront.net

files.vouch.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cefe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (None, )

ASN- ()

o412878.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	mandai.com 2 redirects mandai.com www.mandai.com smetrics.mandai.com	8 MB
21	vouch.sg 3 redirects app.vouch.sg — Cisco Umbrella Rank: 467524 bpr.vouch.sg — Cisco Umbrella Rank: 582002 files.vouch.sg — Cisco Umbrella Rank: 896348	1 MB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	8 KB
14	doubleclick.net 8 redirects 11432329.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 ad.doubleclick.net — Cisco Umbrella Rank: 178 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	7 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 75 fcmatch.google.com — Cisco Umbrella Rank: 2437	3 KB
7	sojern.com static.sojern.com — Cisco Umbrella Rank: 16673 beacon.sojern.com — Cisco Umbrella Rank: 5338 pixel.sojern.com — Cisco Umbrella Rank: 8206	32 KB
6	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 6352 adservice.google.de — Cisco Umbrella Rank: 9081	2 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	298 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	268 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 495	155 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	299 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208 wrs.demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 10262	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1571 m.addthis.com — Cisco Umbrella Rank: 1521	217 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	186 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 96 fcmatch.youtube.com — Cisco Umbrella Rank: 2450	55 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	2 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 480	7 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 905 pixel.quantserve.com — Cisco Umbrella Rank: 423	11 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	17 KB
1	sentry.io o412878.ingest.sentry.io	536 B
1	lr-in.com cdn.lr-in.com — Cisco Umbrella Rank: 12992	159 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1765	686 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1244	632 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	265 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 403	1 KB
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 983	549 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 846	2 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1036	517 B
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3683	226 KB
194	30

	Domain	Requested by
78	www.mandai.com	1 redirects www.mandai.com
15	fonts.googleapis.com	app.vouch.sg
10	app.vouch.sg	3 redirects www.mandai.com app.vouch.sg
8	bpr.vouch.sg	app.vouch.sg
7	11432329.fls.doubleclick.net	3 redirects www.googletagmanager.com adservice.google.com
6	www.facebook.com	www.mandai.com
6	www.googletagmanager.com	www.mandai.com assets.adobedtm.com www.googletagmanager.com
6	assets.adobedtm.com	www.mandai.com assets.adobedtm.com
5	connect.facebook.net	assets.adobedtm.com connect.facebook.net
4	static.sojern.com	11432329.fls.doubleclick.net static.sojern.com
4	adservice.google.com	11432329.fls.doubleclick.net static.sojern.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.google.com	1 redirects www.mandai.com
3	files.vouch.sg	www.mandai.com
3	adservice.google.de	1 redirects adservice.google.com
3	www.google.de	www.mandai.com
3	dpm.demdex.net	1 redirects www.mandai.com
3	s7.addthis.com	www.mandai.com s7.addthis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ib.adnxs.com	2 redirects
2	pixel.sojern.com	static.sojern.com
2	cm.g.doubleclick.net	2 redirects
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	11432329.fls.doubleclick.net s.yimg.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.youtube.com	www.mandai.com www.youtube.com
1	o412878.ingest.sentry.io	app.vouch.sg
1	cdn.lr-in.com	app.vouch.sg
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	adobedc.demdex.net	assets.adobedtm.com
1	sp.analytics.yahoo.com	11432329.fls.doubleclick.net
1	match.adsrvr.org	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	beacon.sojern.com	static.sojern.com
1	www.gstatic.com	www.google.com
1	z.moatads.com	s7.addthis.com
1	googleads.g.doubleclick.net	1 redirects
1	pixel.quantserve.com	www.mandai.com
1	pxl.qccerttest.com	www.mandai.com
1	rules.quantcount.com	secure.quantserve.com
1	cm.everesttech.net	1 redirects
1	smetrics.mandai.com	assets.adobedtm.com
1	wrs.demdex.net	assets.adobedtm.com
1	secure.quantserve.com	www.mandai.com
1	players.brightcove.net	www.mandai.com
1	mandai.com	1 redirects
194	49

This site contains links to these domains. Also see Links.

Domain
members.mandai.com
rangerbuddies.mandai.com
www.instagram.com
www.facebook.com
www.tiktok.com
www.youtube.com
twitter.com
weibo.com
v.douyin.com

Subject Issuer	Validity	Valid
*.mandai.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-24` - `2023-08-19`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-07-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.mandai.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-26` - `2023-07-27`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-10-26`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.vouch.sg Amazon	`2022-02-18` - `2023-03-19`	a year	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
files.vouch.sg Amazon	`2021-10-27` - `2022-11-24`	a year	crt.sh
app.vouch.sg Amazon	`2022-06-01` - `2023-06-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-18` - `2023-06-18`	a year	crt.sh
*.ingest.sentry.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.mandai.com/en.html
Frame ID: 64BC06EECB2E02357BD7B7CC96761686
Requests: 136 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: B7D27E9808FB97E0BF6D8555373BD452
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 3CF08D484AFA3C55166568E2BF9361F4
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: FF4BA35806A6B9549501207E20B02217
Requests: 1 HTTP requests in this frame

Frame: https://wrs.demdex.net/dest5.html?d_nsid=0
Frame ID: 8777F77073C9F0DA77679E4C7330AF16
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 7BFFB835EB625E75BECF9236106C7CC1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 5DFE1769FB0325B5F09B51EACF9B0969
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 9C66A4EBAC1E9D6E70CC1A7297C1F4C4
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 0912BE7561129825A4E11B7685FB9424
Requests: 5 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 293D3DF229A9A45B27E046E05AA7EF99
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 2D99CD54D8A0BE03FFC922FAE8B7CD16
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4B8E5D56473D3F6B5B23943959740B34
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0BDAE95A52D7ECA9D99CC3E01FB0F2D2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 11C735BCEFE807FE3A4EF5BFE92D12CE
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: 7C2F2A7704F2103F396D7D9C6E34B238
Requests: 9 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 61C1C9B55E0C3F7F93EF2F7D638446E0
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7A7AB62AFAF6E7B3D4C0D72766472110
Requests: 1 HTTP requests in this frame

Frame: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Frame ID: 114F1AB0DC0E8949E5C6875713EAE214
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mandai Wildlife Reserve: Singapore's Best Wildlife Experience

Page URL History Show full URLs

http://mandai.com/ HTTP 302
https://www.mandai.com/ HTTP 301
https://www.mandai.com/en.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

194
Requests

94 %
HTTPS

51 %
IPv6

30
Domains

49
Subdomains

39
IPs

8
Countries

11366 kB
Transfer

21526 kB
Size

34
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://members.mandai.com/login.html
Title: Member's login

Search URL Search Domain Scan URL

URL: https://rangerbuddies.mandai.com/
Title: Nurture your child into an conservation hero

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CGAnH8CHjTT/
Title: @jenicool23

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CP6-L_OHXbv/
Title: @jaclynmeiqi

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CL6wCHynI9v/
Title: @dianeeng

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CMikdPDAcIq/
Title: @shots.bymarc

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CLEzFLqlVdD/
Title: @kailins.jpg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B5nB1Ytpmak/
Title: @patilmam

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CEWC9S9HhtX/
Title: @axixe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MandaiWildlifeReserve/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mandaiwildlifereserve/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@mandaiwildlifereserve

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/MandaiWildlifeReserve

Search URL Search Domain Scan URL

URL: https://twitter.com/MandaiWildlife

Search URL Search Domain Scan URL

URL: https://weibo.com/SingaporeZoo

Search URL Search Domain Scan URL

URL: https://v.douyin.com/eRGaovr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mandai.com/ HTTP 302
https://www.mandai.com/ HTTP 301
https://www.mandai.com/en.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://app.vouch.sg/widget3/css/app.css HTTP 301
https://app.vouch.sg/widget3-b/css/app.css

Request Chain 34

https://app.vouch.sg/widget3/js/app.js HTTP 301
https://app.vouch.sg/widget3-b/js/app.js

Request Chain 47

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=44243DF7584A9D790A495ECF%40AdobeOrg&d_nsid=0&ts=1664093503270 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=44243DF7584A9D790A495ECF%40AdobeOrg&d_nsid=0&ts=1664093503270

Request Chain 55

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 56

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 57

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 67

https://cm.everesttech.net/cm/dd?d_uuid=83985222805398032212677357972070402069 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzANPwAAAJnwTgNn

Request Chain 82

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&tiba=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&auid=825523247.1664093503&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Pw0wY_H6JsKx1gbD2buACg&sscte=1&crd=&eitems=ChEI8Pi_mQYQ0tTyvb6H2OSOARIdAJE0fkRSh0OpWGVOoXeYKUsXEQnRBSIqp9RpAU8&pscrd=Ek5DaEVJOFBpX21RWVFxN0hudnZPS29KQzRBUklsQUtfY3Z2M1MyVTFyNEdCUjFEZzNmLUpFYWRsR21BckhfVzZhMXBnRTh5QTBNVW5oaHcaV0NoQUk4UGlfbVFZUTJabXluS3Y2cDh0N0VpMEFERVU2eTRqclExNm44UUt2X1JKb0dVN1BDbGR1R011ZlRLejJ1QjNPcWtjbktNUzF3a1QtaklGMVo0dw HTTP 302
https://www.google.com/pagead/1p-conversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&tiba=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&auid=825523247.1664093503&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBpX21RWVFxN0hudnZPS29KQzRBUklsQUtfY3Z2M1MyVTFyNEdCUjFEZzNmLUpFYWRsR21BckhfVzZhMXBnRTh5QTBNVW5oaHcaV0NoQUk4UGlfbVFZUTJabXluS3Y2cDh0N0VpMEFERVU2eTRqclExNm44UUt2X1JKb0dVN1BDbGR1R011ZlRLejJ1QjNPcWtjbktNUzF3a1QtaklGMVo0dw&is_vtc=1&ocp_id=Pw0wY_H6JsKx1gbD2buACg&eitems=ChEI8Pi_mQYQ0tTyvb6H2OSOARIdAJE0fkRhOY6uUYmzdM1L1WXZ4Ojlu4LLE4j6yJY&random=32416397&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&tiba=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&auid=825523247.1664093503&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBpX21RWVFxN0hudnZPS29KQzRBUklsQUtfY3Z2M1MyVTFyNEdCUjFEZzNmLUpFYWRsR21BckhfVzZhMXBnRTh5QTBNVW5oaHcaV0NoQUk4UGlfbVFZUTJabXluS3Y2cDh0N0VpMEFERVU2eTRqclExNm44UUt2X1JKb0dVN1BDbGR1R011ZlRLejJ1QjNPcWtjbktNUzF3a1QtaklGMVo0dw&is_vtc=1&ocp_id=Pw0wY_H6JsKx1gbD2buACg&eitems=ChEI8Pi_mQYQ0tTyvb6H2OSOARIdAJE0fkRhOY6uUYmzdM1L1WXZ4Ojlu4LLE4j6yJY&random=32416397&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 88

https://adservice.google.de/ddm/fls/i/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 101

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=CLbO57G_r_oCFdlGHgIdxPsJog;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CLbO57G_r_oCFdlGHgIdxPsJog;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=__WiiPjrL2sKUurGRVs65g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-&sjrn_ula=7361855079 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-&sjrn_ula=7361855079&google_gid=CAESEAWiG8JFAusYSe6swRkiG8E&google_cver=1

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_hm=__WiiPjrL2sKUurGRVs65g&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopsXnfmoJUNqFg2m0pMr-N-NPtanTkUFafmR2ByhJ7jIV-BLyz-3bpO-cFhN2w-WhSyzL9Ci8z3rDfO6_w9sVJsSPYfuJ9mmqNwY_yHZ1spGZ5Y4OM HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsXnfmoJUNqFg2m0pMr-N-NPtanTkUFafmR2ByhJ7jIV-BLyz-3bpO-cFhN2w-WhSyzL9Ci8z3rDfO6_w9sVJsSPYfuJ9mmqNwY_yHZ1spGZ5Y4OM

Request Chain 104

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke- HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DW7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke- HTTP 302
https://pixel.sojern.com/idsync/apn?id=6883213289019942336&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-

Request Chain 152

https://app.vouch.sg/bot?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https://www.mandai.com/en.html HTTP 301
https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default

194 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en.html Show response
www.mandai.com/
Redirect Chain

http://mandai.com/
https://www.mandai.com/
https://www.mandai.com/en.html

57 KB
10 KB

688ms
686ms

Document
text/html

2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc673e0d60902d4d68cd16a923ffd72f2f42988b4daacd881c63dfc7babcf549

