www.mandai.com Open in urlscan Pro
2606:4700::6812:5f04 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mandai.com/
Effective URL:
https://www.mandai.com/en.html
Submission: On May 26 via manual (May 26th 2023, 9:02:53 pm UTC) from GB — Scanned from GB

Summary HTTP 207 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 31 domains to perform 207 HTTP transactions. The main IP is 2606:4700::6812:5f04, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandai.com. The Cisco Umbrella rank of the primary domain is 797376.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 24th 2022. Valid for: a year.

This is the only time www.mandai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:6004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 79	2606:4700::68... 2606:4700::6812:5f04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	23.35.237.37 23.35.237.37	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3 10	108.139.243.119 108.139.243.119	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
6	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3 7	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
4	23.36.163.138 23.36.163.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:780... 2a02:26f0:780::210:ca09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:5c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
6	13.213.177.250 13.213.177.250	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.135 63.140.62.135	15224 (OMNITURE) (OMNITURE)
2 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	63.140.62.164 63.140.62.164	15224 (OMNITURE) (OMNITURE)
2	143.204.231.84 143.204.231.84	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:ea91	() ()
1	18.66.112.12 18.66.112.12	() ()
2	2a00:1450:400... 2a00:1450:4001:806::2003	() ()
207	40

1 2606:4700::6812:6004 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

79 2606:4700::6812:5f04 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.139.243.119 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-119.mxp63.r.cloudfront.net

app.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.74.198 (Staten Island, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

11432329.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-138.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-telemetry.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:780::210:ca09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

164vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.213.177.250 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-177-250.ap-southeast-1.compute.amazonaws.com

bpr.vouchconcierge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.164 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-164.data.adobedc.net

smetrics.mandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.231.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-84.cdg3.r.cloudfront.net

files.vouch.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea91 (None, )

ASN- ()

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.12 (None, )

ASN- ()

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	mandai.com 2 redirects mandai.com — Cisco Umbrella Rank: 693262 www.mandai.com — Cisco Umbrella Rank: 797376 smetrics.mandai.com	4 MB
16	vouchconcierge.com 3 redirects app.vouchconcierge.com — Cisco Umbrella Rank: 472996 bpr.vouchconcierge.com — Cisco Umbrella Rank: 553502	1 MB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	9 KB
14	doubleclick.net 8 redirects 11432329.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 ad.doubleclick.net — Cisco Umbrella Rank: 165 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	7 KB
11	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3133 i.vimeocdn.com — Cisco Umbrella Rank: 3057 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3155	514 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68 fcmatch.google.com — Cisco Umbrella Rank: 2932	3 KB
7	sojern.com static.sojern.com — Cisco Umbrella Rank: 12797 beacon.sojern.com — Cisco Umbrella Rank: 4254 pixel.sojern.com — Cisco Umbrella Rank: 6501	35 KB
6	google.co.uk 1 redirects www.google.co.uk — Cisco Umbrella Rank: 3222 adservice.google.co.uk — Cisco Umbrella Rank: 5266	2 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	222 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	311 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	280 B
5	akamaized.net 164vod-adaptive.akamaized.net — Cisco Umbrella Rank: 118257	9 MB
5	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1802 player-telemetry.vimeo.com — Cisco Umbrella Rank: 7488 vimeo.com — Cisco Umbrella Rank: 1688	22 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 448	100 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 715	103 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	222 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 80 fcmatch.youtube.com — Cisco Umbrella Rank: 2921	64 KB
2	vouch.sg files.vouch.sg — Cisco Umbrella Rank: 859158	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	2 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 558	7 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 970 pixel.quantserve.com — Cisco Umbrella Rank: 790	10 KB
1	growthbook.io cdn.growthbook.io	1 KB
1	lr-in.com cdn.lr-in.com	162 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099	632 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	265 B
1	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 8565	962 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 918	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 174	2 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3982	227 KB
0	addthis.com Failed s7.addthis.com Failed
207	31

	Domain	Requested by
79	www.mandai.com	1 redirects www.mandai.com
15	fonts.googleapis.com	app.vouchconcierge.com
10	app.vouchconcierge.com	3 redirects www.mandai.com app.vouchconcierge.com
7	11432329.fls.doubleclick.net	3 redirects www.googletagmanager.com adservice.google.com
6	bpr.vouchconcierge.com	app.vouchconcierge.com
6	www.googletagmanager.com	www.mandai.com www.googletagmanager.com assets.adobedtm.com
5	www.facebook.com	www.mandai.com
5	164vod-adaptive.akamaized.net	f.vimeocdn.com
5	fresnel.vimeocdn.com	f.vimeocdn.com
5	assets.adobedtm.com	www.mandai.com assets.adobedtm.com
4	static.sojern.com	11432329.fls.doubleclick.net static.sojern.com
4	adservice.google.com	11432329.fls.doubleclick.net static.sojern.com
4	www.gstatic.com	f.vimeocdn.com www.google.com www.gstatic.com
4	analytics.tiktok.com	www.mandai.com analytics.tiktok.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	f.vimeocdn.com	player.vimeo.com
4	www.google.com	1 redirects www.mandai.com
3	adservice.google.co.uk	1 redirects adservice.google.com
3	www.google.co.uk	www.mandai.com
3	connect.facebook.net	www.mandai.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	files.vouch.sg	www.mandai.com
2	ib.adnxs.com	2 redirects
2	pixel.sojern.com	static.sojern.com
2	cm.g.doubleclick.net	2 redirects
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	11432329.fls.doubleclick.net s.yimg.com
2	player-telemetry.vimeo.com	f.vimeocdn.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	i.vimeocdn.com	www.mandai.com
2	www.youtube.com	www.mandai.com www.youtube.com
2	player.vimeo.com	www.mandai.com
1	cdn.growthbook.io	app.vouchconcierge.com
1	cdn.lr-in.com	app.vouchconcierge.com
1	smetrics.mandai.com	assets.adobedtm.com
1	sp.analytics.yahoo.com	11432329.fls.doubleclick.net
1	match.adsrvr.org	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	adobedc.demdex.net	assets.adobedtm.com
1	beacon.sojern.com	static.sojern.com
1	pixel.quantserve.com	www.mandai.com
1	vimeo.com	f.vimeocdn.com
1	rules.quantcount.com	secure.quantserve.com
1	googleads.g.doubleclick.net	1 redirects
1	secure.quantserve.com	www.mandai.com
1	www.googleadservices.com	www.googletagmanager.com
1	players.brightcove.net	www.mandai.com
1	mandai.com	1 redirects
0	s7.addthis.com Failed	www.mandai.com
207	50

This site contains links to these domains. Also see Links.

Domain
members.mandai.com
rangerbuddies.mandai.com
www.instagram.com
www.facebook.com
www.tiktok.com
www.youtube.com
twitter.com
weibo.com
v.douyin.com

Subject Issuer	Validity	Valid
*.mandai.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-24` - `2023-08-19`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-07-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.vouchconcierge.com Amazon RSA 2048 M02	`2023-02-03` - `2023-08-29`	7 months	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
smetrics.mandai.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-26` - `2023-07-27`	a year	crt.sh
files.vouch.sg Amazon RSA 2048 M02	`2023-02-21` - `2023-10-24`	8 months	crt.sh
vouchconcierge.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
lr-in.com E1	`2023-05-19` - `2023-08-17`	3 months	crt.sh
cdn.growthbook.io Amazon RSA 2048 M01	`2023-02-23` - `2024-02-09`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.mandai.com/en.html
Frame ID: 04944A8A866051A9D1297ECBD4AB998C
Requests: 131 HTTP requests in this frame

Frame: https://player.vimeo.com/video/830445366?autoplay=1&loop=1&muted=1&background=1&title=0&byline=0&portrait=0&controls=0&playsinline=1&autopause=0
Frame ID: BBCD7E96CBFA3FF22586EC050AA7A7EF
Requests: 23 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: A1E488F74C2189FE609ED25F395DED6D
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 2262005499A2A7A7BE1C0AB6C1F182BF
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/activityi;dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 5B2E941901E0E95D0BB010F4E7B684DE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 2D8C26B2BA0AF13B40F67C03380D49F4
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 385CE5BC2EF8596713C38732161C75BD
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 17D43A660808E348055999C0752E6078
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.co.uk/ddm/fls/i/dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: E4B54171787DD245612E823AA68864AC
Requests: 1 HTTP requests in this frame

Frame: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 871E4FAF45421056848CD71828599AF5
Requests: 5 HTTP requests in this frame

Frame: https://adservice.google.co.uk/ddm/fls/i/dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Frame ID: 1B95E4BA310122F525E8BAA51AB94B57
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 881F093887F2AA969C5ACFE0C0194526
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: 319ADCB03E6F749C171402049FFF48E1
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 70EBE9D18A1BF84AD08E522595EC811F
Requests: 1 HTTP requests in this frame

Frame: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Frame ID: 0A4B83C580F962340BD1EF20E30096BA
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mandai Wildlife Reserve | Singapore's Best Wildlife Experience

Page URL History Show full URLs

http://mandai.com/ HTTP 302
https://www.mandai.com/ HTTP 301
https://www.mandai.com/en.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

207
Requests

95 %
HTTPS

52 %
IPv6

31
Domains

50
Subdomains

40
IPs

7
Countries

16851 kB
Transfer

27541 kB
Size

30
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://members.mandai.com/login.html
Title: Member's login

Search URL Search Domain Scan URL

URL: https://rangerbuddies.mandai.com/
Title: Nurture your child into an conservation hero

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CGAnH8CHjTT/
Title: @jenicool23

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cr8DaEuBPu2/
Title: @chankimberly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CL6wCHynI9v/
Title: @dianeeng

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CMikdPDAcIq/
Title: @shots.bymarc

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CLEzFLqlVdD/
Title: @kailins.jpg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CsOHp1KPFwv/
Title: @kharissa.p

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CEWC9S9HhtX/
Title: @axixe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MandaiWildlifeReserve/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mandaiwildlifereserve/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@mandaiwildlifereserve

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/MandaiWildlifeReserve

Search URL Search Domain Scan URL

URL: https://twitter.com/MandaiWildlife

Search URL Search Domain Scan URL

URL: https://weibo.com/SingaporeZoo

Search URL Search Domain Scan URL

URL: https://v.douyin.com/eRGaovr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mandai.com/ HTTP 302
https://www.mandai.com/ HTTP 301
https://www.mandai.com/en.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://app.vouchconcierge.com/widget3/css/app.css HTTP 301
https://app.vouchconcierge.com/widget3-b/css/app.css

Request Chain 35

https://app.vouchconcierge.com/widget3/js/app.js HTTP 301
https://app.vouchconcierge.com/widget3-b/js/app.js

Request Chain 54

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 55

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 56

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/activityi;dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 78

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1932718271.1685134965&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=dB5xZOiOMu7L7_UP572BqA8&sscte=1&crd=&eitems=ChEI8LHBowYQodHrpN-9wq7cARIdAEawMits8fjQ0HS6Y0ORb7WiDx_9G6fdbiX8uUE&pscrd=Ek9DaEVJOExIQm93WVEydG0yNy1UZHU2LU5BUkltQUtiVms2YURfV1VkS0swTjhvTTJYUVllb2VpZFBaQ3g2RzRPZzI4QnBqMTJ0NkJ2dXRvGlpDaEVJOExIQm93WVF4c0NuNGF6dDVaek9BUkl1QUcyQU92dzN6dF81bm5JVGZCQTUtTWxfLW0wSWlHdEZ4UFRFemdfUFEyXzBGdFIyQUx4dXRNZzNYOEw5UWciEwjomOj38JP_AhXu5bsIHedeAPU HTTP 302
https://www.google.com/pagead/1p-conversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1932718271.1685134965&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExIQm93WVEydG0yNy1UZHU2LU5BUkltQUtiVms2YURfV1VkS0swTjhvTTJYUVllb2VpZFBaQ3g2RzRPZzI4QnBqMTJ0NkJ2dXRvGlpDaEVJOExIQm93WVF4c0NuNGF6dDVaek9BUkl1QUcyQU92dzN6dF81bm5JVGZCQTUtTWxfLW0wSWlHdEZ4UFRFemdfUFEyXzBGdFIyQUx4dXRNZzNYOEw5UWciEwjomOj38JP_AhXu5bsIHedeAPU&is_vtc=1&ocp_id=dB5xZOiOMu7L7_UP572BqA8&cid=CAQSKQBygQiDryUYrO4pM8Em3WcrYBpGw7PqYLl3Lwf48_j5SuWyY0FIdI0P&eitems=ChEI8LHBowYQodHrpN-9wq7cARIdAEawMisvVih2qS1CSjs1bAj89tjhBrpYqj4NGNM&random=3752859540 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1932718271.1685134965&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExIQm93WVEydG0yNy1UZHU2LU5BUkltQUtiVms2YURfV1VkS0swTjhvTTJYUVllb2VpZFBaQ3g2RzRPZzI4QnBqMTJ0NkJ2dXRvGlpDaEVJOExIQm93WVF4c0NuNGF6dDVaek9BUkl1QUcyQU92dzN6dF81bm5JVGZCQTUtTWxfLW0wSWlHdEZ4UFRFemdfUFEyXzBGdFIyQUx4dXRNZzNYOEw5UWciEwjomOj38JP_AhXu5bsIHedeAPU&is_vtc=1&ocp_id=dB5xZOiOMu7L7_UP572BqA8&cid=CAQSKQBygQiDryUYrO4pM8Em3WcrYBpGw7PqYLl3Lwf48_j5SuWyY0FIdI0P&eitems=ChEI8LHBowYQodHrpN-9wq7cARIdAEawMisvVih2qS1CSjs1bAj89tjhBrpYqj4NGNM&random=3752859540&ipr=y

Request Chain 96

https://adservice.google.co.uk/ddm/fls/i/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html HTTP 302
https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Request Chain 122

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=COnk0Pjwk_8CFTezmgodjDIO6Q;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COnk0Pjwk_8CFTezmgodjDIO6Q;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=grCxiuMflJoRuYAs-N7AgA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL&sjrn_ula=7361855079 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL&sjrn_ula=7361855079&google_gid=CAESEE8abdzKcmcZw5N9IYJ8eYE&google_cver=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_hm=grCxiuMflJoRuYAs-N7AgA&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopo2wwh9e0xgQxGG5Z3461zP6gGeTfpqfZFeADqZ8aQEGp46-yuWtyjBZgkp5rqavPlZUbchrD093mCSrXZVra0KXUEhxfRmR1YU994pXIDZghEzRA HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopo2wwh9e0xgQxGG5Z3461zP6gGeTfpqfZFeADqZ8aQEGp46-yuWtyjBZgkp5rqavPlZUbchrD093mCSrXZVra0KXUEhxfRmR1YU994pXIDZghEzRA

Request Chain 125

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DNtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL HTTP 302
https://pixel.sojern.com/idsync/apn?id=4899543228013589748&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL

Request Chain 178

https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https://www.mandai.com/en.html HTTP 301
https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default

207 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en.html Show response
www.mandai.com/
Redirect Chain

http://mandai.com/
https://www.mandai.com/
https://www.mandai.com/en.html

59 KB
11 KB

578ms
578ms

Document
text/html

2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea384fb54a0602e5626e8cc5aaf5f4072d7cbdb8592d34fd5913aef6cecebcc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: REVALIDATED
cf-ray: 7cd8f5f03bfc4170-LHR
content-encoding: br
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
content-type: text/html
date: Fri, 26 May 2023 21:02:43 GMT
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
last-modified: Fri, 26 May 2023 16:10:17 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7cd8f5efbb2c4170-LHR
date: Fri, 26 May 2023 21:02:43 GMT
expires: Fri, 26 May 2023 22:02:43 GMT
location: https://www.mandai.com/en.html
server: cloudflare
vary: Accept-Encoding

GET
H3 200 clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
www.mandai.com/etc/designs/wrs/ 333 KB
49 KB 291ms
291ms Stylesheet
text/css 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f4304fcfffea6d7e9cc1d00997ac8cfa9f2ff1c270d7c21bccc957bc6f84f9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 33
cf-polished: origSize=348006
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 15:23:35 GMT
server: cloudflare
etag: W/"80f55feef65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3def9dd7c-LHR

GET
H3 200 Nunito-Regular.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 59 KB
59 KB 292ms
289ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Regular.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da49d72dd8cf8998a7225387428dddcb435578d81c0b4599c6bcc62fdfeeb2b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:22:42 GMT
server: cloudflare
etag: W/"e7a9eccef65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df04dd7c-LHR

GET
H3 200 fontawesome-webfont.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 69ms
67ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fontawesome-webfont.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:34 GMT
server: cloudflare
etag: W/"91e4eaa0f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df08dd7c-LHR

GET
H3 200 fa-solid-900.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 169 KB
170 KB 245ms
243ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-solid-900.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:22:42 GMT
server: cloudflare
etag: W/"216aeecef65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df0cdd7c-LHR

GET
H3 200 MerriweatherSans-Regular.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 34 KB
34 KB 203ms
201ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MerriweatherSans-Regular.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25582cc7d9a780a6dfa37156d86ef6b13fa8a396f527a0a9c3d92ac62adc3f6b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:34 GMT
server: cloudflare
etag: W/"8a32f9a0f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df12dd7c-LHR

GET
H3 200 Nunito-SemiBold.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 59 KB
60 KB 204ms
202ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-SemiBold.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2929541a7a51f97e2e9d53d49602e1dc4ba7d2dee3de16417e501407d1b9f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:13 GMT
server: cloudflare
etag: W/"adab3b94f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df15dd7c-LHR

GET
H3 200 Nunito-Light.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 58 KB
59 KB 201ms
199ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Light.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a28473bf583d915b598718433123a861ba39f2d8120fb31f65634dd7fc8e608

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:33 GMT
server: cloudflare
etag: W/"992387edf65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df1add7c-LHR

GET
H3 200 Nunito-Bold.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 60 KB
60 KB 113ms
112ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Bold.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f210a70803bcc6e261706ffb0a7ef491cdcb9f384ad4d9eb9e962aea5615187

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:22:42 GMT
server: cloudflare
etag: W/"66bee0cef65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df1ddd7c-LHR

GET
H3 200 Nunito-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 44 KB
44 KB 338ms
336ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Nunito-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d652fdfc6174c5b36f11a200a83b14e5f78ccb4278efa344c65667588896b827

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
alt-svc: h3=":443"; ma=86400
content-length: 44784
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:33 GMT
server: cloudflare
etag: "38c184edf65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f3df20dd7c-LHR

GET
H3 200 MandaiValueSerif-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 34 KB
35 KB 339ms
337ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
alt-svc: h3=":443"; ma=86400
content-length: 34992
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:22:42 GMT
server: cloudflare
etag: "b11affcef65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f3df25dd7c-LHR