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: EXPIRED
cf-ray: 75024a622ebd9b3f-FRA
content-encoding: br
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
content-type: text/html
date: Sun, 25 Sep 2022 08:11:42 GMT
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
last-modified: Sun, 25 Sep 2022 07:40:43 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 75024a61de2b9b3f-FRA
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=dIrPtw8at5RLCSrOXBel1SpZuvU2vsd4gKiPHJyQH5g-1664093501-0-AdSz-qGHGpT7riz7hs7R5Lp3CovEQVKNBA8TKd8j-pKGj6rCI6KgmSbtUtAxT7qAodI8miKIs_UAPVLmiKNBMxg; report-to cf-csp-endpoint
date: Sun, 25 Sep 2022 08:11:41 GMT
expires: Sun, 25 Sep 2022 09:11:41 GMT
location: https://www.mandai.com/en.html
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=dIrPtw8at5RLCSrOXBel1SpZuvU2vsd4gKiPHJyQH5g-1664093501-0-AdSz-qGHGpT7riz7hs7R5Lp3CovEQVKNBA8TKd8j-pKGj6rCI6KgmSbtUtAxT7qAodI8miKIs_UAPVLmiKNBMxg"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
www.mandai.com/etc/designs/wrs/ 333 KB
49 KB 510ms
509ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f4304fcfffea6d7e9cc1d00997ac8cfa9f2ff1c270d7c21bccc957bc6f84f9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=348006
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=GKBKa7iuprHVT00MHdUyIiEFbTxtKQlDXFlhPzE8VPM-1664093502-0-ASNJO4YzlMWFpbDG7mdVW8qW5IuG5xz_JtNQzfX40zbE7A7cOJOlV9uGiL77hyYduc4PsMTYCUoI9IMP9BZ2BeY; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"089c2e14c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=GKBKa7iuprHVT00MHdUyIiEFbTxtKQlDXFlhPzE8VPM-1664093502-0-ASNJO4YzlMWFpbDG7mdVW8qW5IuG5xz_JtNQzfX40zbE7A7cOJOlV9uGiL77hyYduc4PsMTYCUoI9IMP9BZ2BeY"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/css
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a667f6a9bf4-FRA
cf-bgj: minify

GET
H3 200 Nunito-Regular.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 59 KB
59 KB 529ms
525ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Regular.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da49d72dd8cf8998a7225387428dddcb435578d81c0b4599c6bcc62fdfeeb2b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c07f6e4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668f819bf4-FRA

GET
H3 200 fontawesome-webfont.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 535ms
532ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fontawesome-webfont.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ff26866e4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668f849bf4-FRA

GET
H3 200 fa-solid-900.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 169 KB
170 KB 541ms
538ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-solid-900.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2d4e8d6e4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668f879bf4-FRA

GET
H3 200 MerriweatherSans-Regular.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 34 KB
34 KB 678ms
675ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MerriweatherSans-Regular.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25582cc7d9a780a6dfa37156d86ef6b13fa8a396f527a0a9c3d92ac62adc3f6b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e1fc38f24c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668f889bf4-FRA

GET
H3 200 Nunito-SemiBold.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 59 KB
60 KB 847ms
845ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-SemiBold.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2929541a7a51f97e2e9d53d49602e1dc4ba7d2dee3de16417e501407d1b9f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4a872254d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668f8c9bf4-FRA

GET
H3 200 Nunito-Light.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 58 KB
59 KB 546ms
543ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Light.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a28473bf583d915b598718433123a861ba39f2d8120fb31f65634dd7fc8e608

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"284d2b814c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668f8e9bf4-FRA

GET
H3 200 Nunito-Bold.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 60 KB
60 KB 827ms
824ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Bold.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f210a70803bcc6e261706ffb0a7ef491cdcb9f384ad4d9eb9e962aea5615187

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"323c5654c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668f8f9bf4-FRA

GET
H3 200 Nunito-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 44 KB
44 KB 547ms
544ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d652fdfc6174c5b36f11a200a83b14e5f78ccb4278efa344c65667588896b827

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44784
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b0b39a94c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a668f909bf4-FRA

GET
H3 200 MandaiValueSerif-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 34 KB
35 KB 510ms
507ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34992
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:43:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1753eea74d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a668f919bf4-FRA

GET
H3 200 MandaiValueSerif-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 36 KB
37 KB 669ms
667ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37368
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2d4e8d6e4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a668f949bf4-FRA

GET
H3 200 Halant-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 825ms
822ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Halant-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98116
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2d4e8d6e4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a668f959bf4-FRA

GET
H3 200 Vollkorn.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 111 KB
111 KB 548ms
545ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Vollkorn.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113280
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:37:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f7caefbe4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a668f989bf4-FRA

GET
H3 200 Georgia.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 61 KB
61 KB 550ms
547ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Georgia.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62456
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:44:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f2a782c14d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a668fac9bf4-FRA

GET
H3 200 style.css
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 2 MB
201 KB 550ms
548ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1d78757ba95d3f11ab3567a755c4ea79db1bbb90ba93fdd44181c6fcc95de77

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=1767336
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Sep 2022 14:17:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0cebf70fbc1d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668fae9bf4-FRA
cf-bgj: minify

GET
H3 200 clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css
www.mandai.com/etc/designs/wrs/ 970 B
904 B 554ms
552ms Stylesheet
text/css 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd03851e3e84926fcf32756e7275aeec02d6f2bc9bf8292a2f7bb42cbfeab83

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=994
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5b4918994c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668fb09bf4-FRA
cf-bgj: minify

GET
H3 200 headLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 130 KB
49 KB 555ms
552ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

959ce16bde5f4a7c1a6169db07dcc054bd5e587a7cc61f6bee313e5005d0ce81

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"059d5f44c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a668fb49bf4-FRA

GET
H2 200 satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js Show response
assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/ 635 KB
138 KB 74ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c05a26f70be22cf13bb1a21e38f052bec9f8be79500d19e2f9e863ef38b078cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 03:57:23 GMT
server: AkamaiNetStorage
etag: "140da6cd74772d6720c910253c94469c:1660103843.006297"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 141031
expires: Sun, 25 Sep 2022 09:11:43 GMT

GET
H3 200 md-tick.png
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 2 KB
2 KB 408ms
406ms Image
image/png 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-tick.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad13d34a45356e68d3a6c7969fc7ab9d4d5dc27c43aa8f101fec2b1ac588092

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1923
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f5bf26d94c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a6ab99f9bf4-FRA

GET
H3 200 Logo-Mandai-SapWhiteLighter.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
3 KB 506ms
504ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-SapWhiteLighter.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:47:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"02cd1244e42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab9a19bf4-FRA

GET
H3 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
3 KB 503ms
501ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"097e9e84c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab9a69bf4-FRA

GET
H3 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/mandai/logo/ 11 KB
3 KB 507ms
505ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80ef6df54c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab9a89bf4-FRA

GET
H3 200 Logo-SZ.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 207ms
205ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-SZ.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80e2cb814c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab9a99bf4-FRA

GET
H3 200 Logo-RW.svg
www.mandai.com/content/dam/mandai/logo/ 7 KB
3 KB 198ms
196ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-RW.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"809690864c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab9ab9bf4-FRA

GET
H3 200 Logo-NS.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 532ms
530ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-NS.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"041c8654c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab9ac9bf4-FRA

GET
H3 200 park-bird.png
www.mandai.com/content/dam/wrs/assets/ 4 KB
5 KB 519ms
517ms Image
image/webp 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/assets/park-bird.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022557de03af6b15e0b7961f944a39bab044b2f3ab9d3e4ca8e529b1049820dc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=5364
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=JOHJAbjDhZ0ILv5MbTvT26aw6DtAkGmz2B.1B1lI0js-1664093503-0-AUZ9WQ6bdodw49K2f-c0UmA3VKyiK1Cwr8ldHuGhJJVuERe1l-NLwy_IpafyqLPILY9mKBWOsDNeoc3_7dV6SPM; report-to cf-csp-endpoint
content-disposition: inline; filename="park-bird.webp"
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3708
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8478278a4c42d81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=JOHJAbjDhZ0ILv5MbTvT26aw6DtAkGmz2B.1B1lI0js-1664093503-0-AUZ9WQ6bdodw49K2f-c0UmA3VKyiK1Cwr8ldHuGhJJVuERe1l-NLwy_IpafyqLPILY9mKBWOsDNeoc3_7dV6SPM"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a6ab9ad9bf4-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 conservation-included-tag-250x107.png
www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/ 12 KB
12 KB 716ms
714ms Image
image/png 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/conservation-included-tag-250x107.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2f8af767e0d56e93f34eaa875d9e9b308f720b599da6094dce10b470e35aa24

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12078
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:43:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7312e1a44d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a6ab9b09bf4-FRA

GET
H3 200 footLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 4 KB
2 KB 543ms
542ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80665f64f8220669d7a1e882fef1bc543b4574f46d6914d2ed01c3e01f466c5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"809690864c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab9979bf4-FRA

GET
H3 200 wrs-lazyload.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 4 KB
1 KB 509ms
506ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/wrs-lazyload.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80b59a804c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ab99d9bf4-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 194ms
76ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f82e361d5c2f3b8fed3e54d1aebd1669c6d311356164679e3d6966dc552e6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 84ms
10ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Sun, 25 Sep 2022 08:11:43 GMT
x-host: s7.addthis.com
content-length: 116360

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5798671137001/default_default/ 846 KB
226 KB 878ms
806ms Script
application/javascript 184.51.9.157
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5798671137001/default_default/index.min.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.9.157 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-157.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c82d9bede596394bc84925ad87cb7792447d2016b9df6f1718208519d102e5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: BCXSnxs8EKrWGEt_bEK3Btc8bCreC.Zk
Content-Encoding: gzip
ETag: "02375dd4f2176e6340aa89e7ea5f5d4a"
x-amz-request-id: Y6BT04YNYCZH7SN8
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 230771
x-amz-id-2: 1unQokA00ucgdnI5fCsAR/jLesvIiDGltwPGXRSFkZvjW1RAfn7AnKxYSuXgZS+nsvb0fvn1gow=
X-BCOV-Response-Mode: 1
X-Served-By: cache-lin2290031-LIN
Last-Modified: Fri, 02 Sep 2022 17:17:59 GMT
Server: AmazonS3
X-Timer: S1662142278.965077,VS0,VE699
Date: Sun, 25 Sep 2022 08:11:44 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 127ms
45ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d67f38229c8dac8429af4c162d42073e4abd4337a86ec54a18d3ad7e010b2a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H2

200

app.css
app.vouch.sg/widget3-b/css/
Redirect Chain

https://app.vouch.sg/widget3/css/app.css
https://app.vouch.sg/widget3-b/css/app.css

3 KB
1 KB

512ms
512ms

Stylesheet
text/css

52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouch.sg/widget3-b/css/app.css
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 8456bfc228f9f81b4c3f0064dfc021e468643ebbe0c8d4ec30287b3dfc0c917d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 3344
x-amzn-remapped-date: Sun, 25 Sep 2022 08:11:45 GMT
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: c0fac389-7033-495c-aba7-e4fc1b4c4e03
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAcCDGydSQ0FTMw=
content-length: 960
last-modified: Wed, 24 Aug 2022 12:28:34 GMT
cache-control: no-store
etag: "09966388e19bdb53d077b0391da08885"
content-type: text/css
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amzn-remapped-server: AmazonS3
x-amz-cf-id: TivzraNK15tzvO9IW_O_AzV--mEWcACq1sx6Lfst4LMjwX3yNErm0g==

Redirect headers

date: Sun, 25 Sep 2022 08:11:43 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: de5cb092-37c7-4581-91b9-677f5f935c0e
x-cache: Miss from cloudfront
content-type: application/json
location: https://app.vouch.sg/widget3-b/css/app.css
cache-control: max-age=86400
x-amzn-trace-id: Root=1-63300d3f-3750f1b26aa122ab7d8dad3d;Sampled=0
x-amz-apigw-id: ZAcB-GQNyQ0FrEQ=
content-length: 0
x-amz-cf-id: nqEthVPY4JOQ9eZ5uDx0EhQRtZt1ngs-CMvbQn4UgRk3GqiEi1M9LA==

GET
H2

200

app.js Show response
app.vouch.sg/widget3-b/js/
Redirect Chain

https://app.vouch.sg/widget3/js/app.js
https://app.vouch.sg/widget3-b/js/app.js

472 KB
163 KB

691ms
690ms

Script
application/javascript

52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouch.sg/widget3-b/js/app.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 65e294e7d7a34defb206adb338b72cb9e05dad6e5999a2ccad44bdb8ecdedc80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 483104
x-amzn-remapped-date: Sun, 25 Sep 2022 08:11:45 GMT
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: 4f562929-4ad6-4742-9b34-4a2c5506e870
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAcCDEE3yQ0Ffnw=
content-length: 165790
last-modified: Wed, 24 Aug 2022 12:28:34 GMT
cache-control: no-store
etag: "7b48f510d12277ff2ecfb468e00ef7e2"
content-type: application/javascript
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amzn-remapped-server: AmazonS3
x-amz-cf-id: XeucCnCp7IClyOBIjGRS7MCfh-T_T-IlVCoLgWN3OV1hh-OAIzRSjQ==