GET
H3 200 MandaiValueSerif-Bold.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 36 KB
37 KB 340ms
338ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/MandaiValueSerif-Bold.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
alt-svc: h3=":443"; ma=86400
content-length: 37368
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:34 GMT
server: cloudflare
etag: "cdce15a1f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f3df26dd7c-LHR

GET
H3 200 Halant-Regular.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 96 KB
96 KB 368ms
366ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Halant-Regular.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
alt-svc: h3=":443"; ma=86400
content-length: 98116
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:14 GMT
server: cloudflare
etag: "7e96f829f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f3df29dd7c-LHR

GET
H3 200 Vollkorn.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 111 KB
111 KB 380ms
378ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Vollkorn.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
alt-svc: h3=":443"; ma=86400
content-length: 113280
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:34 GMT
server: cloudflare
etag: "da1c24a1f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f3df2add7c-LHR

GET
H3 200 Georgia.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 61 KB
62 KB 383ms
381ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Georgia.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=b_aOrz3Nveq4PaqXrrx_YNfiGv6hS.8y1fRwxFw0kQI-1685134963-0-AVLt3Lu2unOikVCMezLyF4Q32z_EJXDT1fmf9GRqbJcGGGSnVzHZFYx70DVJwuxyuLj24I9jqme-ig3_qXSQAJM8tu4bxXi4Vjgz9pVdmeHJ3CNEHMMJaH8lkEe7XFm0_qiAa-9qAi6w8VGmRIqC5Lg; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
content-length: 62456
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:22:42 GMT
server: cloudflare
etag: "6c47eacef65fd91:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=b_aOrz3Nveq4PaqXrrx_YNfiGv6hS.8y1fRwxFw0kQI-1685134963-0-AVLt3Lu2unOikVCMezLyF4Q32z_EJXDT1fmf9GRqbJcGGGSnVzHZFYx70DVJwuxyuLj24I9jqme-ig3_qXSQAJM8tu4bxXi4Vjgz9pVdmeHJ3CNEHMMJaH8lkEe7XFm0_qiAa-9qAi6w8VGmRIqC5Lg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f3df2ddd7c-LHR

GET
H3 200 style.css
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 2 MB
204 KB 158ms
156ms Stylesheet
text/css 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd78f2680bd42178a3d7b263709b550940e423ee8075c632c6eb95d0b9b6d6b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 33
cf-polished: origSize=1789531
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 15:22:42 GMT
server: cloudflare
etag: W/"0cdc8cef65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df2edd7c-LHR

GET
H3 200 clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css
www.mandai.com/etc/designs/wrs/ 970 B
881 B 425ms
423ms Stylesheet
text/css 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-print.min.8ea1b09d0fcf7f309e41a7926b7fbb4f.css

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd03851e3e84926fcf32756e7275aeec02d6f2bc9bf8292a2f7bb42cbfeab83

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 33
cf-polished: origSize=994
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 26 Mar 2023 15:22:44 GMT
server: cloudflare
etag: W/"bf954d0f65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df30dd7c-LHR

GET
H3 200 headLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 130 KB
48 KB 426ms
424ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

959ce16bde5f4a7c1a6169db07dcc054bd5e587a7cc61f6bee313e5005d0ce81

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:14 GMT
server: cloudflare
etag: W/"0296229f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f3df31dd7c-LHR

GET
H2 200 satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js Show response
assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/ 443 KB
96 KB 244ms
58ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4dd70860c19dc151314d385c5ee4aa15666dcbf01a79c5fc865b9dfbe6dd0862

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: gzip
last-modified: Sun, 07 May 2023 09:23:20 GMT
server: AkamaiNetStorage
etag: "d860908a94db319416c0a83d7e69e7fe:1683451400.015265"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 97848
expires: Fri, 26 May 2023 22:02:44 GMT

GET
H3 200 md-tick.png
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 708 B
1 KB 61ms
59ms Image
image/webp 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-tick.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6312d25f719bf227da2257f3435038d5129a1077833751610958f9e4c3e34800

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 33
cf-polished: origFmt=png, origSize=1923
content-disposition: inline; filename="md-tick.webp"
alt-svc: h3=":443"; ma=86400
content-length: 708
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 Mar 2023 15:29:11 GMT
server: cloudflare
etag: "364c6b7f75fd91:0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f70c72dd7c-LHR

GET
H3 200 Logo-Mandai-SapWhiteLighter.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
3 KB 577ms
576ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-SapWhiteLighter.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:27 GMT
server: cloudflare
etag: W/"80e52ec0f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c73dd7c-LHR

GET
H3 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/wrs/mandai-new-assets/logos/ 11 KB
3 KB 598ms
597ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/wrs/mandai-new-assets/logos/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:26:56 GMT
server: cloudflare
etag: W/"0202e66f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c74dd7c-LHR

GET
H3 200 Logo-Mandai-EquaGreen.svg
www.mandai.com/content/dam/mandai/logo/ 11 KB
4 KB 67ms
65ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-Mandai-EquaGreen.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=pNnTmYxJK.Fdi9lUpoTJrSQyNWN18nA3fIu0zanoqwI-1685134964-0-AT4h2AU4nyqVUekKofqCEpgjVn0MfGHkr1qImmgYr6vYb3-VqTBSxttCDI2TrtEe5Hxb02DFj_j7cZxU-a74BlqiljNlNtVcToKnve1kdlTPoR8AYET9n1NIDfDLCrmAXIkTR5iINPyLXZMJ8j0ezGA; report-to cf-csp-endpoint
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:33:21 GMT
server: cloudflare
etag: W/"8076a84bf85fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=pNnTmYxJK.Fdi9lUpoTJrSQyNWN18nA3fIu0zanoqwI-1685134964-0-AT4h2AU4nyqVUekKofqCEpgjVn0MfGHkr1qImmgYr6vYb3-VqTBSxttCDI2TrtEe5Hxb02DFj_j7cZxU-a74BlqiljNlNtVcToKnve1kdlTPoR8AYET9n1NIDfDLCrmAXIkTR5iINPyLXZMJ8j0ezGA"}],"group":"cf-csp-endpoint","max_age":86400}
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c75dd7c-LHR

GET
H3 200 Logo-SZ.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 71ms
70ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-SZ.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 31
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:39 GMT
server: cloudflare
etag: W/"804fc2f0f65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c77dd7c-LHR

GET
H3 200 Logo-RW.svg
www.mandai.com/content/dam/mandai/logo/ 7 KB
3 KB 69ms
67ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-RW.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:47 GMT
server: cloudflare
etag: W/"80387f5f65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c78dd7c-LHR

GET
H3 200 Logo-NS.svg
www.mandai.com/content/dam/mandai/logo/ 9 KB
4 KB 67ms
66ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-NS.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 31
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:30:56 GMT
server: cloudflare
etag: W/"0383bf5f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c79dd7c-LHR

GET
H3 200 Logo-BP.svg
www.mandai.com/content/dam/mandai/logo/ 7 KB
3 KB 70ms
68ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/logo/Logo-BP.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26d5391c3fd298af377388f1537f4e694f8b79977f658cb5d4e72dbdf19d603

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 32
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:41:02 GMT
server: cloudflare
etag: W/"07b6f5ef95fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c7bdd7c-LHR

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 221ms
57ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-varnish-cache: 1
Date: Fri, 26 May 2023 21:02:44 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
Age: 1741
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 26 May 2023 20:43:39 GMT
x-host: player-5f9997c959-wzzkf
Connection: keep-alive
x-vserver: player-varnish-prod-varnish-0
Content-Length: 11160
x-xss-protection: 1; mode=block
X-Served-By: cache-lcy-eglc8600049-LCY
X-Player-Backend: p
Server: cloudflare
X-Timer: S1685134964.424552,VS0,VE0
x-backend-proxy: playproxy1
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-5f9997c959-wzzkf
Accept-Ranges: bytes
CF-RAY: 7cd8f5f79a1023dc-LHR
X-Cache-Hits: 7914

GET
H3 200 conservation-included-tag-250x107.png
www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/ 8 KB
8 KB 70ms
69ms Image
image/webp 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/conservation-included-tag-250x107.png

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dc077d5d1e2fa3180f45be2de60785463efd63ec571991dc73a77af6e4e96b1

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 33
cf-polished: origFmt=png, origSize=12078
content-disposition: inline; filename="conservation-included-tag-250x107.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7904
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 Mar 2023 15:25:18 GMT
server: cloudflare
etag: "7ba0e32bf75fd91:0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f70c7cdd7c-LHR

GET
H3 200 footLibs.min.js Show response
www.mandai.com/etc/designs/wrs/ 4 KB
2 KB 73ms
72ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80665f64f8220669d7a1e882fef1bc543b4574f46d6914d2ed01c3e01f466c5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:36 GMT
server: cloudflare
etag: W/"0eac8a1f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f6bc02dd7c-LHR

GET
H3 200 wrs-lazyload.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 4 KB
1 KB 67ms
66ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/wrs-lazyload.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:22:42 GMT
server: cloudflare
etag: W/"0cdc8cef65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f70c70dd7c-LHR

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 208ms
78ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c82c8e08221bc7f060b619b3daa70d444f7b292e69c0bc32f7c8259c942b977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 26 May 2023 21:02:44 GMT

GET addthis_widget.js
s7.addthis.com/js/300/ 0
0

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5798671137001/default_default/ 850 KB
227 KB 601ms
470ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5798671137001/default_default/index.min.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a707af12eaa765cd10949a013545c151a21337cfc566bead3a53cd686c85dad0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: DKCchku6TDwy2238H.GX_at5wL1KV08R
Content-Encoding: gzip
Date: Fri, 26 May 2023 21:02:44 GMT
x-amz-request-id: JJ6TATQRBCG0DJR1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 232027
x-amz-id-2: BLSq1RA4/HJGp8DYcE6cprqOoeb7uCqqX6hA+Cc63LeiKKjaO7SNYlSiXwBSbPkBIWVNbSKK/JE=
X-BCOV-Response-Mode: 1
X-Served-By: cache-hhn-etou8220054-HHN
Last-Modified: Wed, 29 Mar 2023 16:57:47 GMT
Server: AmazonS3
X-Timer: S1680111264.024954,VS0,VE637
ETag: "0e17452836181731cb77828ee25b74c1"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 190ms
66ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f75b96abf98a7f4874b54f268b85ba2b2fa261741afa891097537bcfa1e73fd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Fri, 26 May 2023 21:02:44 GMT

GET
H2

200

app.css
app.vouchconcierge.com/widget3-b/css/
Redirect Chain

https://app.vouchconcierge.com/widget3/css/app.css
https://app.vouchconcierge.com/widget3-b/css/app.css

3 KB
1 KB

548ms
548ms

Stylesheet
text/css

108.139.243.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouchconcierge.com/widget3-b/css/app.css
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Server: 108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-119.mxp63.r.cloudfront.net
Software: /
Resource Hash: 4118df788ea26ceb09e9a5abaa16e4e2e620e58c2a85aa0f6b0e30a1e2905598

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: gzip
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 3279
x-amzn-remapped-server: AmazonS3
x-amz-cf-pop: MXP63-P3
x-amzn-requestid: 49be1b99-6544-4c7a-ad28-be310b5e0bfa
x-cache: Miss from cloudfront
x-amz-apigw-id: FjGyZE6NyQ0FVSw=
content-length: 952
last-modified: Thu, 02 Mar 2023 08:48:49 GMT
etag: "7c5b4596485d04164af259ceb9940c5d"
content-type: text/css
cache-control: no-store
x-amzn-remapped-date: Fri, 26 May 2023 21:02:46 GMT
x-amz-cf-id: 2NSAnH_x76FfGTUEljEi6p9Js5F2CB_dSJNVpNupWIedZADsG9PF4A==

Redirect headers

date: Fri, 26 May 2023 21:02:44 GMT
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
x-amzn-trace-id: Root=1-64711e74-6725c3113c43fca23a6a1fe8;Sampled=0;lineage=5e77314d:0
x-amzn-requestid: d29875fd-2c82-40ad-aa7e-f9ecbfc8e4fd
x-cache: Miss from cloudfront
content-type: application/json
location: https://app.vouchconcierge.com/widget3-b/css/app.css
cache-control: max-age=86400
x-amz-apigw-id: FjGyTGcjyQ0FXVw=
content-length: 0
x-amz-cf-id: Cy3RDnsOKhyvyb3iznJOtXTGlelevU9_gsWdLuGBRXjVtKuTvFPD5Q==

GET
H2

200

app.js Show response
app.vouchconcierge.com/widget3-b/js/
Redirect Chain

https://app.vouchconcierge.com/widget3/js/app.js
https://app.vouchconcierge.com/widget3-b/js/app.js

406 KB
134 KB

742ms
742ms

Script
application/javascript

108.139.243.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouchconcierge.com/widget3-b/js/app.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Server: 108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-119.mxp63.r.cloudfront.net
Software: /
Resource Hash: aed04a9b6331923471bee0e2e44ff38b94e68971bd20b735e89f91ab3c0ff64c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: gzip
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 415373
x-amzn-remapped-server: AmazonS3
x-amz-cf-pop: MXP63-P3
x-amzn-requestid: 3ecd287e-ffc7-48d9-9579-ab2b4f1c752a
x-cache: Miss from cloudfront
x-amz-apigw-id: FjGyaEpTyQ0Ffbw=
content-length: 136628
last-modified: Thu, 02 Mar 2023 08:48:49 GMT
etag: "977a1023ef8636f412f8c5de7ad772d5"
content-type: application/javascript
cache-control: no-store
x-amzn-remapped-date: Fri, 26 May 2023 21:02:46 GMT
x-amz-cf-id: wKFLOX67CYhZvlg9333NSKaNInqvKCVW9nH8aVkH7klyXbZ7ZRawNQ==

Redirect headers

date: Fri, 26 May 2023 21:02:44 GMT
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
x-amzn-trace-id: Root=1-64711e74-7ad3f6551872bb1d10802423;Sampled=0;lineage=5e77314d:0
x-amzn-requestid: a70f9247-0e4d-4053-975b-16ef7f717027
x-cache: Miss from cloudfront
content-type: application/json
location: https://app.vouchconcierge.com/widget3-b/js/app.js
cache-control: max-age=86400
x-amz-apigw-id: FjGyTEtoSQ0Fh9g=
content-length: 0
x-amz-cf-id: 4QBkK8m8VQBM68KbwS-Pdmz_t2YMGa5zXPrqJWdSEaSfo7UfhaYDQA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 279 KB
88 KB 200ms
82ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

181aff032e21063d9553a1b2e3e6065164489414b94ab3fbc385294208a2394b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90078
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 21:02:44 GMT

GET
H/1.1 200
OK 830445366 Show response
player.vimeo.com/video/ Frame BBCD 19 KB
9 KB 213ms
189ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/830445366?autoplay=1&loop=1&muted=1&background=1&title=0&byline=0&portrait=0&controls=0&playsinline=1&autopause=0

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e848630f271080a33f9f680fd046834dc8c137d8655d99d2ac769e6204bbe8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://.hivestreaming.com/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 7cd8f5f729ec24e4-LHR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 21:02:44 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-lcy-eglc8600030-LCY
X-Timer: S1685134964.362206,VS0,VE128
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-7ffd8d4459-824rj
x-content-type-options: nosniff
x-host: player-backend-7ffd8d4459-824rj
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H3 200 fa-regular-400.woff
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 207 KB
207 KB 1083ms
1083ms Font
font/x-woff 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-regular-400.woff

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:24:41 GMT
server: cloudflare
etag: W/"7e3e2216f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f71c8ddd7c-LHR

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 mandai-arrow-yellow-down.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 676 B
881 B 231ms
231ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-down.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea072d94566d3b23d5cffd6ba378a1b10c572ada79c05956d53764c7b06a68b6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:11 GMT
server: cloudflare
etag: W/"82e3db7f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f80dcfdd7c-LHR

GET
H3 200 mandai-arrow-yellow-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 62ms
62ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ba54ace5ec9ffcfe936b694be4b70a7d3f906900a2e07b419f5e1c6819ce97

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:36 GMT
server: cloudflare
etag: W/"d288f3a1f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f80dd1dd7c-LHR

GET
H3 200 mandai-arrow-yellow-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
2 KB 80ms
80ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-yellow-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0697a8851503c96e20e61a2d389bd66dd7c01e5f1649061ba19c20fa73ba32d6

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=oOaT018LGtaF6VxE9Fm6hB_Q8Lpn4nT7hyCnTDQ9YvE-1685134964-0-AdpfkFCee_My-K1C9bD1zC1N2hPFge0fd1x0ZkI9Lvl3s1qPrDbqDp4MhM1ZhdViRqkp9H14CGqh5-cGIove3bPWSxh_M-9MH35lwyYV3YOFivQAfDyarEBsxSpj_s10LX70kZP_t2u4c9rSG8eNqR0; report-to cf-csp-endpoint
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:43:21 GMT
server: cloudflare
etag: W/"2532beb1f95fd91:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=oOaT018LGtaF6VxE9Fm6hB_Q8Lpn4nT7hyCnTDQ9YvE-1685134964-0-AdpfkFCee_My-K1C9bD1zC1N2hPFge0fd1x0ZkI9Lvl3s1qPrDbqDp4MhM1ZhdViRqkp9H14CGqh5-cGIove3bPWSxh_M-9MH35lwyYV3YOFivQAfDyarEBsxSpj_s10LX70kZP_t2u4c9rSG8eNqR0"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f80dd7dd7c-LHR

GET
H3 200 md-back-to-top.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1015 B 85ms
85ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/md-back-to-top.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60dabc163081fe6317a7959c57a5394a9a43ed22ed2f7d1130b6b875d9e8a24

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 31
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:47 GMT
server: cloudflare
etag: W/"979f9cf5f65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f5f80ddbdd7c-LHR

GET
H3 200 Poppins-Bold.ttf
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 137 KB
138 KB 562ms
562ms Font
application/octet-stream 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Bold.ttf

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec26b37105adacad70aca3692f80e3dab073f06639daa80f8adcede6af60d76c

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 140724
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:27:02 GMT
server: cloudflare
etag: "c2284e6af75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f80ddddd7c-LHR

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/ 74 KB
74 KB 876ms
875ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome-pro/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400
content-length: 75308
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:18 GMT
server: cloudflare
etag: "65d6b97f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f80ddedd7c-LHR

GET
H3 200 Poppins-Regular.ttf
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/ 141 KB
142 KB 227ms
227ms Font
application/octet-stream 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/Poppins-Regular.ttf

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 144776
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:18 GMT
server: cloudflare
etag: "23ee12bf75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5f80ddfdd7c-LHR

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/bbe1b497/www-widgetapi.vflset/ 198 KB
62 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/bbe1b497/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb72a8ee62da54956da7d5cd3ca05420d319a9d34e14896a07fc85491666349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62712
x-xss-protection: 0
last-modified: Wed, 24 May 2023 01:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 May 2024 21:00:16 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.23.25/js/ Frame BBCD 498 KB
121 KB 173ms
54ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.25/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/830445366?autoplay=1&loop=1&muted=1&background=1&title=0&byline=0&portrait=0&controls=0&playsinline=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1823f5d14bd1e012db57daf71607ff17e45e1e06867702c86207a6e980029cca