Redirect headers

date: Sun, 25 Sep 2022 08:11:43 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: a5b6efa3-130b-4c12-92f0-3cfc6f34b6ff
x-cache: Miss from cloudfront
content-type: application/json
location: https://app.vouch.sg/widget3-b/js/app.js
cache-control: max-age=86400
x-amzn-trace-id: Root=1-63300d3f-3d7692ae19b67d303973780b;Sampled=0
x-amz-apigw-id: ZAcB-FW7SQ0Fdpg=
content-length: 0
x-amz-cf-id: gTzPYrTJFIgnBUUGjiTIg5hpHDPF-sDjiITF6B8jAYCBtJAsPgycEg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
68 KB 144ms
63ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d2016806256f86da3febbc1a47a2830e310c46c3e791f4ab594fd9673f53a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68863
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 mandai-arrow-yellow-down.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 676 B
901 B 520ms
520ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-down.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea072d94566d3b23d5cffd6ba378a1b10c572ada79c05956d53764c7b06a68b6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 03:05:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54d8edab5042d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ad9df9bf4-FRA

GET
H3 200 mandai-arrow-yellow-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
2 KB 522ms
522ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ba54ace5ec9ffcfe936b694be4b70a7d3f906900a2e07b419f5e1c6819ce97

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kiacxyVxJv_JiUfmsaQWzapx54Sot7YyeFk5H521Jak-1664093503-0-AYYg5ZjiN7Fg8Abuya-bc2W6CUJ3-HGrfsOdnvRk6E_OmUKtGpjKX4DtdUzTyVhJX6IeO1OOQgKN08cwmRgwTEc; report-to cf-csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:45:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"247e6e44d42d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=kiacxyVxJv_JiUfmsaQWzapx54Sot7YyeFk5H521Jak-1664093503-0-AYYg5ZjiN7Fg8Abuya-bc2W6CUJ3-HGrfsOdnvRk6E_OmUKtGpjKX4DtdUzTyVhJX6IeO1OOQgKN08cwmRgwTEc"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ad9e29bf4-FRA

GET
H3 200 mandai-arrow-yellow-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 512ms
511ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0697a8851503c96e20e61a2d389bd66dd7c01e5f1649061ba19c20fa73ba32d6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a22cdba94c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ad9e49bf4-FRA

GET
H3 200 md-back-to-top.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 519ms
519ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-back-to-top.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60dabc163081fe6317a7959c57a5394a9a43ed22ed2f7d1130b6b875d9e8a24

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"70e881d94c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ad9ef9bf4-FRA

GET
H3 200 fa-regular-400.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 207 KB
207 KB 1007ms
1007ms Font
font/x-woff 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-regular-400.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:48:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"459d13434e42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/x-woff
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a6ad9f19bf4-FRA

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 74 KB
74 KB 510ms
510ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=jtorrxR.VOTWn3T.MCNlmJKm29Fz4b5Ik1rc3koFYmE-1664093503-0-AZMbxg3bWzTiohVInRekEZw6Yn9lIP2Hs7u6qPF7OUW1yKMEBRCY8dpSwp3VdGr8R7ggEue65fGA-SxShR9FONc; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75308
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:45:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a3e2b3d24d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=jtorrxR.VOTWn3T.MCNlmJKm29Fz4b5Ik1rc3koFYmE-1664093503-0-AZMbxg3bWzTiohVInRekEZw6Yn9lIP2Hs7u6qPF7OUW1yKMEBRCY8dpSwp3VdGr8R7ggEue65fGA-SxShR9FONc"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a6ad9f59bf4-FRA

GET
H3 200 Poppins-Bold.ttf
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 137 KB
138 KB 836ms
835ms Font
application/octet-stream 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Bold.ttf

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec26b37105adacad70aca3692f80e3dab073f06639daa80f8adcede6af60d76c

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140724
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "4a31bef34c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a6ad9f79bf4-FRA

GET
H3 200 Poppins-Regular.ttf
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 141 KB
142 KB 522ms
522ms Font
application/octet-stream 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Regular.ttf

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144776
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c49d1f54c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a6ad9fa9bf4-FRA

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=44243DF7584A9D790A495ECF%40AdobeOrg&d_nsid=0&ts=1664093503270
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=44243DF7584A9D790A495ECF%40AdobeOrg&d_nsid=0&ts=1664093503270

362 B
1 KB

33ms
33ms

XHR
application/json

34.250.104.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=44243DF7584A9D790A495ECF%40AdobeOrg&d_nsid=0&ts=1664093503270

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

HTTP/1.1

Server

34.250.104.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-104-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ad10a0a9a6afe9286f4f39f9304929f6cf14dd19818973cc9c13e403de61ee33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v042-0056a185e.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: CxBtKyPBQXY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.mandai.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v042-05d893163.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.mandai.com
X-TID: B+Ev85FwQrc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=44243DF7584A9D790A495ECF%40AdobeOrg&d_nsid=0&ts=1664093503270
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Sun, 25 Sep 2022 09:11:43 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Sun, 25 Sep 2022 09:11:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-xss-protection: 0
pragma: public
x-fb-debug: z/vp1VOu4V0cDZv2h55wzlMiZq1Zs5MvszfKw7MJfXfk1BUHlPRny+EQdUrQQLchQyQypA2cz6Lyp0KBKbOTYQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=11432329&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ddc0a0417954644656b697c10b91eacef781c0cf5dcfe096cddcd46106c2e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36060
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.84

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: z3HHud0SQA6Z78Gd+atw9fS4r3rva8muAc9VYODKpFvk54zNFbqRj5YKsATMELjh4PnQypRfaUnuiRJQsttf3Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 163448341759089 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 69ms
59ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/163448341759089?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

caca9d2a3eff03a02e5baccc27b158e2fa5db95c7144b2039f9c4251d8fff68e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: zjJwg57Xq3ifgr6GPSM3vyVs8QT24S54cflwuFQ+Uguo4d1Cud5TzP3wRFU9SsYyMhy8cVO1+h+qKdSc4k+Gcw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
35ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3345
date: Sun, 25 Sep 2022 07:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 25 Sep 2022 09:15:58 GMT

GET
H3

200

activityi;dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
11432329.fls.doubleclick.net/ Frame B7D2
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
https://11432329.fls.doubleclick.net/activityi;dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.ma...

483 B
407 B

126ms
66ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

4dea432a64cd1e85ddde2d85d9600c6ceb1d7824a3a1bda2b8016aa1c8976002

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
11432329.fls.doubleclick.net/ Frame 3CF0
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
https://11432329.fls.doubleclick.net/activityi;dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.m...

484 B
405 B

127ms
68ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

2f98d935c96ccc6601afda2e70d1eb47047d9fa29859afd9c771a944fb404bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
11432329.fls.doubleclick.net/ Frame FF4B
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
https://11432329.fls.doubleclick.net/activityi;dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.man...

482 B
402 B

127ms
67ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

e7fc6d28a5029a8e79abaeac2c098e2733a029449e4a8e2641dd75767d04e576

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 377
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 136ms
51ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 82ms
7ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 02 Oct 2022 08:11:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 132ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-37&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb9edc70273b71c79dbf2323c332425c2ce74b5faa73bbaaf9f3401c148894b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42263
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 161ms
84ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc568a864c18d71862e16c1f5ef275e7273cbb2c2f8950b07a611d239828e256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42263
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 175ms
98ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37bc11a8167f8a9196685d45d56108c20857ae291618513288b3d2563c0609a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42213
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 129ms
52ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-45&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7520bc39c2d13d103ca5a68161a60645126c61c9d10578ee72ed6786248665cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42260
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:11:43 GMT

GET
H3 200 1165933726848771 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1165933726848771?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c01a1004db68d070f591cc953256d26573dced6c33f86d562f726a0ebf9aeb6f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Floba9TLYl+55vrYi1pNothYlFc+Ib2eYYEbZ0gAgUr2amXAIz57jEYgl6VMWgbmJfLd+ulAnUFRSu79OMeHXQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
wrs.demdex.net/ Frame 8777 7 KB
3 KB 161ms
30ms Document
text/html 79.125.44.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wrs.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.125.44.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-79-125-44-37.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v042-03bacbb28.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 1Tv/wzs/RsU=
content-encoding: gzip
date: Sun, 25 Sep 2022 08:11:43 GMT
last-modified: Thu, 22 Sep 2022 11:17:12 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.mandai.com/ 48 B
457 B 93ms
18ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.mandai.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=44243DF7584A9D790A495ECF%40AdobeOrg&mid=83888472417525575642720532037843513788&ts=1664093503460

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

b4ed020ae2b6ebbf9c015bbbe703a9d4fe069b56aea3f05a3fb6f85f6a958434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YzANPwAAAJnwTgNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=83985222805398032212677357972070402069
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzANPwAAAJnwTgNn

42 B
942 B

31ms
30ms

Image
image/gif

34.250.104.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzANPwAAAJnwTgNn

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

HTTP/1.1

Server

34.250.104.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-104-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v042-0deb1bf47.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7G2RpYABToo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzANPwAAAJnwTgNn
Date: Sun, 25 Sep 2022 08:11:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 rules-p-BDGGPC8sPSpFR.js Show response
rules.quantcount.com/ 3 KB
2 KB 90ms
36ms Script
application/javascript 2600:9000:206e:4c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BDGGPC8sPSpFR.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acb1f227d8f76783ed1fbe6e4bb1988af43fd4e1425d6d48697c917b24525b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
age: 2348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 22 Aug 2022 11:04:19 GMT
server: AmazonS3
etag: W/"597e06e21a8b1ef590b560f2e2717108"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: XILAGjxxRomx3qoKr1dUXSr6xzyl1OLe0j4ZybvwemtXapaRciJpJA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 120ms
43ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1764784058&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&ul=en-us&de=UTF-8&dt=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=830597853&gjid=626953724&cid=172540832.1664093504&tid=UA-23015312-4&_gid=1042396142.1664093504&_r=1&gtm=2wg9l0PS9Z3S&z=1023021772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 116ms
42ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1764784058&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&ul=en-us&de=UTF-8&dt=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAAC~&jid=43006781&gjid=803592430&cid=172540832.1664093504&tid=UA-23015312-37&_gid=1042396142.1664093504&_r=1&gtm=2wg9l0PS9Z3S&z=1559858446

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 428162178859206 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/428162178859206?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32c7bdf4922b75ec3e653df30d7a59b35c62ee965fb9e5e940bd1dc8e9a5062d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: HqgNPX0m15mUJAiOuWIgqJWG7p0vfkN0KYdKQcHAs5ZZ5XbRPcVM3zvzOmxthNfztYuuJ0TsLyvC6Wxf8Ffkcg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 25ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=163448341759089&ev=PageView&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1664093503528&sw=1600&sh=1200&v=2.9.84&r=stable&a=adobe_launch&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221051579805373082%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%223019220471732087%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1664093503527.1611058943&it=1664093503316&coo=false&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 25 Sep 2022 08:11:43 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1165933726848771&ev=PageView&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1664093503529&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664093503527.1611058943&it=1664093503316&coo=false&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 25 Sep 2022 08:11:43 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/956687319/ 2 KB
1 KB 110ms
45ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/956687319/?random=1664093503561&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&tiba=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&auid=825523247.1664093503&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7584780160c6c72d5c976acefea6e714e144d6e9ae268fa0213b102ea417e1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
549 B 73ms
7ms Image
image/gif 2600:9000:223d:ea00:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=2090163736;fpan=1;fpa=P0-384379132-1664093503597;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=mandai.com;dst=0;et=1664093503597;tzo=0;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;ogl=title.Homepage%2Cdescription.An%20unforgettable%20wildlife%20adventure%20at%20Mandai%20awaits!%20Explore%20and%20discover%20the%20w%2Cimage.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fcontent%2Fdam%2Fmandai%2Fabout-mandai%2FMasthead-1920x894-v2%252Ejpg%2Curl.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fen%252Ehtml%2Ctype.article

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ea00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 01:48:50 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 22974
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
content-type: image/gif
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: UdnlGarqlElYvzhobYlsMXdM1QsYxw9rGapA5ddeo52xk641XKD5jQ==

GET
H2 200 pixel;r=1562908782;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0...
pixel.quantserve.com/ 35 B
475 B 22ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1562908782;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-384379132-1664093503597;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=mandai.com;dst=0;et=1664093503602;tzo=0;ogl=title.Homepage%2Cdescription.An%20unforgettable%20wildlife%20adventure%20at%20Mandai%20awaits!%20Explore%20and%20discover%20the%20w%2Cimage.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fcontent%2Fdam%2Fmandai%2Fabout-mandai%2FMasthead-1920x894-v2%252Ejpg%2Curl.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fen%252Ehtml%2Ctype.article;ses=229eb67e-15c4-460f-8957-421ba51df420

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428162178859206&ev=PageView&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1664093503615&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221197172684137244%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22628033828574646%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22en.html%22%7D%7D&fbp=fb.1.1664093503527.1611058943&it=1664093503316&coo=false&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 25 Sep 2022 08:11:43 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 52ms
18ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23015312-37&cid=172540832.1664093504&jid=43006781&gjid=803592430&_gid=1042396142.1664093504&_u=YGDACAABBAAAAC~&z=1091996888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Sep 2022 08:11:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 134ms
60ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23015312-37&cid=172540832.1664093504&jid=43006781&_u=YGDACAABBAAAAC~&z=1590180192

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 197ms
83ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23015312-37&cid=172540832.1664093504&jid=43006781&_u=YGDACAABBAAAAC~&z=1590180192

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/ 75 KB
75 KB 517ms
517ms Font
application/font-woff2 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76764
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:47:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "86481c2f4e42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a6e28c79bf4-FRA

GET
H3

200

/
www.google.de/pagead/1p-conversion/956687319/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

173ms
76ms

Image
image/gif

2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&tiba=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&auid=825523247.1664093503&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBpX21RWVFxN0hudnZPS29KQzRBUklsQUtfY3Z2M1MyVTFyNEdCUjFEZzNmLUpFYWRsR21BckhfVzZhMXBnRTh5QTBNVW5oaHcaV0NoQUk4UGlfbVFZUTJabXluS3Y2cDh0N0VpMEFERVU2eTRqclExNm44UUt2X1JKb0dVN1BDbGR1R011ZlRLejJ1QjNPcWtjbktNUzF3a1QtaklGMVo0dw&is_vtc=1&ocp_id=Pw0wY_H6JsKx1gbD2buACg&eitems=ChEI8Pi_mQYQ0tTyvb6H2OSOARIdAJE0fkRhOY6uUYmzdM1L1WXZ4Ojlu4LLE4j6yJY&random=32416397&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/956687319/?random=2126755407&cv=9&fst=1664093503561&num=1&value=0&label=nUwvCOqlsKQDENfHl8gD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&tiba=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&auid=825523247.1664093503&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBpX21RWVFxN0hudnZPS29KQzRBUklsQUtfY3Z2M1MyVTFyNEdCUjFEZzNmLUpFYWRsR21BckhfVzZhMXBnRTh5QTBNVW5oaHcaV0NoQUk4UGlfbVFZUTJabXluS3Y2cDh0N0VpMEFERVU2eTRqclExNm44UUt2X1JKb0dVN1BDbGR1R011ZlRLejJ1QjNPcWtjbktNUzF3a1QtaklGMVo0dw&is_vtc=1&ocp_id=Pw0wY_H6JsKx1gbD2buACg&eitems=ChEI8Pi_mQYQ0tTyvb6H2OSOARIdAJE0fkRhOY6uUYmzdM1L1WXZ4Ojlu4LLE4j6yJY&random=32416397&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/ 161 KB
52 KB 142ms
47ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 07:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53539
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 25 Sep 2023 07:02:42 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 91ms
18ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 25 Sep 2022 08:11:43 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 8907F22DCE06444D
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63297
accept-ranges: bytes
content-length: 948
x-amz-id-2: A2ikoj2qyrE20XsgkZBcBqcpmdagcM2zgMw8ZT9hXLSa7UPt3zIuE0lNoCBVThaPfar361NTAUU=

GET
H2 200 dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
adservice.google.com/ddm/fls/i/ Frame 7BFF 482 B
851 B 199ms
82ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad4eae97a638ca37073f1beb049f4645c1da21999ee2547d811642f6d703793e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
adservice.google.com/ddm/fls/i/ Frame 5DFE 481 B
447 B 199ms
83ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79496883c3a08336c06cba5f3433ccacf60c60f089c301cf89a88773df59baad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 377
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
adservice.google.com/ddm/fls/i/ Frame 9C66 483 B
451 B 201ms
86ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8dd7d97d5232ecef8ce6e6bced1492f73d3bb2d0550122fb9dcc274663c51f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
11432329.fls.doubleclick.net/ddm/fls/r/ Frame 0912
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%...
https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.ma...

3 KB
1 KB

68ms
66ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

10fa31c9959e1f19a226eca226ffa078b5b4fe24cac06352e9ffcc41899b7f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1262
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:44 GMT
expires: Sun, 25 Sep 2022 08:11:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
adservice.google.de/ddm/fls/i/ Frame 293D 194 B
242 B 155ms
76ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLH2nLG_r_oCFYaImgodwf8ApA;src=11432329;type=wrs;cat=wrs_h0;ord=130780816248;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:44 GMT
expires: Sun, 25 Sep 2022 08:11:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html Show response
adservice.google.de/ddm/fls/i/ Frame 2D99 194 B
287 B 154ms
75ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO_4nLG_r_oCFRfhmgod5CAP3w;src=11432329;type=wrs;cat=wrs_e00;ord=1712067957322;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:44 GMT
expires: Sun, 25 Sep 2022 08:11:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4B8E 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:44 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0BDA 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:44 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 391 KB
157 KB 164ms
47ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.mandai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 07:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 07:04:02 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 11C7 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:11:44 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ Frame 0912 5 KB
5 KB 123ms
30ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a858c212dbe1cda846913e4d6bcb3d3e20e535b0275621f6197027f19d37ecbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 07:51:06 GMT
age: 1238
x-guploader-uploadid: ADPycdt04j5SJSIVt8vgwIYFVqJ9s01GJX6Db4mp7uEAXJqKYy6bnjF60mbmpPUgDMDobuo1Dlxqh_QWs528E0z324p7jw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4688
last-modified: Thu, 30 Jun 2022 08:59:39 GMT
server: UploadServer
etag: "8820fa9a42fd4249826a99466f4ccf62"
x-goog-hash: crc32c=ggEe+Q==, md5=iCD6mkL9QkmCaplGb0zPYg==
x-goog-generation: 1656579579362556
cache-control: public, max-age=3600
x-goog-stored-content-length: 4688
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 25 Sep 2022 08:51:06 GMT

GET
H3 200 66017.html Show response
static.sojern.com/cip/a/ Frame 7C2F 4 KB
4 KB 62ms
30ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 314913ec17a111824db519fa90faf06813395101af99e4290eb4b1c4a20f3430

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 3584
content-type: text/html
date: Sun, 25 Sep 2022 07:39:53 GMT
etag: "2a63107fd5d01a79819d19b318d791be"
expires: Sun, 25 Sep 2022 08:39:53 GMT
last-modified: Thu, 22 Sep 2022 08:26:22 GMT
server: UploadServer
x-goog-generation: 1663835182361754
x-goog-hash: crc32c=EyvdAQ== md5=KmMQf9XQGnmBnRmzGNeRvg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3584
x-guploader-uploadid: ADPycdv4JujPU0qF5C9hjHcI9qX0ugaLFVtXKFXtfuQs0Xv7ivcz2hENcj_iuWVlpfYyaSmoO_OS9FpQhdEBmY0xclJwcQ

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 0912 16 KB
6 KB 292ms
31ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COz0nLG_r_oCFTzEOwIdMaEJDQ;src=11432329;type=wrs;cat=wrsal0;ord=1840325647588;gtm=2wg9l0;auiddc=825523247.1664093503;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5929
x-amz-id-2: qmhyhWmbKKk6XF/sUnitXK/fucNTE7lYhp5h1FOSw8awMNUnhi4G1hrgEHmr/bRtrhm2DKlQngE=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 9JS9C7Z1EHX1T68G
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 7C2F 18 KB
18 KB 32ms
32ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 07:57:05 GMT
age: 879
x-guploader-uploadid: ADPycdtlyAZlJ8wF0OqX0wD9glZlOCQ63XaG5EaA7cMw3Va7duO5YJkzZ8Cxd8KBJA_xpQPQ0iGOjbc_9uU5HjXu52SDORyzJxiy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
x-goog-generation: 1638894199335821
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 25 Sep 2022 08:57:05 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 7C2F 4 KB
4 KB 31ms
31ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 02b02be496e69e49f701452a382cdb4a194e299c93dbb04b810fdfc2202ba1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:05:37 GMT
age: 367
x-guploader-uploadid: ADPycdtOhDc7Ska0KKa02Td4ORSnFPInjlgu8P1ZtgowjSJoWEzgs9eKSE_FJe9JzhvEbuccB_VQ6oasK_MDStfLfGL0QA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4254
last-modified: Tue, 28 Jun 2022 09:19:26 GMT
server: UploadServer
etag: "8cd8e4fb2688fa4187547e1314b4f383"
x-goog-hash: crc32c=q4e+bw==, md5=jNjk+yaI+kGHVH4TFLTzgw==
x-goog-generation: 1656407966894244
cache-control: public, max-age=3600
x-goog-stored-content-length: 4254
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 25 Sep 2022 09:05:37 GMT

GET
H2 200 335614 Show response
beacon.sojern.com/pixel/p/ Frame 7C2F 4 KB
1 KB 162ms
40ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/335614?f_v=v6_js&p_v=1&f_v=v6_js&cid=&p_v=4&version=1&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=https%3A%2F%2Fwww.mandai.com%2Fen.html&sha256_eml=&sha1_eml=&md5_eml=&ccid=0aooa-edopj-z17u6-9y7bl-st6bx&vid=hot&domain=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&s=ccid_auto&pname=%3Ff_v%3Dv6_js%26p_v%3D4%26version%3D1%26auto_url%3Dhttps%253A%252F%252F11432329.fls.doubleclick.net%252Fddm%252Ffls%252Fr%252Fdc_pre%253DCOz0nLG_r_oCFTzEOwIdMaEJDQ%253Bsrc%253D11432329%253Btype%253Dwrs%253Bcat%253Dwrsal0%253Bord%253D1840325647588%253Bgtm%253D2wg9l0%253Bauiddc%253D825523247.1664093503%253B~oref%253Dhttps%25253A%25252F%25252Fwww.mandai.com%25252Fen.html%26auto_ccid%3D0aooa-edopj-z17u6-9y7bl-st6bx%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26vd1%3D%26vd2%3D%26vf2%3D%26vn2%3D%26vf1%3D%26vs1%3D%26vn1%3D%26vb%3D%26pn%3D%26t%3D%26vp%3D%26vcu%3D%26vconfno%3D%26l%3D%26pc%3D%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&src=11432329&type=wrs&cat=wrsal0&ord=1840325647588&gtm=2wg9l0&auiddc=825523247.1664093503&~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 685d2ba4a90ced08109f28bcd1c9c15c8fa5cc36a83cb1473955670516ee173c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
content-encoding: gzip
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 793

GET
H3

200

src=11956783;dc_pre=CLbO57G_r_oCFdlGHgIdxPsJog;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_...
adservice.google.com/ddm/fls/z/ Frame 7C2F
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid...
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=CLbO57G_r_oCFdlGHgIdxPsJog;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252...
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CLbO57G_r_oCFdlGHgIdxPsJog;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252F...

42 B
63 B

178ms
82ms

Image
image/gif

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CLbO57G_r_oCFdlGHgIdxPsJog;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=

Protocol

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=CLbO57G_r_oCFdlGHgIdxPsJog;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 7C2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=__WiiPjrL2sKUurGRVs65g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDG...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-&sjrn_ula=7361855079&google_gid=CAESEAWiG8JFAusYSe6swRkiG8E&google_cver=1

42 B
282 B

141ms
38ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-&sjrn_ula=7361855079&google_gid=CAESEAWiG8JFAusYSe6swRkiG8E&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-&sjrn_ula=7361855079&google_gid=CAESEAWiG8JFAusYSe6swRkiG8E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 7C2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=__WiiPjrL2sKUurGRVs65g&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopsXnfmoJUNqFg2m0pMr-N-NPtanTkUFafmR2ByhJ7jIV-BLyz-3bpO-cFhN2w-WhSyzL9Ci8z3rDfO6_w9sVJsSPYfuJ9mmqNwY_yHZ1spGZ5Y4OM
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsXnfmoJUNqFg2m0pMr-N-NPtanTkUFafmR2ByhJ7jIV-BLyz-3bpO-cFhN2w-WhSyzL9Ci8z3rDfO6_w9sVJsSPYfuJ9mmqNwY_yHZ1spGZ5Y4OM

170 B
525 B

322ms
172ms

Image
image/png

2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsXnfmoJUNqFg2m0pMr-N-NPtanTkUFafmR2ByhJ7jIV-BLyz-3bpO-cFhN2w-WhSyzL9Ci8z3rDfO6_w9sVJsSPYfuJ9mmqNwY_yHZ1spGZ5Y4OM

Requested by

Protocol

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:45 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:44 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsXnfmoJUNqFg2m0pMr-N-NPtanTkUFafmR2ByhJ7jIV-BLyz-3bpO-cFhN2w-WhSyzL9Ci8z3rDfO6_w9sVJsSPYfuJ9mmqNwY_yHZ1spGZ5Y4OM
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 7C2F
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DW7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-
https://pixel.sojern.com/idsync/apn?id=6883213289019942336&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-

42 B
264 B

159ms
38ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=6883213289019942336&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:11:44 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8e96b1e9-1022-4db5-a655-f526e096ecc9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.sojern.com/idsync/apn?id=6883213289019942336&sjrn_id=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7C2F 70 B
265 B 109ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=W7rX4KPVH1lZazW-_CgzYspAxUuauFVANmR7R3c4Mw2Uid26zDGqDW7ZACU_Oke-&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=1&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=0aooa-edopj-z17u6-9y7bl-st6bx&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 10169313.json Show response
s.yimg.com/wi/config/ Frame 0912 46 B
678 B 201ms
138ms XHR
application/octet-stream 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10169313.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
x-content-type-options: nosniff
age: 0
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: GNF4A307JVF7GVH9
x-amz-id-2: pjHQW1x6BfsWToWSmtZO9ohalocYGdJ6q0uhark41tUp2hoG9ddosDwdnWslHDv8AAhIUUNNvhs=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 17 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 11 Nov 2021 03:52:57 GMT
server: ATS
etag: "169a76622cb3516047cff5f2cd73cd11"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: C34IH3ZkVK9tWJLvZiPXhCgb5vbQgwwL
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 0912 43 B
632 B 126ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2025%20Sep%202022%2008%3A11%3A44%20GMT&n=0&.yp=10169313&f=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOz0nLG_r_oCFTzEOwIdMaEJDQ%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D1840325647588%3Bgtm%3D2wg9l0%3Bauiddc%3D825523247.1664093503%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.13.0&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:45 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sun, 25 Sep 2022 08:11:45 GMT