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000161-IAD, cache-fra-eddf8230095-FRA
date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 185600
x-timer: S1685134965.664103,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 123237
x-cache-hits: 3, 53302

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.23.25/js/ Frame BBCD 391 KB
94 KB 173ms
54ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/830445366?autoplay=1&loop=1&muted=1&background=1&title=0&byline=0&portrait=0&controls=0&playsinline=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c0b157ef9fe14fe21d23507feb0038e4425a7fdde9986da1193cf054cfa56890

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200077-IAD, cache-fra-eddf8230095-FRA
date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 185600
x-timer: S1685134965.664019,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 96464
x-cache-hits: 3, 60788

GET
H2 200 player.css
f.vimeocdn.com/p/4.23.25/css/ Frame BBCD 206 KB
21 KB 173ms
55ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.25/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/830445366?autoplay=1&loop=1&muted=1&background=1&title=0&byline=0&portrait=0&controls=0&playsinline=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f9aea4dc1adbeefc9bb308fe80a905349937980451c06dc988cf20ef5c20f918

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100126-IAD, cache-fra-eddf8230136-FRA
date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 185600
x-timer: S1685134965.665087,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21423
x-cache-hits: 4, 60729

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 20:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1630
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 26 May 2023 22:35:34 GMT

GET
H2

200

activityi;dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A... Show response
11432329.fls.doubleclick.net/ Frame A1E4
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https...
https://11432329.fls.doubleclick.net/activityi;dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;u...

532 B
464 B

93ms
92ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

f00b8fae4214c99be41aa6a12ecfb93d7fe12605bda0f6b14accf36d9a904b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 292
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3... Show response
11432329.fls.doubleclick.net/ Frame 2262
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=http...
https://11432329.fls.doubleclick.net/activityi;dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;...

533 B
467 B

93ms
93ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

5441c498fea7805e07844dfa8db6d8dcc5cdc0c21e47450f06ec741b22e96257

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A... Show response
11432329.fls.doubleclick.net/ Frame 5B2E
Redirect Chain

https://11432329.fls.doubleclick.net/activityi;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https...
https://11432329.fls.doubleclick.net/activityi;dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;u...

532 B
469 B

92ms
91ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/activityi;dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

011534ecdd7f70787286f4d8684682fda6e32391c3986012b8272adaadbd0c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11432329.fls.doubleclick.net/activityi;dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/956687319/ 3 KB
2 KB 203ms
69ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/956687319/?random=1685134964653&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&bttype=purchase&auid=1932718271.1685134965&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

be76dbe2049630875c9035d09397c5fd05b522e184afb1f79e42f3ab351a1e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 171ms
54ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fee08728b501812ba1c44658ad4ef459c107d78bd6e5b27c8ff80f110c34c04

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 21:02:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27500
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vizpv7KuPduSpIj7cTwEmQ40XxC+qeYcCqe1krf1pRZrzfmYrN7LcCVXObvhpmV7/ZuHV7wjsnR714LxzLml/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 200ms
56ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 02 Jun 2023 21:02:44 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 303ms
153ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2TOBBC77U92N2SU4KG&lib=ttq
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3cc461ec0a84dbbd7f6d8dc3076e64fd0e8210651f8c8403766141b1593cf027

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 1f9daf7d.5796ab9b
date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
x-parent-response-time: 96,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=13, inner; dur=4
content-length: 1835
pragma: no-cache
server: nginx
x-tt-logid: 20230526210244B47F35A54492ED18489B
x-cache-remote: TCP_MISS from a23-59-251-103.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.59.251.103
x-tt-trace-host: 0165044cd28d04cb7bb7ccfa7b33187f0758c2cfef082d5a4d2fb94fc06cf2ef29f79c6e2985899e1d1c7abee6b711cf3305f6cdf9ee41312b018f71b2b54dc2e9e123c66d6b0acdf32a3dccd382344f7a4a896716f81cb3b46715fc08e50664e8ad093790f35414efa51eeb05a3365644
expires: Fri, 26 May 2023 21:02:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 126ms
125ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-37&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6710ad42fe2df8ae514699a0a06fdaa6e1d34edb89fed555ca289cf258a2a4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 21:02:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 136ms
136ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

264f650dd3288b1c8151403fdf664ca130286bb9b17317f9f74e2bb739f880dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 21:02:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 82ms
82ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5808c26bad9b348bf5550ed0959e9da53bb98f31a5d8b3149f14162993faee74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 21:02:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23015312-45&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS9Z3S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3489bdd5262d9fed79ec5e25de426da27075353ab738a2c1fe988ab2b7faa8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46845
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 21:02:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=4100146427&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f638cae73c4d4f0cf4e1e46a0495c3109ddac3d9794f4f32e2f0c451d31f833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 40638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 21:02:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 62ms
62ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2122455837&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&ul=en-us&de=UTF-8&dt=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1277531891&gjid=867650562&cid=857466848.1685134965&tid=UA-23015312-4&_gid=1130180826.1685134965&_r=1&_slc=1&gtm=45He35o0n71PS9Z3S&z=1924403553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 61ms
61ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2122455837&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&ul=en-us&de=UTF-8&dt=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAAC~&jid=614017940&gjid=1055232471&cid=857466848.1685134965&tid=UA-23015312-37&_gid=1130180826.1685134965&_r=1&_slc=1&gtm=45He35o0n71PS9Z3S&z=379672123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame BBCD 2 KB
1 KB 54ms
54ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/830445366?autoplay=1&loop=1&muted=1&background=1&title=0&byline=0&portrait=0&controls=0&playsinline=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230136-FRA
date: Fri, 26 May 2023 21:02:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 58578
x-timer: S1685134965.922165,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 993, 15458

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame BBCD 4 KB
2 KB 188ms
65ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 May 2023 21:02:45 GMT

GET
H2 200 1675264686-1ed3e0bf48300734fd5b3a87e7c5a68ff36759c9e72b36b9ce030e93da3034d3-d
i.vimeocdn.com/video/ Frame BBCD 273 KB
274 KB 185ms
184ms Image
image/avif 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1675264686-1ed3e0bf48300734fd5b3a87e7c5a68ff36759c9e72b36b9ce030e93da3034d3-d?mw=1600&mh=900
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 74837b9da9e7adef5dc375b4cf85495a14ea1cb9160ab5047c9de72517eb8aae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 15491
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 279946
viewmaster-server: viewmaster-us-central1-fqp2
x-served-by: cache-dfw-kdfw8210042-DFW, cache-fra-eddf8230136-FRA
x-timer: S1685134965.954036,VS0,VE130
etag: cc8bfa28eb68b9e3a05e0f224914b461
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 3, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame BBCD 0
40 B 287ms
160ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=459f30d4a3aef327341b0d3fb4faab8b2935df061685134964
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 26 May 2023 21:02:45 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
351 B 173ms
56ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-23015312-37&cid=857466848.1685134965&jid=614017940&gjid=1055232471&_gid=1130180826.1685134965&_u=YGDACAABBAAAAC~&z=484219149

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 26 May 2023 21:02:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame BBCD 0
142 B 247ms
160ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=459f30d4a3aef327341b0d3fb4faab8b2935df061685134964
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 26 May 2023 21:02:45 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame BBCD 0
162 B 282ms
152ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 26 May 2023 21:02:45 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-40927299... Frame BBCD 8 KB
2 KB 252ms
116ms XHR
application/json 2a02:26f0:780::210:ca09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-409272998d7b/sep/video/881bcd19,94831b09,c8920bf6,ea213a47,ef855f50/master.json?base64_init=1&query_string_ranges=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:780::210:ca09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc08e1d211115c0c8af155b6babd95a738768ed55f5367def19ce0ab2801c9ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 21:02:45 GMT
Content-Encoding: gzip
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
origin-retrieved-hour: 1685077200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1654
AK-REFERENCE-ID: 0.5ca1002.1685134965.187f895f
ETag: "-Dg6VjBIPxtbvFnkpS40n_Q=="
Access-Control-Max-Age: 86400
Vary: Accept-Encoding
Content-Type: application/json
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31480160
Akamai-Edge-IP: 2a02:26f0:780::210:ca09
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 1675264686-1ed3e0bf48300734fd5b3a87e7c5a68ff36759c9e72b36b9ce030e93da3034d3-d.jpg
i.vimeocdn.com/video/ Frame BBCD 2 KB
2 KB 57ms
55ms Image
image/jpeg 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1675264686-1ed3e0bf48300734fd5b3a87e7c5a68ff36759c9e72b36b9ce030e93da3034d3-d.jpg?mw=80&q=85
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c49ff62cbd253d5b3a8784bf05d4eaf15ad92d8a7069799883aa5dc2ef32b638

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 56032
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1885
viewmaster-server: viewmaster-us-central1-d55w
x-served-by: cache-dfw-kdfw8210111-DFW, cache-fra-eddf8230136-FRA
x-timer: S1685134965.024245,VS0,VE1
etag: eb79c82d0d8b6412c3157cf3dccf7557
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 10, 1

GET
H2 200 1165933726848771 Show response
connect.facebook.net/signals/config/ 300 KB
87 KB 188ms
188ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1165933726848771?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b38a007c037aaeac3d2977726a1b40293ea43c49af560cc39331dd60853beda

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 21:02:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jeCLK0GiIhmvvXdl1m54f4zNlsM5SladqNqLR2R9fI3laA+b6OVMmr1K2fzw50gNwcdq0d//DPwFaFijtDXKog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.co.uk/pagead/1p-conversion/956687319/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&...
https://www.google.co.uk/pagead/1p-conversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.htm...