GET
H2 200 style Show response
bpr.vouch.sg/api/v2/widget/ 21 KB
22 KB 312ms
311ms XHR
application/json 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/style

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/widget3/js/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

875b4fb1a4c72d64b5aecac561720c1f8aca128a36e9780cd17ff6b76b4b27e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
date: Sun, 25 Sep 2022 08:11:45 GMT
vary: Origin
content-length: 21908
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
wtf: FWT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandai.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
etag: W/"5594-ee865TUm4X/fYKTepOv3WT0GJBg"
expires: 0

OPTIONS
H2 204 style
bpr.vouch.sg/api/v2/widget/ Frame 0
0 594ms
195ms Preflight 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/style

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type
Access-Control-Request-Method: GET
Origin: https://www.mandai.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mandai.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 25 Sep 2022 08:11:45 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 RC6096846eb4844a34bb6cf37d996c027b-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/d896a08025d3/ 637 B
549 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/d896a08025d3/RC6096846eb4844a34bb6cf37d996c027b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a182af3178fc7c47e4d9a0b108aada944fcb00e8e5a80db4618c144aa1ec775a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 03:57:23 GMT
server: AkamaiNetStorage
etag: "785583fe5ceca1f14cac4c633f5c73d8:1660103843.87276"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 304
expires: Sun, 25 Sep 2022 09:11:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
43ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1764784058&t=pageview&cu=SGD&_s=1&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&ul=en-us&de=UTF-8&dt=Mandai%20Wildlife%20Reserve%3A%20Singapore%27s%20Best%20Wildlife%20Experience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABBAAAAC~&jid=86894112&gjid=1586411277&cid=172540832.1664093504&tid=UA-23015312-37&_gid=1042396142.1664093504&_r=1&gtm=2ou9l0&cd199=Launch%20production%202022-08-10T03%3A56%3A24Z&z=2039324493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC91eeb195d6b543c892c192440c36e78b-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/d896a08025d3/ 807 B
656 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/d896a08025d3/RC91eeb195d6b543c892c192440c36e78b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eef385d7331c6040e3fe6666cac19b4871a24e9104b7d518692abd27dbbe02b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 03:57:23 GMT
server: AkamaiNetStorage
etag: "785583fe5ceca1f14cac4c633f5c73d8:1660103843.87276"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 412
expires: Sun, 25 Sep 2022 09:11:44 GMT

GET
H2 200 RCefed1a87f35f40f6b1f1739162c290b6-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/d896a08025d3/ 2 KB
1 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/d896a08025d3/RCefed1a87f35f40f6b1f1739162c290b6-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 77e981c9d52ad8295007d05c10b7e06f05811f23ebf8b3a067df8a5114f45552

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 03:57:23 GMT
server: AkamaiNetStorage
etag: "785583fe5ceca1f14cac4c633f5c73d8:1660103843.87276"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1011
expires: Sun, 25 Sep 2022 09:11:44 GMT

POST
H2 200 interact Show response
adobedc.demdex.net/ee/v1/ 736 B
942 B 133ms
53ms Fetch
application/json 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/interact?configId=e0dadaea-a164-437c-a78a-42cffc63b50a&requestId=78513c95-ddd5-4cfa-9cd0-b40bf9d5fae7

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

abdb08f510dc392a7fe9d6160e1d184da6cfbdd5b15199da2a13c7bc2edc773f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 25 Sep 2022 08:11:44 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 78513c95-ddd5-4cfa-9cd0-b40bf9d5fae7
server: jag
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mandai.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.37:fc1cc715

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5b891907da4bf1d7/ 1 KB
686 B 264ms
225ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5b891907da4bf1d7/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 899e64a79b4d99d002bfe5c8d275011cabd2917805d085e8b208a3ad2cf57777

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
content-encoding: gzip
etag: 1900291822--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=49, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 511

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 544ms
141ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63300d3f9c1cc587&bkl=0&bl=1&pdt=852&sid=63300d3f9c1cc587&pub=ra-5b891907da4bf1d7&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.mandai.com&fp=en%2Fmandai.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664093505004&jsl=4097&uvs=63300d3f28d6a124000&skipb=1&callback=addthis.cbs.jsonp__92663179208232020
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0a34db97512319eb143f0821249ae0e8517c6eafa178cfc613770d4ac1a44e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:45 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 61C1 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 7A7A 71 KB
26 KB 10ms
9ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sun, 25 Sep 2022 08:11:45 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 config.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 3 KB
2 KB 511ms
511ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/config.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aeaabfbda1e2710ba6aa342319fe4e0c0d3b6964433958f7566cc049b523d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=9jF0sHe6HSti8gcc2LtaX3fqsm.0MBDXMWHVBE.uzhE-1664093505-0-ARoV-99SAef49ZLFnoCKziifDgkSuIeB1t69L_lyyov3ZoujPZd0na2vVO8WnysPTBUi1MiWEeKVUmcLf7yANb8; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0aa3344d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=9jF0sHe6HSti8gcc2LtaX3fqsm.0MBDXMWHVBE.uzhE-1664093505-0-ARoV-99SAef49ZLFnoCKziifDgkSuIeB1t69L_lyyov3ZoujPZd0na2vVO8WnysPTBUi1MiWEeKVUmcLf7yANb8"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7669cc9bf4-FRA

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 48ms
18ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23015312-37&cid=172540832.1664093504&jid=86894112&gjid=1586411277&_gid=1042396142.1664093504&_u=6GDACUABBAAAAC~&z=103602363

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Sep 2022 08:11:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23015312-37&cid=172540832.1664093504&jid=86894112&_u=6GDACUABBAAAAC~&z=1534526983

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 85ms
84ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23015312-37&cid=172540832.1664093504&jid=86894112&_u=6GDACUABBAAAAC~&z=1534526983

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:11:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
10ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 25 Sep 2022 08:11:45 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 config-layout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 7 KB
2 KB 514ms
512ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/config-layout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9cc4917228248d023a49fd0f63a61a83f6054ccc6deab12bf989b1459e3176e

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8031c3684c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79a8b99bf4-FRA

GET
H3 200 tracking-data.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 5 KB
2 KB 524ms
520ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/tracking-data.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b501137c92b1c7c949189ebfc47a49221e5e9c174cabdeec27579abf854b9ab

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"073ecaa4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79a8c09bf4-FRA

GET
H3 200 header.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 22 KB
5 KB 553ms
549ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/header.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe60228b0c1e72d428cf1c92abefe80434b7ab09fea823acedec3786af808dd

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 30 Mar 2022 07:55:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80c3ac90b44d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79a8c79bf4-FRA

GET
H3 200 bodyScrollLock.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 523ms
519ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/bodyScrollLock.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80244e264d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79a8c89bf4-FRA

GET
H3 200 modal.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
3 KB 522ms
518ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/modal.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6a1a55f57197d417e1a05872b6d5fa12e26ad6758a63cf872538fab0eac5a3f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80244e264d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79a8cc9bf4-FRA

GET
H3 200 logout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 953 B
785 B 513ms
509ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/logout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2bb0e180446cb8909ad161b1c8ffe54b7eab5eb171803fa603d9068a0f7e5b7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"871e11af4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79a8cf9bf4-FRA

GET
H3 200 navbar-search.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
2 KB 1159ms
1153ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/navbar-search.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587502b2bd968ca1bd87458f5efe3d57da682e37f9842333f0dbdcced9b46114

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"059d5f44c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8d79bf4-FRA

GET
H3 200 search-component.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 4 KB
2 KB 209ms
204ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/search-component.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af777f263c875becbe9f27168f4150b5b8abe5d3329590ada21ce000358696c

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8031c3684c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8db9bf4-FRA

GET
H3 200 md-destination-masthead.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 506ms
502ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-destination-masthead.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8414907d58364981650dedff8b1005c431cbffe6d4aa9d62e10c02850d8b6f82

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:48:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"07294484e42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8e09bf4-FRA

GET
H3 200 background-change.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 2 KB
993 B 214ms
207ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/background-change.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceccf9d6d052f0ddf12355af8deea5102a796f2d5432b2a444352f3fc938c1d8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:49:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9e4b90754e42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8ea9bf4-FRA

GET
H3 200 md-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 526ms
518ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7e7c52fa762c3cbb9a9c2625d96b6922064811afca8eb1170b6d6aa1fbc76f1

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0ba34624c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8ec9bf4-FRA

GET
H3 200 masthead-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 5 KB
2 KB 204ms
196ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/masthead-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93db61288b6e2351cc95127644e49eceaea00d63f5d74f6cd2a5b453564e0f0e

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8050cd624c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8ee9bf4-FRA

GET
H3 200 match-height.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
1 KB 206ms
201ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/match-height.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fa5f5b901d9ca372d4d1c0e6965f431f523bc99dfee78453c390f419decd91

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=RCS0IAV7whoQ_kmUqXXtmimaSkarMj4K8DgNt7u2..0-1664093505-0-Adc-ACjbt7xtcB-wSBw6OIdGYWOlpEFs3vsxt_T9gZxPydFPwWqrJE0CTqa0YyudOcxx0-_9xikkquXUSWur1r4; report-to cf-csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f1b943f64c42d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RCS0IAV7whoQ_kmUqXXtmimaSkarMj4K8DgNt7u2..0-1664093505-0-Adc-ACjbt7xtcB-wSBw6OIdGYWOlpEFs3vsxt_T9gZxPydFPwWqrJE0CTqa0YyudOcxx0-_9xikkquXUSWur1r4"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8f09bf4-FRA

GET
H3 200 back-to-top.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
951 B 520ms
516ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/back-to-top.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e79c2984d4f109cb17bc30ac8cef10768d2de4a376ccab96c8f1548de115430

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:39:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d14ed4d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8f19bf4-FRA

GET
H3 200 list-social.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
2 KB 521ms
518ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/list-social.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e752711b9a6d20069db0bebd20d654d55816004fb0a06584f80317e2f8c90f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=plsAh3u6EK44l2bjqfeiVhkT18wZm70R8HCoJDrqTyk-1664093506-0-AfNKu_Tk1KL_SPX9C35eTRymjKiFT4PpWuRV8zZevvQXRRQ7hCebQ7SPCRNkgonfKK5PsBAFMVC2_ozVPMzOCpA; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"00f8854c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=plsAh3u6EK44l2bjqfeiVhkT18wZm70R8HCoJDrqTyk-1664093506-0-AfNKu_Tk1KL_SPX9C35eTRymjKiFT4PpWuRV8zZevvQXRRQ7hCebQ7SPCRNkgonfKK5PsBAFMVC2_ozVPMzOCpA"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8f29bf4-FRA

GET
H3 200 accordion-footer.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 540ms
537ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/accordion-footer.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

623edc66f2c326a0b290806a0197d3256736f9a8307551fe77d3ad456232e541

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14e3de344d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a79b8f39bf4-FRA

GET
H3 200 slick.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 41 KB
11 KB 501ms
501ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/slick.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56d0c0b2f54ca7d8140dd0f72c101a63e67c65a7b05e996386c32d52a357ec45

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80985ab4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7b0b249bf4-FRA

GET
H3 200 jquery-ui.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 249 KB
68 KB 189ms
188ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery-ui.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=jFWzEMutufxYzY7FzPrVZTcrj4WFtHk8hEu9Jl1xs1E-1664093505-0-AXyGDzPT-VadI54q3zAg0w5KY8j0cpBFCh_Bw_q-PB8V2JUc_W4skwUYFDORXXt7zpT5q51gQSHDQCUUlg1006I; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80ef6df54c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=jFWzEMutufxYzY7FzPrVZTcrj4WFtHk8hEu9Jl1xs1E-1664093505-0-AXyGDzPT-VadI54q3zAg0w5KY8j0cpBFCh_Bw_q-PB8V2JUc_W4skwUYFDORXXt7zpT5q51gQSHDQCUUlg1006I"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7b0b269bf4-FRA

GET
H3 200 jquery.matchHeight.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 513ms
512ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.matchHeight.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45144a93ef7e117598736fb873741662208e2fe7058cf76879aff799805e3128

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80985ab4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7b0b3b9bf4-FRA

GET
H3 200 homepage-banner-parks-carousel-jbp-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 475 KB
476 KB 851ms
851ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-jbp-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb213a2455cb1d6576b8b8745512fbbcaa0fff8785bb500da9e452560192b1f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 486720
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:48:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "72d079494e42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a7b2b799bf4-FRA

GET
H3 200 homepage-banner-parks-carousel-ns-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 319 KB
319 KB 495ms
494ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-ns-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0789714196fb92656a1d6022c73c5f2e580f13478b1c8d6d57c1631099106ca4

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 326328
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 03:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "dc9a38285142d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a7b2b7d9bf4-FRA

GET
H3 200 homepage-banner-parks-carousel-rw-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 418 KB
418 KB 1129ms
1128ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-rw-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44243b4c10736cc6aa5b1e07f9c6056ae6e877a6b64f44241a9ffe1ab59f8446

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 427666
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 03:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "41fd3a285142d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a7b2b809bf4-FRA

GET
H3 200 homepage-banner-parks-carousel-sz-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 478 KB
479 KB 514ms
514ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-sz-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9d20faebd82578e2e700a5b7261636c8b917684a238230bfd0f21668958533

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 489922
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2127dc694c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a7b2b849bf4-FRA

GET
H3 200 background-d.jpg
www.mandai.com/content/dam/mandai/test/ 968 KB
969 KB 818ms
817ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/test/background-d.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d64ccdf9d91249df7da12a3bc71dbf5bde950937c07471d306778c330a29f74

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 991540
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:34:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "dddceb694c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a7b2b889bf4-FRA

GET
H3 200 conservation-banner-1920x933.jpg
www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/ 138 KB
138 KB 191ms
190ms Image
image/jpeg 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/conservation-banner-1920x933.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9e4d368f9e9ca3e8f01c131adf5b86c61d9324c8a7b5280fd8bcd6b901ca2e5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:45 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=144855, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140837
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:44:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a58a5eae4d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a7b2b8a9bf4-FRA
cf-bgj: imgq:100,h2pri

GET
H3 206 mandai-destination-desktop-1920x1080.mp4
www.mandai.com/content/dam/mandai/destination/masthead/ 3 MB
3 MB 822ms
822ms Media
video/mp4 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/content/dam/mandai/destination/masthead/mandai-destination-desktop-1920x1080.mp4

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfcc0770f8316dd669e39b35e58cb473932be8016104b2eb66fede93d54e9773

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Hm.50Cg0lmhN9DtO7BSex7o1mOorWDEQlNiXPV7nP7o-1664093506-0-Abm6JUcNZnAKK7biovcXmIxhk6rm8d631M7lvJOj8F4EkeYo0DFMEUZHMshYukKIiegEkPy11Hl28T3hVf_QShA; report-to cf-csp-endpoint
Content-Range: bytes 0-3663943/3663944
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3663944
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 26 Aug 2022 03:24:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "918a1355fbb8d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Hm.50Cg0lmhN9DtO7BSex7o1mOorWDEQlNiXPV7nP7o-1664093506-0-Abm6JUcNZnAKK7biovcXmIxhk6rm8d631M7lvJOj8F4EkeYo0DFMEUZHMshYukKIiegEkPy11Hl28T3hVf_QShA"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: video/mp4
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7da8779bf4-FRA

GET
H2 200 1626935178112.png
files.vouch.sg/files/60b9e36a547f7400165c552c/ 549 B
856 B 288ms
193ms Image
image/png 18.66.97.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/60b9e36a547f7400165c552c/1626935178112.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-64.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 06:26:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "7ba90422931f52be89d1284b77f8b016"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 549
x-amz-cf-id: W2vfgNf5QI23l2H9ly-Qtx2Jz7AEZKWCnnQE1HIZWzFPm9VQ-RBXaA==

GET
H2 200 1655801521060.png
files.vouch.sg/files/613afb2ee42545001564fef5/ 514 B
820 B 286ms
191ms Image
image/png 18.66.97.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/613afb2ee42545001564fef5/1655801521060.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-64.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:51:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "200984452bb9c370ccc880fdd1c6adce"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 514
x-amz-cf-id: Ng6kbgecRL4VIdlG6_3GMnAN9rNhKMnxGsublmFMDzfsmIOeRkWBxg==

GET
H2

200

bot-b Show response
app.vouch.sg/ Frame 114F
Redirect Chain

https://app.vouch.sg/bot?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https://www.mandai.com/en.html
https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default

2 KB
1 KB

502ms
501ms

Document
text/html

52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Requested by: Host: app.vouch.sg
URL: https://app.vouch.sg/widget3/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 9104ee9e3f18c06ba521a400c396d6bc1b5499fcf2781f17c3eef24c0cc6ef6b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 703
content-type: text/html
date: Sun, 25 Sep 2022 08:11:47 GMT
etag: "c4f9b53feff71b46e9ca33f287af9729"
last-modified: Wed, 14 Sep 2022 14:07:43 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-apigw-id: ZAcChGUuSQ0FdJA=
x-amz-cf-id: CawkPYa47S7bbj2iTavIdLvwPFdFVQ-L7XawpJQZ8llIYl7k8iq7BQ==
x-amz-cf-pop: FRA56-P4
x-amzn-remapped-content-length: 1801
x-amzn-remapped-date: Sun, 25 Sep 2022 08:11:48 GMT
x-amzn-remapped-server: AmazonS3
x-amzn-requestid: 29b60a7a-0348-4388-9f31-d33a4a71c8a1
x-cache: Miss from cloudfront

Redirect headers

cache-control: max-age=86400
content-length: 0
content-type: application/json
date: Sun, 25 Sep 2022 08:11:46 GMT
location: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-apigw-id: ZAcCbGslyQ0FuCw=
x-amz-cf-id: 4n5g3CAAAnV0A0sLwlR5ZVx_01NlEn5MClWTH9v01NJwB8Hrk-QK9A==
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: aef8cdee-b9cd-47f0-86cf-8a61cb453f8d
x-amzn-trace-id: Root=1-63300d42-033527d732c4e72c4f0dfa0a;Sampled=0
x-cache: Miss from cloudfront

GET
H3 200 jquery.cookie.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 510ms
509ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.cookie.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017b544bccd71d66e8e8d7c4e5b87ab2238b09661985d6e288f9674390dda9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:47:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"802af32e4e42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7db8c19bf4-FRA

GET
H3 200 lodash.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 72 KB
27 KB 521ms
520ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/lodash.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f771988a30ff1eef6257e180b219ab315ea576be2d8c743fa869d2ea2bf5194

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"801c9ff64c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7dc8d19bf4-FRA

GET
H3 200 storagePolyfill.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 4 KB
2 KB 523ms
522ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/storagePolyfill.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df809c8c68e16dc3e7174dbf19fa156c67af0acae5298c78a7b76a9993551bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:38:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80ef6df54c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7dc8d39bf4-FRA

GET
H3 200 handlebars-v4.0.5.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 71 KB
21 KB 672ms
671ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/handlebars-v4.0.5.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f15f8225783d294f040145b0129d2171e53a5a0cddc4359c9b092f17aca2ef72

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0128d3d4d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7dc8d59bf4-FRA

GET
H3 200 iscroll.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 33 KB
9 KB 523ms
523ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/iscroll.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67b6849fcd40d27bac12b6329a27194a90c215d19ffdfc10586da449d13d11d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80985ab4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7dc8d79bf4-FRA

GET
H3 200 generatetoken.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 3 KB
1 KB 199ms
199ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/generatetoken.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9626c3ea93861563be1a86f1595c1bf6fa56b4e6abde13f6db61044997076a86

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0bbe6264d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7dc8d89bf4-FRA

GET
H3 200 debounce.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 731 B
884 B 506ms
505ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/debounce.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:36:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c375cdab4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7dc8db9bf4-FRA

GET
H3 200 ajax-loader.gif
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 4 KB
5 KB 566ms
565ms Image
image/gif 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/ajax-loader.gif

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4178
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:35:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bfad9e8a4c42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
accept-ranges: bytes
cf-ray: 75024a7e29939bf4-FRA

GET
H3 200 mandai-arrow-green-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 506ms
506ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cab82ea75cd66e69e3594efc140c1dbd58bf1f11091ea0af05dbe97e8ffde24

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d17e2d274d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7e69e99bf4-FRA

GET
H3 200 mandai-arrow-green-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 516ms
515ms Image
image/svg+xml 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a4031534936da754801f3a1272d6af544b0780bc53e69cc0ea3aabfe52c361

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:57:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5acee1804f42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a7e69f49bf4-FRA

GET
H3 200 jquery.simplePagination.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 6 KB
2 KB 520ms
519ms Script
application/javascript 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.simplePagination.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d24c78deef6284bcaecba79a0b8698a016d579e86a1eff6eecaea09477256db8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Mar 2022 02:40:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0d734354d42d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a811f259bf4-FRA

GET
H3 200 header Show response
www.mandai.com/bin/wrs/ 52 B
600 B 521ms
520ms XHR
application/json 2606:4700::6812:6004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/bin/wrs/header

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.mandai.com/en.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-ray: 75024a812f3d9bf4-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 app.f5d22c89.css
app.vouch.sg/bot-b/css/ Frame 114F 253 KB
39 KB 680ms
679ms Stylesheet
text/css 52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css
Requested by: Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 43eb5b0e322b31343d67ca0d23fcc2575ab1ef7fea1053a4f0fea0fad0290174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 258593
x-amzn-remapped-date: Sun, 25 Sep 2022 08:11:48 GMT
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: c021d18e-67f3-407f-b001-1457f8b051fa
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAcCmECoyQ0FWvw=
content-length: 39306
last-modified: Wed, 14 Sep 2022 14:07:43 GMT
cache-control: no-cache
etag: "eccea1e86e4311ddcd76cace540367b8"
content-type: text/css
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amzn-remapped-server: AmazonS3
x-amz-cf-id: nnU-15icTiY2DEbZOiUrv4zunXH_iuSFYWkpUCuRI7hCUzNgM7a-SA==

GET
H2 200 chunk-vendors.ecebb84e.css
app.vouch.sg/bot-b/css/ Frame 114F 367 KB
116 KB 693ms
693ms Stylesheet
text/css 52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouch.sg/bot-b/css/chunk-vendors.ecebb84e.css
Requested by: Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 1882bb3b627aea8778ae80e583719c41919264aa2f94b67b8d5c7f4f3888771e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 375801
x-amzn-remapped-date: Sun, 25 Sep 2022 08:11:48 GMT
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: 57630e4c-4c55-4cd6-8920-8aaaedc06a24
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAcCmGBRSQ0FrhQ=
content-length: 118179
last-modified: Wed, 14 Sep 2022 14:07:43 GMT
cache-control: no-cache
etag: "91721275d2ab6dfc5384dbc409920949"
content-type: text/css
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amzn-remapped-server: AmazonS3
x-amz-cf-id: sPTVy_oZ4nM0DMKzhTO5LfS45RXUEW3EtgihNTMqIW766JXS5CXdaA==

GET
H2 200 app.c010a807.js Show response
app.vouch.sg/bot-b/js/ Frame 114F 276 KB
65 KB 689ms
689ms Script
application/javascript 52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouch.sg/bot-b/js/app.c010a807.js
Requested by: Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: 2e6a8022464458960405d7dc3b1a207b6c5db62f32b71e904e2db8ab833c3445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 282638
x-amzn-remapped-date: Sun, 25 Sep 2022 08:11:48 GMT
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: 73cf9149-3f93-4a41-b346-9bd8987ca096
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAcCmGAFyQ0FWhQ=
content-length: 66255
last-modified: Wed, 14 Sep 2022 14:07:43 GMT
cache-control: no-cache
etag: "72bad402d1b63342dec2593d9154d24c"
content-type: application/javascript
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amzn-remapped-server: AmazonS3
x-amz-cf-id: h0m3uvXUvyDgy6BKOGk-fHJB9i3CLHDOLAkKSA8Ip6snaAS2eSBnrg==

GET
H2 200 chunk-vendors.3498e974.js Show response
app.vouch.sg/bot-b/js/ Frame 114F 3 MB
763 KB 973ms
973ms Script
application/javascript 52.222.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouch.sg/bot-b/js/chunk-vendors.3498e974.js
Requested by: Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-76.fra56.r.cloudfront.net
Software: /
Resource Hash: d015a2337b35bb9a01b531ea394ce7f5f7718c66e67202ea2168e226ccead076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:47 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 3363854
x-amzn-remapped-date: Sun, 25 Sep 2022 08:11:48 GMT
x-amz-request-id: 3HE9XP1HFM6JAV44
x-amzn-requestid: 4d1a4aa5-d9d3-46cb-88ed-f5628b5f717d
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAcCnEb8SQ0Fo4w=
content-length: 779507
x-amz-id-2: K3/G6abpFN3HJ02II2/p5Cy6bPqW+Y7zlk5VDmm8KkZRA+KTaaUzp8kC3f6jqap+KCI+PZ3Urfg=
last-modified: Wed, 14 Sep 2022 14:07:43 GMT
etag: "54cbd38c09a6c83f441596a7f580503b"
content-type: application/javascript
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-pop: FRA56-P4
x-amzn-remapped-server: AmazonS3
x-amz-cf-id: TUuuJrxTgOWcSznowiGkZNIJJsO1sypQJAKGC61Pr83Y8GFcyjhalw==

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 2 KB
1 KB 54ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:54:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 1 KB
526 B 56ms
22ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Spectral

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04388a5687612d5329c883522b1a07b0b48e0f4bbb8a5f52045bb01eafa3779c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 08:11:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 1023 B
477 B 56ms
22ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yrsa