42 B
154 B

69ms
68ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1932718271.1685134965&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExIQm93WVEydG0yNy1UZHU2LU5BUkltQUtiVms2YURfV1VkS0swTjhvTTJYUVllb2VpZFBaQ3g2RzRPZzI4QnBqMTJ0NkJ2dXRvGlpDaEVJOExIQm93WVF4c0NuNGF6dDVaek9BUkl1QUcyQU92dzN6dF81bm5JVGZCQTUtTWxfLW0wSWlHdEZ4UFRFemdfUFEyXzBGdFIyQUx4dXRNZzNYOEw5UWciEwjomOj38JP_AhXu5bsIHedeAPU&is_vtc=1&ocp_id=dB5xZOiOMu7L7_UP572BqA8&cid=CAQSKQBygQiDryUYrO4pM8Em3WcrYBpGw7PqYLl3Lwf48_j5SuWyY0FIdI0P&eitems=ChEI8LHBowYQodHrpN-9wq7cARIdAEawMisvVih2qS1CSjs1bAj89tjhBrpYqj4NGNM&random=3752859540&ipr=y

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.uk/pagead/1p-conversion/956687319/?random=1524208381&cv=11&fst=1685134964653&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mandai.com%2Fen.html&label=nUwvCOqlsKQDENfHl8gD&hn=www.googleadservices.com&frm=0&tiba=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&value=0&auid=1932718271.1685134965&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExIQm93WVEydG0yNy1UZHU2LU5BUkltQUtiVms2YURfV1VkS0swTjhvTTJYUVllb2VpZFBaQ3g2RzRPZzI4QnBqMTJ0NkJ2dXRvGlpDaEVJOExIQm93WVF4c0NuNGF6dDVaek9BUkl1QUcyQU92dzN6dF81bm5JVGZCQTUtTWxfLW0wSWlHdEZ4UFRFemdfUFEyXzBGdFIyQUx4dXRNZzNYOEw5UWciEwjomOj38JP_AhXu5bsIHedeAPU&is_vtc=1&ocp_id=dB5xZOiOMu7L7_UP572BqA8&cid=CAQSKQBygQiDryUYrO4pM8Em3WcrYBpGw7PqYLl3Lwf48_j5SuWyY0FIdI0P&eitems=ChEI8LHBowYQodHrpN-9wq7cARIdAEawMisvVih2qS1CSjs1bAj89tjhBrpYqj4NGNM&random=3752859540&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-BDGGPC8sPSpFR.js Show response
rules.quantcount.com/ 3 KB
2 KB 182ms
61ms Script
application/javascript 2600:9000:223c:5c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BDGGPC8sPSpFR.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42f1a463859900410614d76b00c6eb2dfec4a8bf7e6b30793549c2038e67e514

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: gzip
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 May 2023 03:44:08 GMT
server: AmazonS3
etag: W/"be5d5449d232b8e43a8627acb7d1bb9f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: r4O-8Zu_Bnj5_dxjuMp50yjcGqNBU3M7WKj40640IDGCUNsmzOd7fw==

GET
H2 200 dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.... Show response
adservice.google.com/ddm/fls/i/ Frame 2D8C 534 B
674 B 238ms
91ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

087c1e5bcbe2cb24a80bbb6ce653ac448ecb6671656790e6a6bd91becac293da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.... Show response
adservice.google.com/ddm/fls/i/ Frame 385C 534 B
367 B 238ms
91ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bfc93c4f6b851a90a552aa1079dbc0cee7e702a76ce3589d2223532327b5385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 297
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww... Show response
adservice.google.com/ddm/fls/i/ Frame 17D4 535 B
365 B 236ms
92ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/activityi;dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5e0d3c2f9c461118b50046ab73a0465e17e08eff4b58b6e7a20d41181c21c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame BBCD 0
903 B 305ms
205ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=459f30d4a3aef327341b0d3fb4faab8b2935df061685134964

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 26 May 2023 09:02:45 GMT
Date: Fri, 26 May 2023 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kjyo7100057-IAD, cache-lcy-eglc8600036-LCY
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1685134965.210888,VS0,VE122
x-backend-proxy: webproxy18
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-784c5964f9-ldl6z
Accept-Ranges: bytes
CF-RAY: 7cd8f5fc5a37416a-LHR
X-Cache-Hits: 0, 0

GET
H2 200 main.MWI2MzlmMWJmMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 257 KB
69 KB 57ms
57ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE2TOBBC77U92N2SU4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 5796aeb1
date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230508113125E72E85BE12A0760F11DA
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f2692a5456a5be9b94f30adfb25e733b7fbda045f3882df096f3ae7a6ed72cccd08fff1d81721661a5f5356171298984f37c8948bed18de9210ad3c0f79c4e3615baeec4f1db482838f81881c9e9541e6d8c7510958978061cb6931e51710114
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 69530

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ 407 KB
163 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166449
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 10:51:48 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 83ms
82ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-23015312-37&cid=857466848.1685134965&jid=614017940&_u=YGDACAABBAAAAC~&z=1946129315

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 209ms
79ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-23015312-37&cid=857466848.1685134965&jid=614017940&_u=YGDACAABBAAAAC~&z=1946129315

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame BBCD 35 KB
12 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 26 May 2023 21:02:45 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame BBCD 51 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 04:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 27 May 2023 04:10:03 GMT

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 57ms
57ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 5796b0c2
date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230508113120DE7FED6386D850C22DA3
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01294eb4bb85c43a146d0caa6ce2ba16367dfb26e490adc16eac6099baa57f278ceea912ca4133a8f95f21fe5d8069244457ef561209551a6f381492ab25d7f6e67a3b7522dca67139aac3f552680214daaa00cfdd0d9c600cd1af667e8baf9d99
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=8
content-length: 30861

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 184ms
184ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 25e21e1e.5796b14e
date: Fri, 26 May 2023 21:02:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
x-parent-response-time: 124,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=43, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202305262102457892809B7EFDFA0C6C65
x-cache-remote: TCP_MISS from a23-59-251-109.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 43,23.59.251.109
x-tt-trace-host: 0165044cd28d04cb7bb7ccfa7b33187f0758c2cfef082d5a4d2fb94fc06cf2ef299f6953df5eb4a1975a922d2fc0a7458cbe06f72b1b8dfde32ad4e7114cafe971d317f6e60d3f462b3fd27f6cda8b5262e644a86fb8e6d85e19e1dfc4638fc177c4dd3c55ad22eab70ccbd005c26d34ee
expires: Fri, 26 May 2023 21:02:45 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame BBCD 0
40 B 154ms
154ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=459f30d4a3aef327341b0d3fb4faab8b2935df061685134964
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 26 May 2023 21:02:45 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 94831b09.mp4 Show response
164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-40927299... Frame BBCD 243 KB
244 KB 179ms
179ms XHR
video/mp4 2a02:26f0:780::210:ca09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-409272998d7b/parcel/video/94831b09.mp4?r=dXMtd2VzdDE%3D&range=890-249434
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:780::210:ca09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: c17029f9083794e867b2164edf4f6f4fdd5fb62bc6316f0a3459611732dd29ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 21:02:45 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
origin-retrieved-hour: 1685077200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 248545
AK-REFERENCE-ID: 0.5ca1002.1685134965.187f89bb
Last-Modified: Fri, 26 May 2023 05:28:51 GMT
Server: parcel
ETag: "-CO++6Jigkv8CEAE="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31480193
Akamai-Edge-IP: 2a02:26f0:780::210:ca09
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 pixel;r=665891602;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-...
pixel.quantserve.com/ 35 B
372 B 73ms
56ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=665891602;labels=_fp.event.Default;rf=0;a=p-BDGGPC8sPSpFR;url=https%3A%2F%2Fwww.mandai.com%2Fen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-806483833-1685134965033;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=mandai.com;dst=0;et=1685134965278;tzo=0;ogl=title.Homepage%2Cdescription.An%20unforgettable%20wildlife%20adventure%20at%20Mandai%20awaits!%20Explore%20and%20discover%20the%20w%2Cimage.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fcontent%2Fdam%2Fmandai%2Fabout-mandai%2FMasthead-1920x894-v2%252Ejpg%2Curl.https%3A%2F%2Fwww%252Emandai%252Ecom%2Fen%252Ehtml%2Ctype.article;ses=3e5af3ba-38ad-45e6-a544-7950e70a7067;mdl=

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.... Show response
adservice.google.co.uk/ddm/fls/i/ Frame E4B5 194 B
515 B 256ms
93ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/ddm/fls/i/dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNaW6vfwk_8CFdCmmgodANwBOg;src=11432329;type=wrs;cat=wrs_h0;ord=2298393978925;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
expires: Fri, 26 May 2023 21:02:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.... Show response
11432329.fls.doubleclick.net/ddm/fls/r/ Frame 871E
Redirect Chain

https://adservice.google.co.uk/ddm/fls/i/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;...
https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;u...