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b7d84dd488a8a484b1229eb342dfd3a459b1f2d063ee99c87ee057e8b8fb8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 08:11:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 1 KB
523 B 63ms
30ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cc1f33d2e98255a07f024524dc8e4301353898b61537067731fe4a0d81fe900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 08:11:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 114F 7 KB
806 B 56ms
23ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&display=swap

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

206b00f8cc30d0dca021213144c537ace589e71c9b36b2af53e21f69918aabba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 08:03:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 2 KB
596 B 62ms
28ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:23:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 2 KB
601 B 69ms
36ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 08:00:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 684 B
437 B 67ms
34ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sanchez

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a388d06a9e184c0a018d0cb4a2739cff38da8e4c3429cc8d87b8ef88ec994e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 08:03:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 1 KB
572 B 68ms
35ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6298c3b513f2c4653a5ecd25fab7ffb5c74a8ce3c63b176f91621b77a7bc6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:31:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 2 KB
592 B 79ms
46ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:33:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 677 B
433 B 69ms
36ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f7a8e11272b8269b6e75d369163fc11d45525ebf7eb8e8c99abbcc90902a606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:46:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 1 KB
510 B 61ms
29ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a83029a374c87ff23320d900ae49450b8a4b2c82d973c73c98f4a58bd62c26ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:08:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 973 B
485 B 67ms
35ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b540c14143da2c8c40e67b767c9821a8900fee46616a37bd89f18ea9b60e8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:39:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 705 B
446 B 61ms
30ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4426ecb964bd2b3cd1663b5feb152295ff0edcf1996a6e6b504207cfc6b8909c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 07:20:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 114F 2 KB
575 B 65ms
34ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/css/app.f5d22c89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dce1530af2c7fa237b99b4090d2d6f48c4dd95c96e9b31b3a70e2940ea99d5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:23:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:11:47 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-in.com/ Frame 114F 776 KB
159 KB 75ms
34ms Script
text/javascript 2606:4700:3034::ac43:cefe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/js/chunk-vendors.3498e974.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cefe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64781058d6ebdd8841ce1d0dc037e29359748845099cbf0776b135b4d4c5af51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31556926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hhn4057-HHN
last-modified: Fri, 23 Sep 2022 19:02:21 GMT
server: cloudflare
x-timer: S1663960005.374577,VS0,VE1
etag: W/"ad052545fc859efec30011302b05e96579b389b4b26fbd05f3d7618230012fee"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhveSN9Ijl9MrdJ1ifW%2FtQqz%2BGto9VhAWaKQLN%2F702E5wI8G%2B0D1c48wYn9Q2ibXbe0qwrAzr1HZ9VyMbX%2Fw5JxficJCwj%2FTgcElK1aPZjsbb4ianN8glrrXsZ%2FTrKjiJpqmQiOKTNsaNvkE"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75024a8f0a9b9277-FRA
x-cache-hits: 1

GET
BLOB 200
OK ea329204-d68b-4a1a-bd52-de0f6214648e
https://app.vouch.sg/ Frame 114F 427 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vouch.sg/ea329204-d68b-4a1a-bd52-de0f6214648e
Requested by: Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4dabf6d8a9c22ede538446094c71deb462aade2f03151066d88cbb15888f2bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 436921

GET
H2 200 style Show response
bpr.vouch.sg/api/v2/widget/ Frame 114F 21 KB
22 KB 1427ms
1427ms XHR
application/json 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/style

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/js/chunk-vendors.3498e974.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

875b4fb1a4c72d64b5aecac561720c1f8aca128a36e9780cd17ff6b76b4b27e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouch.sg/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
date: Sun, 25 Sep 2022 08:11:51 GMT
vary: Origin
content-length: 21908
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
wtf: FWT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouch.sg
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
etag: W/"5594-ee865TUm4X/fYKTepOv3WT0GJBg"
expires: 0

OPTIONS
H2 204 style
bpr.vouch.sg/api/v2/widget/ Frame 0
0 194ms
194ms Preflight 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/style

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouch.sg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouch.sg
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 25 Sep 2022 08:11:49 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 114F 15 KB
16 KB 163ms
47ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouch.sg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 304729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:33:00 GMT

GET
H2 200 defaultlang Show response
bpr.vouch.sg/api/v2/widget/ Frame 114F 168 B
897 B 285ms
285ms XHR
application/json 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/defaultlang

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/js/chunk-vendors.3498e974.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouch.sg/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
date: Sun, 25 Sep 2022 08:11:51 GMT
vary: Origin
content-length: 168
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
wtf: FWT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouch.sg
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
etag: W/"a8-ABMHoOoyasvFFdqjZUdfsSlL5hk"
expires: 0

OPTIONS
H2 204 defaultlang
bpr.vouch.sg/api/v2/widget/ Frame 0
0 234ms
233ms Preflight 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/defaultlang

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouch.sg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouch.sg
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 25 Sep 2022 08:11:51 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ Frame 114F 14 KB
14 KB 144ms
48ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouch.sg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:20:12 GMT
x-content-type-options: nosniff
age: 471099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:20:12 GMT

GET
H2 200 defaultlang Show response
bpr.vouch.sg/api/v2/widget/ Frame 114F 168 B
897 B 312ms
312ms XHR
application/json 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/defaultlang

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/js/chunk-vendors.3498e974.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouch.sg/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
date: Sun, 25 Sep 2022 08:11:52 GMT
vary: Origin
content-length: 168
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
wtf: FWT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouch.sg
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
etag: W/"a8-ABMHoOoyasvFFdqjZUdfsSlL5hk"
expires: 0

POST
H2 429 / Show response
o412878.ingest.sentry.io/api/6013215/envelope/ Frame 114F 198 B
536 B 284ms
58ms Fetch
application/json 34.120.195.249

General

Check archive.org

Show headers Download Go to

Full URL

https://o412878.ingest.sentry.io/api/6013215/envelope/?sentry_key=b1bb39461ded4ea69691618431dc6229&sentry_version=7

Requested by

Host: app.vouch.sg
URL: https://app.vouch.sg/bot-b/js/chunk-vendors.3498e974.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.vouch.sg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 25 Sep 2022 08:11:52 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://app.vouch.sg
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-sentry-rate-limits: 59:transaction:organization:transaction_usage_exceeded
retry-after: 59

OPTIONS
H2 204 defaultlang
bpr.vouch.sg/api/v2/widget/ Frame 0
0 197ms
197ms Preflight 18.138.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouch.sg/api/v2/widget/defaultlang

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.138.2.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-2-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouch.sg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouch.sg
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 25 Sep 2022 08:11:51 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 1631504305444.jpeg
files.vouch.sg/files/613afb2ee42545001564fef5/ Frame 114F 10 KB
10 KB 350ms
349ms Image
image/jpeg 18.66.97.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/613afb2ee42545001564fef5/1631504305444.jpeg
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-64.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6de5fcc37139444f3f1d43d5a67dbdd795abb9faed69461dd0d1ab6e946db80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vouch.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:11:53 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 03:38:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "45bddc0c3bf12a11b30d8edc7c8c86a1"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
content-length: 9967
x-amz-cf-id: 7IP8FbgxvTKCrZ9TbwHbaTtdnyt6hUG5W3gju-3gCQZ-DxL7IMueFw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ez2YwgmCr4I
.youtube.com/	1970-01-20 10:34:05	Name: VISITOR_INFO1_LIVE Value: VeiBbavhawE
.mandai.com/	1970-01-20 08:24:29	Name: _gcl_au Value: 1.1.825523247.1664093503
.demdex.net/	1970-01-20 10:34:05	Name: demdex Value: 83985222805398032212677357972070402069
.mandai.com/	1969-12-31 23:59:59	Name: AMCVS_44243DF7584A9D790A495ECF%40AdobeOrg Value: 1
.mandai.com/	1970-01-20 15:50:53	Name: _ga Value: GA1.2.172540832.1664093504
.mandai.com/	1970-01-20 06:16:19	Name: _gid Value: GA1.2.1042396142.1664093504
.mandai.com/	1970-01-20 06:14:53	Name: _gat_UA-23015312-4 Value: 1
.mandai.com/	1970-01-20 06:14:53	Name: _gat_szsuperrolluplp Value: 1
.mandai.com/	1970-01-20 08:24:29	Name: _fbp Value: fb.1.1664093503527.1611058943
.mandai.com/	1970-01-20 15:50:53	Name: s_ecid Value: MCMID%7C83888472417525575642720532037843513788
www.mandai.com/	1970-01-20 15:39:22	Name: qcSxc Value: 1664093503602
.quantserve.com/	1970-01-20 08:24:29	Name: d Value: EAQBBgGXJwIYot2cBOvmnA0YwpSN
.quantserve.com/	1970-01-20 15:45:07	Name: mc Value: 63300d3f-97bf4-e21b9-122ae
.mandai.com/	1970-01-20 15:39:22	Name: __qca Value: P0-384379132-1664093503597
.everesttech.net/	1970-01-20 15:00:29	Name: everest_g_v2 Value: g_surferid~YzANPwAAAJnwTgNn
.dpm.demdex.net/	1970-01-20 10:34:05	Name: dpm Value: 83985222805398032212677357972070402069
.mandai.com/	1970-01-20 15:50:53	Name: AMCV_44243DF7584A9D790A495ECF%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19261%7CMCMID%7C83888472417525575642720532037843513788%7CMCAAMLH-1664698303%7C6%7CMCAAMB-1664698303%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1664100703s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19268%7CvVersion%7C5.4.0
.doubleclick.net/	1970-01-20 15:36:29	Name: IDE Value: AHWqTUnL-8Am-uQb3lFywBYSax592ZZSs8Q31zkGwIDva19wGJg0CO7Sr_otPvwBh9s
.adnxs.com/	1970-01-20 08:24:29	Name: uuid2 Value: 6883213289019942336
.sojern.com/	1970-01-20 15:00:29	Name: gid Value: CAESEAWiG8JFAusYSe6swRkiG8E
.sojern.com/	1970-01-20 15:00:29	Name: cid Value: fff5a288-f8eb-2f6b-0a52-eac6455b3ae6#1664064000000
.sojern.com/	1970-01-20 08:24:29	Name: apnid Value: 6883213289019942336
.mandai.com/	1970-01-20 06:14:53	Name: _gat_gtag_UA_23015312_37 Value: 1
www.mandai.com/	1970-01-20 15:43:41	Name: __atuvc Value: 1%7C39
www.mandai.com/	1970-01-20 06:14:55	Name: __atuvs Value: 63300d3f28d6a124000
.yahoo.com/	1970-01-20 15:00:51	Name: A3 Value: d=AQABBEENMGMCEFboC81ad58hJMZZtodieTwFEgEBAQFeMWM5YwAAAAAA_eMAAA&S=AQAAAuiDYoPjcIkNhy23CLdSQvk
.addthis.com/	1970-01-20 15:43:41	Name: uvc Value: 1%7C39
.mandai.com/	1970-01-20 15:43:41	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_identity Value: CiY4Mzg4ODQ3MjQxNzUyNTU3NTY0MjcyMDUzMjAzNzg0MzUxMzc4OFIPCMWMz523MBgBKgRJUkwx8AHFjM-dtzA=
.mandai.com/	1970-01-20 06:14:55	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_cluster Value: irl1
.addthis.com/	1970-01-20 15:43:41	Name: loc Value: MDAwMDBFVURFQlkyMjkzMTkwMTAwNTAwMDBDSA==
www.mandai.com/	1969-12-31 23:59:59	Name: renderid Value: rend01
www.mandai.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: node01ovnzzfee8cq71tnqm54xp952z93172.node0
www.mandai.com/	1969-12-31 23:59:59	Name: svrid Value: s185