3 KB
1 KB

93ms
92ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

10fa31c9959e1f19a226eca226ffa078b5b4fe24cac06352e9ffcc41899b7f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1054
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
expires: Fri, 26 May 2023 21:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww... Show response
adservice.google.co.uk/ddm/fls/i/ Frame 1B95 194 B
150 B 254ms
93ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/ddm/fls/i/dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM2X6vfwk_8CFYHKOwId4IIFxw;src=11432329;type=wrs;cat=wrs_e00;ord=6359138947772;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
expires: Fri, 26 May 2023 21:02:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 428162178859206 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 201ms
201ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/428162178859206?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a8e38b9d4a30195add65766cd189b0e06caa74702f91c45c87e8db9dfe51f92

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 21:02:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sIJHjEmpaIvTVsPj/Hbe7T8cdqHUzuQ9R2lUGRevy8u7+rDIO788x1ZPZNUagFB7UPPtrRTyn8FI10SoKa0IRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 172ms
54ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1165933726848771&ev=PageView&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1685134965305&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685134965304.1497091518&it=1685134965009&coo=false&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 May 2023 21:02:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 fa-brands-400.woff2
www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/ 75 KB
75 KB 248ms
248ms Font
application/font-woff2 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/fonts/fonts-awesome/fa-brands-400.woff2

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
Origin: https://www.mandai.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 76764
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:19 GMT
server: cloudflare
etag: "574e42cf75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f5fddee0dd7c-LHR

GET
H/1.1 200
OK c8920bf6.mp4 Show response
164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-40927299... Frame BBCD 2 MB
2 MB 104ms
104ms XHR
video/mp4 2a02:26f0:780::210:ca09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-409272998d7b/parcel/video/c8920bf6.mp4?r=dXMtd2VzdDE%3D&range=887-2382823
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:780::210:ca09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: f266562cadb3de915f5b94cfe30003a93e4c5c66e5ee27ba5e22e2dbb8dc4a5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 21:02:45 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
origin-retrieved-hour: 1685077200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 2381937
AK-REFERENCE-ID: 0.5ca1002.1685134965.187f8b72
Last-Modified: Fri, 26 May 2023 05:29:17 GMT
Server: parcel
ETag: "-CPDxqqWgkv8CEAE="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31480124
Akamai-Edge-IP: 2a02:26f0:780::210:ca09
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 54ms
54ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428162178859206&ev=ViewContent&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1685134965628&cd[content_type]=product&cd[content_ids]=%5B%22en.html%22%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1685134965304.1497091518&cs_est=true&est_source=411158113806146&it=1685134965009&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 May 2023 21:02:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 55ms
54ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428162178859206&ev=PageView&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&rl=&if=false&ts=1685134965628&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221197172684137244%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22628033828574646%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22en.html%22%7D%7D&fbp=fb.1.1685134965304.1497091518&cs_est=true&it=1685134965009&coo=false&rqm=GET

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 May 2023 21:02:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ Frame 871E 6 KB
6 KB 193ms
58ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4488938593f44847e046460f5178c8af28fdbde3a076a6161250ca53f1a914f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:32:38 GMT
age: 1807
x-guploader-uploadid: ADPycds5IDZRcvQxfneRtGZ55OKu0LivhI15n5cwE9TVN0KvdLLhfcOJMbF_V8wend4y8d0aSbVtb0HLUdt2OOCOitDC5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5791
last-modified: Mon, 17 Apr 2023 13:36:34 GMT
server: UploadServer
etag: "47cc56bc780e1d2bf7488ccdee6740d3"
x-goog-generation: 1681738594881025
x-goog-hash: crc32c=SLFA5g==, md5=R8xWvHgOHSv3SIzN7mdA0w==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 5791
accept-ranges: bytes
expires: Fri, 26 May 2023 21:32:38 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 881F 0
18 B 58ms
57ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:45 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 66017.html Show response
static.sojern.com/cip/a/ Frame 319A 5 KB
5 KB 188ms
188ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 11cebf90fa954e319e5d97526f860fd1e180fceb2bb8a1e72b66a6035d05b2b9

Request headers

Referer: https://11432329.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 4907
content-type: text/html
date: Fri, 26 May 2023 21:02:45 GMT
etag: "27431ec753f5d0064f2b2aa51ed998c0"
expires: Fri, 26 May 2023 22:02:45 GMT
last-modified: Tue, 25 Oct 2022 16:02:18 GMT
server: UploadServer
x-goog-generation: 1666713738292283
x-goog-hash: crc32c=YpELOQ== md5=J0Mex1P10AZPKyqlHtmYwA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4907
x-guploader-uploadid: ADPycdtilFRVlJesuKzS87BkpUdzZQ24P-CbjlVDM_Afo7CU6owJYEwQ8tfjwPbeuCveyzzxghzFR9kzl5KShaVH2KN9KSoXR9qU

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 871E 17 KB
7 KB 369ms
108ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: 11432329.fls.doubleclick.net
URL: https://11432329.fls.doubleclick.net/ddm/fls/r/dc_pre=COCU6vfwk_8CFcnlmgodT80NBg;src=11432329;type=wrs;cat=wrsal0;ord=5915493465971;gtm=45He35o0;auiddc=1932718271.1685134965;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:20 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: VEGH9YEPC1ZGC2MQ
age: 27
x-amz-server-side-encryption: AES256
x-amz-id-2: s32udbcC68GUw84D7yQETDXuXp5sDWncp6MoO8JOF5HErBRe+jJTPi93ag/eLqqoGevWNgJRg9BDGVxquJiGLA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK ea213a47.mp4 Show response
164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-40927299... Frame BBCD 4 MB
4 MB 106ms
106ms XHR
video/mp4 2a02:26f0:780::210:ca09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-409272998d7b/parcel/video/ea213a47.mp4?r=dXMtY2VudHJhbDE%3D&range=889-4563846
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:780::210:ca09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 4bf04e11a2580955f11cb0b617bd023c560b5420ca480d908bd2a0c256f67f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 21:02:45 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
origin-retrieved-hour: 1685077200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4562958
AK-REFERENCE-ID: 0.5ca1002.1685134965.187f8df9
Last-Modified: Fri, 26 May 2023 05:30:07 GMT
Server: parcel
ETag: "-CJ22u72gkv8CEAE="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31480145
Akamai-Edge-IP: 2a02:26f0:780::210:ca09
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 319A 18 KB
18 KB 59ms
59ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:12:17 GMT
age: 3029
x-guploader-uploadid: ADPycduI01fwOsUI246oo4iudvGZBuhNUhEAmXdI_cAKCtgAtsCHEWCi5fhKRYnfYy85QJQV3RIOaGhJBI47VBF5lG_VzMNc6G4c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Fri, 26 May 2023 21:12:17 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 319A 4 KB
4 KB 58ms
58ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:31:36 GMT
age: 1870
x-guploader-uploadid: ADPycdtY7xPM7zVXxaQ85kCrb8pocN0eXkTdtBDNXbnsOkw21YTyoj8u9RtDS02eATZAzS7I7_Y4U9bW9VyrZ3T0KCvnDU2n6tLk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4219
last-modified: Wed, 26 Apr 2023 13:18:45 GMT
server: UploadServer
etag: "c4ca3af5c34884e0dfd4291b07f65037"
x-goog-generation: 1682515125984075
x-goog-hash: crc32c=eNqgAQ==, md5=xMo69cNIhODf1CkbB/ZQNw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4219
accept-ranges: bytes
expires: Fri, 26 May 2023 21:31:36 GMT

GET
H2 200 335614 Show response
beacon.sojern.com/pixel/p/ Frame 319A 4 KB
1 KB 217ms
64ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/335614?f_v=v6_js&p_v=1&f_v=v6_js&cid=&p_v=4&version=2&ws=0x0&tz=0&pc=https%3A%2F%2Fwww.mandai.com%2Fen.html&ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&vid=hot&domain=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&s=ccid_auto&pname=%3Ff_v%3Dv6_js%26p_v%3D4%26version%3D2%26auto_url%3Dhttps%253A%252F%252F11432329.fls.doubleclick.net%252Fddm%252Ffls%252Fr%252Fdc_pre%253DCOCU6vfwk_8CFcnlmgodT80NBg%253Bsrc%253D11432329%253Btype%253Dwrs%253Bcat%253Dwrsal0%253Bord%253D5915493465971%253Bgtm%253D45He35o0%253Bauiddc%253D1932718271.1685134965%253Buaa%253D%253Buab%253D%253Buafvl%253D%253Buam%253D%253Buamb%253D0%253Buap%253D%253Buapv%253D%253Buaw%253D0%253B~oref%253Dhttps%25253A%25252F%25252Fwww.mandai.com%25252Fen.html%26auto_ccid%3Drlxu-yrk4u-rjxhw-fcxwj-mrvzv%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D0x0%26tz%3D0%26vd1%3D%26vd2%3D%26vf2%3D%26vn2%3D%26vf1%3D%26vs1%3D%26vn1%3D%26vb%3D%26pn%3D%26t%3D%26vp%3D%26vcu%3D%26vconfno%3D%26l%3D%26pc%3D%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&src=11432329&type=wrs&cat=wrsal0&ord=5915493465971&gtm=45He35o0&auiddc=1932718271.1685134965&uamb=0&uaw=0&~oref=https%3A%2F%2Fwww.mandai.com%2Fen.html&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: d65333016e519f3601909a35c59bbc6315f46eecdc3c31d3d7bf36984f141ba0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 793

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 70EB 0
15 B 57ms
57ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 21:02:46 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 10169313.json Show response
s.yimg.com/wi/config/ Frame 871E 46 B
680 B 175ms
60ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10169313.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:06:03 GMT
x-amz-version-id: 3gCjLeZ06xAlg6ITNOH0rGogNvE1pQZp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: E4QH63WSXS0E4CA1
age: 46605
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: vN/6VNZ2AvZvMBY8DXTb4OEheLVJIFqDcUIa/emCKmH6N9/tKpIOSaauQ7nzXY/CO/Uzg6kYEOg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 09 Feb 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 04 Jan 2023 16:55:37 GMT
server: ATS
etag: "169a76622cb3516047cff5f2cd73cd11"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