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.mandai.com/en.html(Line 66) Message: <link rel=preload> has an unsupported `type` value
network	error	URL: https://o412878.ingest.sentry.io/api/6013215/envelope/?sentry_key=b1bb39461ded4ea69691618431dc6229&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11432329.fls.doubleclick.net
ad.doubleclick.net
adobedc.demdex.net
adservice.google.com
adservice.google.de
app.vouch.sg
assets.adobedtm.com
beacon.sojern.com
bpr.vouch.sg
cdn.lr-in.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
fcmatch.google.com
fcmatch.youtube.com
files.vouch.sg
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
m.addthis.com
mandai.com
match.adsrvr.org
o412878.ingest.sentry.io
pixel.quantserve.com
pixel.sojern.com
players.brightcove.net
pxl.qccerttest.com
rules.quantcount.com
s.yimg.com
s7.addthis.com
secure.quantserve.com
smetrics.mandai.com
sp.analytics.yahoo.com
static.sojern.com
stats.g.doubleclick.net
v1.addthisedge.com
wrs.demdex.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.mandai.com
www.youtube.com
z.moatads.com
s7.addthis.com
104.75.88.126
107.178.244.119
13.36.218.177
142.250.184.230
142.250.185.102
142.250.185.162
142.250.186.34
15.188.95.229
18.138.2.111
18.66.97.64
184.51.10.56
184.51.9.157
185.89.210.101
212.82.100.181
2600:9000:206e:4c00:6:44e3:f8c0:93a1
2600:9000:223d:ea00:11:615:7240:93a1
2606:4700:3034::ac43:cefe
2606:4700::6812:5f04
2606:4700::6812:6004
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1288:f03d:1fa::4000
2a00:1450:4001:80b::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2004
2a00:1450:400d:805::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2003
2a00:1450:400d:807::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2003
2a00:1450:400e:80f::200a
2a00:1450:4025:402::9d
2a02:26f0:3500:591::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.120.195.249
34.250.104.41
35.244.188.9
52.17.180.229
52.222.236.76
52.223.40.198
79.125.44.37
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
017b544bccd71d66e8e8d7c4e5b87ab2238b09661985d6e288f9674390dda9f2
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
022557de03af6b15e0b7961f944a39bab044b2f3ab9d3e4ca8e529b1049820dc
02b02be496e69e49f701452a382cdb4a194e299c93dbb04b810fdfc2202ba1e0
036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d
04388a5687612d5329c883522b1a07b0b48e0f4bbb8a5f52045bb01eafa3779c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0697a8851503c96e20e61a2d389bd66dd7c01e5f1649061ba19c20fa73ba32d6
06e752711b9a6d20069db0bebd20d654d55816004fb0a06584f80317e2f8c90f
0789714196fb92656a1d6022c73c5f2e580f13478b1c8d6d57c1631099106ca4
0af777f263c875becbe9f27168f4150b5b8abe5d3329590ada21ce000358696c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10fa31c9959e1f19a226eca226ffa078b5b4fe24cac06352e9ffcc41899b7f2c
11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e
12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e
1882bb3b627aea8778ae80e583719c41919264aa2f94b67b8d5c7f4f3888771e
1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3
1b501137c92b1c7c949189ebfc47a49221e5e9c174cabdeec27579abf854b9ab
1da49d72dd8cf8998a7225387428dddcb435578d81c0b4599c6bcc62fdfeeb2b
206b00f8cc30d0dca021213144c537ace589e71c9b36b2af53e21f69918aabba
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
25582cc7d9a780a6dfa37156d86ef6b13fa8a396f527a0a9c3d92ac62adc3f6b
2e6a8022464458960405d7dc3b1a207b6c5db62f32b71e904e2db8ab833c3445
2f771988a30ff1eef6257e180b219ab315ea576be2d8c743fa869d2ea2bf5194
2f98d935c96ccc6601afda2e70d1eb47047d9fa29859afd9c771a944fb404bd4
314913ec17a111824db519fa90faf06813395101af99e4290eb4b1c4a20f3430
32c7bdf4922b75ec3e653df30d7a59b35c62ee965fb9e5e940bd1dc8e9a5062d
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
37bc11a8167f8a9196685d45d56108c20857ae291618513288b3d2563c0609a6
3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14
3f82e361d5c2f3b8fed3e54d1aebd1669c6d311356164679e3d6966dc552e6e4
4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
43eb5b0e322b31343d67ca0d23fcc2575ab1ef7fea1053a4f0fea0fad0290174
44243b4c10736cc6aa5b1e07f9c6056ae6e877a6b64f44241a9ffe1ab59f8446
4426ecb964bd2b3cd1663b5feb152295ff0edcf1996a6e6b504207cfc6b8909c
45144a93ef7e117598736fb873741662208e2fe7058cf76879aff799805e3128
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda
49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265
4ad13d34a45356e68d3a6c7969fc7ab9d4d5dc27c43aa8f101fec2b1ac588092
4b540c14143da2c8c40e67b767c9821a8900fee46616a37bd89f18ea9b60e8f2
4dea432a64cd1e85ddde2d85d9600c6ceb1d7824a3a1bda2b8016aa1c8976002
53f4304fcfffea6d7e9cc1d00997ac8cfa9f2ff1c270d7c21bccc957bc6f84f9
56d0c0b2f54ca7d8140dd0f72c101a63e67c65a7b05e996386c32d52a357ec45
577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9
587502b2bd968ca1bd87458f5efe3d57da682e37f9842333f0dbdcced9b46114
58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4
5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f
5cb213a2455cb1d6576b8b8745512fbbcaa0fff8785bb500da9e452560192b1f
5cc1f33d2e98255a07f024524dc8e4301353898b61537067731fe4a0d81fe900
5cd2929541a7a51f97e2e9d53d49602e1dc4ba7d2dee3de16417e501407d1b9f
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
623edc66f2c326a0b290806a0197d3256736f9a8307551fe77d3ad456232e541
64781058d6ebdd8841ce1d0dc037e29359748845099cbf0776b135b4d4c5af51
65e294e7d7a34defb206adb338b72cb9e05dad6e5999a2ccad44bdb8ecdedc80
685d2ba4a90ced08109f28bcd1c9c15c8fa5cc36a83cb1473955670516ee173c
6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35
6a28473bf583d915b598718433123a861ba39f2d8120fb31f65634dd7fc8e608
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
6d2016806256f86da3febbc1a47a2830e310c46c3e791f4ab594fd9673f53a3f
6d64ccdf9d91249df7da12a3bc71dbf5bde950937c07471d306778c330a29f74
6ddc0a0417954644656b697c10b91eacef781c0cf5dcfe096cddcd46106c2e71
6de5fcc37139444f3f1d43d5a67dbdd795abb9faed69461dd0d1ab6e946db80b
6f210a70803bcc6e261706ffb0a7ef491cdcb9f384ad4d9eb9e962aea5615187
7520bc39c2d13d103ca5a68161a60645126c61c9d10578ee72ed6786248665cc
7584780160c6c72d5c976acefea6e714e144d6e9ae268fa0213b102ea417e1e5
77e981c9d52ad8295007d05c10b7e06f05811f23ebf8b3a067df8a5114f45552
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
79496883c3a08336c06cba5f3433ccacf60c60f089c301cf89a88773df59baad
7aeaabfbda1e2710ba6aa342319fe4e0c0d3b6964433958f7566cc049b523d6c
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7bd03851e3e84926fcf32756e7275aeec02d6f2bc9bf8292a2f7bb42cbfeab83
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c9d20faebd82578e2e700a5b7261636c8b917684a238230bfd0f21668958533
7cab82ea75cd66e69e3594efc140c1dbd58bf1f11091ea0af05dbe97e8ffde24
7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6
7d67f38229c8dac8429af4c162d42073e4abd4337a86ec54a18d3ad7e010b2a8
7fe60228b0c1e72d428cf1c92abefe80434b7ab09fea823acedec3786af808dd
8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5
8414907d58364981650dedff8b1005c431cbffe6d4aa9d62e10c02850d8b6f82
8456bfc228f9f81b4c3f0064dfc021e468643ebbe0c8d4ec30287b3dfc0c917d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f
875b4fb1a4c72d64b5aecac561720c1f8aca128a36e9780cd17ff6b76b4b27e7
88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2
899e64a79b4d99d002bfe5c8d275011cabd2917805d085e8b208a3ad2cf57777
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e79c2984d4f109cb17bc30ac8cef10768d2de4a376ccab96c8f1548de115430
9104ee9e3f18c06ba521a400c396d6bc1b5499fcf2781f17c3eef24c0cc6ef6b
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
93db61288b6e2351cc95127644e49eceaea00d63f5d74f6cd2a5b453564e0f0e
959ce16bde5f4a7c1a6169db07dcc054bd5e587a7cc61f6bee313e5005d0ce81
9626c3ea93861563be1a86f1595c1bf6fa56b4e6abde13f6db61044997076a86
9b7d84dd488a8a484b1229eb342dfd3a459b1f2d063ee99c87ee057e8b8fb8ae
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f7a8e11272b8269b6e75d369163fc11d45525ebf7eb8e8c99abbcc90902a606
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a182af3178fc7c47e4d9a0b108aada944fcb00e8e5a80db4618c144aa1ec775a
a2bb0e180446cb8909ad161b1c8ffe54b7eab5eb171803fa603d9068a0f7e5b7
a388d06a9e184c0a018d0cb4a2739cff38da8e4c3429cc8d87b8ef88ec994e56
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a83029a374c87ff23320d900ae49450b8a4b2c82d973c73c98f4a58bd62c26ce
a858c212dbe1cda846913e4d6bcb3d3e20e535b0275621f6197027f19d37ecbb
abdb08f510dc392a7fe9d6160e1d184da6cfbdd5b15199da2a13c7bc2edc773f
acb1f227d8f76783ed1fbe6e4bb1988af43fd4e1425d6d48697c917b24525b4e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad10a0a9a6afe9286f4f39f9304929f6cf14dd19818973cc9c13e403de61ee33
ad4eae97a638ca37073f1beb049f4645c1da21999ee2547d811642f6d703793e
b0a34db97512319eb143f0821249ae0e8517c6eafa178cfc613770d4ac1a44e9
b4ed020ae2b6ebbf9c015bbbe703a9d4fe069b56aea3f05a3fb6f85f6a958434
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b60dabc163081fe6317a7959c57a5394a9a43ed22ed2f7d1130b6b875d9e8a24
b80665f64f8220669d7a1e882fef1bc543b4574f46d6914d2ed01c3e01f466c5
b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bc568a864c18d71862e16c1f5ef275e7273cbb2c2f8950b07a611d239828e256
be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f
bfcc0770f8316dd669e39b35e58cb473932be8016104b2eb66fede93d54e9773
c01a1004db68d070f591cc953256d26573dced6c33f86d562f726a0ebf9aeb6f
c05a26f70be22cf13bb1a21e38f052bec9f8be79500d19e2f9e863ef38b078cc
c1ba54ace5ec9ffcfe936b694be4b70a7d3f906900a2e07b419f5e1c6819ce97
c1d78757ba95d3f11ab3567a755c4ea79db1bbb90ba93fdd44181c6fcc95de77
c4fa5f5b901d9ca372d4d1c0e6965f431f523bc99dfee78453c390f419decd91
c82d9bede596394bc84925ad87cb7792447d2016b9df6f1718208519d102e5b0
caca9d2a3eff03a02e5baccc27b158e2fa5db95c7144b2039f9c4251d8fff68e
cb9edc70273b71c79dbf2323c332425c2ce74b5faa73bbaaf9f3401c148894b0
cc673e0d60902d4d68cd16a923ffd72f2f42988b4daacd881c63dfc7babcf549
ceccf9d6d052f0ddf12355af8deea5102a796f2d5432b2a444352f3fc938c1d8
d015a2337b35bb9a01b531ea394ce7f5f7718c66e67202ea2168e226ccead076
d24c78deef6284bcaecba79a0b8698a016d579e86a1eff6eecaea09477256db8
d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12
d6298c3b513f2c4653a5ecd25fab7ffb5c74a8ce3c63b176f91621b77a7bc6ab
d652fdfc6174c5b36f11a200a83b14e5f78ccb4278efa344c65667588896b827
d67b6849fcd40d27bac12b6329a27194a90c215d19ffdfc10586da449d13d11d
d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18
d8dd7d97d5232ecef8ce6e6bced1492f73d3bb2d0550122fb9dcc274663c51f0
d9cc4917228248d023a49fd0f63a61a83f6054ccc6deab12bf989b1459e3176e
dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb
dce1530af2c7fa237b99b4090d2d6f48c4dd95c96e9b31b3a70e2940ea99d5e9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
df809c8c68e16dc3e7174dbf19fa156c67af0acae5298c78a7b76a9993551bb8
e2f8af767e0d56e93f34eaa875d9e9b308f720b599da6094dce10b470e35aa24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7fc6d28a5029a8e79abaeac2c098e2733a029449e4a8e2641dd75767d04e576
e9e4d368f9e9ca3e8f01c131adf5b86c61d9324c8a7b5280fd8bcd6b901ca2e5
ea072d94566d3b23d5cffd6ba378a1b10c572ada79c05956d53764c7b06a68b6
ec26b37105adacad70aca3692f80e3dab073f06639daa80f8adcede6af60d76c
eef385d7331c6040e3fe6666cac19b4871a24e9104b7d518692abd27dbbe02b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f8225783d294f040145b0129d2171e53a5a0cddc4359c9b092f17aca2ef72
f2a4031534936da754801f3a1272d6af544b0780bc53e69cc0ea3aabfe52c361
f4dabf6d8a9c22ede538446094c71deb462aade2f03151066d88cbb15888f2bc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a1a55f57197d417e1a05872b6d5fa12e26ad6758a63cf872538fab0eac5a3f
f7e7c52fa762c3cbb9a9c2625d96b6922064811afca8eb1170b6d6aa1fbc76f1
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5

www.mandai.com Open in urlscan Pro 2606:4700::6812:6004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

94 %HTTPS

51 %IPv6

30 Domains

49 Subdomains

39 IPs

8 Countries

11366 kBTransfer

21526 kBSize

34 Cookies

16 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandai.com Open in urlscan Pro
2606:4700::6812:6004 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

94 %
HTTPS

51 %
IPv6

30
Domains

49
Subdomains

39
IPs

8
Countries

11366 kB
Transfer

21526 kB
Size

34
Cookies

194 HTTP transactions
3 data transactions