OPTIONS
H2 204 style
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 752ms
243ms Preflight 13.213.177.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.177.250 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-177-250.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type
Access-Control-Request-Method: GET
Origin: https://www.mandai.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mandai.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 21:02:46 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 style Show response
bpr.vouchconcierge.com/api/v2/widget/ 22 KB
22 KB 345ms
345ms XHR
application/json 13.213.177.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/widget3/js/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.177.250 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-177-250.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

423dbdaa4b1fef0c78b9a64c0299ff3b36656e3c31db3722b91b9f3a80dbd7b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 22032
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandai.com
etag: W/"5610-5muPjTBsYzgXejuq34qiarZw1Co"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 RC60b30ce13d294d708103f9b418815705-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/ 637 B
542 B 54ms
54ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/RC60b30ce13d294d708103f9b418815705-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0cdbf9f0707d9c063801168b5668de09b7be48569dc5ba42d37f786545c29c37

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
content-encoding: gzip
last-modified: Sun, 07 May 2023 09:23:20 GMT
server: AkamaiNetStorage
etag: "c44c4c3ddb795e774ead4715caac7955:1683451400.813168"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 306
expires: Fri, 26 May 2023 22:02:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 61ms
60ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2122455837&t=pageview&cu=SGD&_s=1&dl=https%3A%2F%2Fwww.mandai.com%2Fen.html&ul=en-us&de=UTF-8&dt=Mandai%20Wildlife%20Reserve%20%7C%20Singapore%27s%20Best%20Wildlife%20Experience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GjACQABBAAAACAAs~&jid=277578436&gjid=597064545&cid=857466848.1685134965&uid=&tid=UA-23015312-37&_gid=1625961923.1685134965&_r=1&gtm=457e35o0&cd199=Launch%20production%202023-05-07T09%3A22%3A35Z&z=339441486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RCbe9f3d544292409c8c27afc763bb970b-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/ 3 KB
1 KB 56ms
56ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/RCbe9f3d544292409c8c27afc763bb970b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ee80d91f265e0e3faa0e88d82bcdd90547c63970a6145fc00917b4a19dc7680d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
content-encoding: gzip
last-modified: Sun, 07 May 2023 09:23:20 GMT
server: AkamaiNetStorage
etag: "c44c4c3ddb795e774ead4715caac7955:1683451400.813168"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 994
expires: Fri, 26 May 2023 22:02:46 GMT

GET
H2 200 RC93b7e6d666b140bf9b89c7ec29fd3502-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/ 2 KB
1 KB 57ms
56ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/RC93b7e6d666b140bf9b89c7ec29fd3502-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 77f8c10b20f0c532dee2f105d3e782cb5662f1285a19f635d15ed6c86e3e37b4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
content-encoding: gzip
last-modified: Sun, 07 May 2023 09:23:20 GMT
server: AkamaiNetStorage
etag: "c44c4c3ddb795e774ead4715caac7955:1683451400.813168"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1009
expires: Fri, 26 May 2023 22:02:46 GMT

POST
H2 200 interact Show response
adobedc.demdex.net/ee/v1/ 731 B
962 B 217ms
70ms Fetch
application/json 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/interact?configId=e0dadaea-a164-437c-a78a-42cffc63b50a&requestId=47099ccc-a15c-4f10-abe1-d3eb4219ff00

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

b82adc50395280274b3baf6b4b03c1af1c4ca610121d957119864d97fb9f4217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 26 May 2023 21:02:45 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-adobe-ingress: hp
x-xss-protection: 1; mode=block
x-request-id: 47099ccc-a15c-4f10-abe1-d3eb4219ff00
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mandai.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 23.5.42-HOTFIXPUSHTOKENS:ba26a434

GET
H3 200 config.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/ 3 KB
1 KB 73ms
72ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/config.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2730bfa0c5ad0bd9ca1d7c660bc24f9a8315760470662c8f936c3a910dae7a0b

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:41 GMT
server: cloudflare
etag: W/"8087a39f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6039ea1dd7c-LHR

GET
H2

200

src=11956783;dc_pre=COnk0Pjwk_8CFTezmgodjDIO6Q;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_...
adservice.google.com/ddm/fls/z/ Frame 319A
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11956783;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid...
https://ad.doubleclick.net/ddm/activity/src=11956783;dc_pre=COnk0Pjwk_8CFTezmgodjDIO6Q;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252...
https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COnk0Pjwk_8CFTezmgodjDIO6Q;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252F...

42 B
118 B

93ms
93ms

Image
image/gif

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COnk0Pjwk_8CFTezmgodjDIO6Q;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=11956783;dc_pre=COnk0Pjwk_8CFTezmgodjDIO6Q;type=track0;cat=apacm0;qty=1;cost=0;u1=;u4=;u5=;u10=;u11=;u14=;u15=;u16=https%253A%252F%252Fwww.mandai.com%252Fen.html;u17=;u18=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 319A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=grCxiuMflJoRuYAs-N7AgA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBn...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL&sjrn_ula=7361855079&google_gid=CAESEE8abdzKcmcZw5N9IYJ8eYE&google_cver=1

42 B
282 B

147ms
62ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL&sjrn_ula=7361855079&google_gid=CAESEE8abdzKcmcZw5N9IYJ8eYE&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Fri, 26 May 2023 21:02:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL&sjrn_ula=7361855079&google_gid=CAESEE8abdzKcmcZw5N9IYJ8eYE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 319A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=grCxiuMflJoRuYAs-N7AgA&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopo2wwh9e0xgQxGG5Z3461zP6gGeTfpqfZFeADqZ8aQEGp46-yuWtyjBZgkp5rqavPlZUbchrD093mCSrXZVra0KXUEhxfRmR1YU994pXIDZghEzRA
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopo2wwh9e0xgQxGG5Z3461zP6gGeTfpqfZFeADqZ8aQEGp46-yuWtyjBZgkp5rqavPlZUbchrD093mCSrXZVra0KXUEhxfRmR1YU994pXIDZghEzRA

170 B
244 B

82ms
65ms

Image
image/png

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopo2wwh9e0xgQxGG5Z3461zP6gGeTfpqfZFeADqZ8aQEGp46-yuWtyjBZgkp5rqavPlZUbchrD093mCSrXZVra0KXUEhxfRmR1YU994pXIDZghEzRA

Requested by

Protocol

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopo2wwh9e0xgQxGG5Z3461zP6gGeTfpqfZFeADqZ8aQEGp46-yuWtyjBZgkp5rqavPlZUbchrD093mCSrXZVra0KXUEhxfRmR1YU994pXIDZghEzRA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 319A
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DNtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL
https://pixel.sojern.com/idsync/apn?id=4899543228013589748&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL

42 B
264 B

62ms
62ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=4899543228013589748&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Fri, 26 May 2023 21:02:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Date: Fri, 26 May 2023 21:02:46 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.45; 82.199.130.45; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2eb22be8-6d8d-48de-b2b0-82ae32ea428a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel.sojern.com/idsync/apn?id=4899543228013589748&sjrn_id=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 319A 70 B
265 B 185ms
63ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=NtB-2ym92mCIXr_vR0FRDZk0AS43S7DZlTjnKl_Yw8h_BzSoeBnQfx42dGxOhGVL&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/66017.html?f_v=v6_js&p_v=4&version=2&auto_url=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&auto_ccid=rlxu-yrk4u-rjxhw-fcxwj-mrvzv&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=0x0&tz=0&vd1=&vd2=&vf2=&vn2=&vf1=&vs1=&vn1=&vb=&pn=&t=&vp=&vcu=&vconfno=&l=&pc=&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
73 B 57ms
56ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-23015312-37&cid=857466848.1685134965&jid=277578436&gjid=597064545&_gid=1625961923.1685134965&_u=6GjACQABBAAAACAAs~&z=1892859783

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 26 May 2023 21:02:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 config-layout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
3 KB 71ms
71ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/config-layout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900a288c395b648fd5fae5399cb8eee9e70dd9d110b53667255953848f3b5a21

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:01 GMT
server: cloudflare
etag: W/"809cafb0f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f41dd7c-LHR

GET
H3 200 tracking-data.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 5 KB
2 KB 81ms
80ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/tracking-data.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b501137c92b1c7c949189ebfc47a49221e5e9c174cabdeec27579abf854b9ab

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:14 GMT
server: cloudflare
etag: W/"0416fb8f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f47dd7c-LHR

GET
H3 200 header.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 23 KB
5 KB 83ms
82ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/header.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16c1964029d249200dbf63d37b09386a79a238cd6da4e2d11dc65472158324a

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:37 GMT
server: cloudflare
etag: W/"808061a2f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f49dd7c-LHR

GET
H3 200 bodyScrollLock.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 72ms
71ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/bodyScrollLock.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:26:01 GMT
server: cloudflare
etag: W/"80ca6545f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f4add7c-LHR

GET
H3 200 modal.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
3 KB 65ms
63ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/modal.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6a1a55f57197d417e1a05872b6d5fa12e26ad6758a63cf872538fab0eac5a3f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:41 GMT
server: cloudflare
etag: W/"807cf3f1f65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f4bdd7c-LHR

GET
H3 200 logout.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 953 B
764 B 69ms
68ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/logout.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2bb0e180446cb8909ad161b1c8ffe54b7eab5eb171803fa603d9068a0f7e5b7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:23 GMT
server: cloudflare
etag: W/"69dbec2ef75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f4ddd7c-LHR

GET
H3 200 navbar-search.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
2 KB 78ms
76ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/navbar-search.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587502b2bd968ca1bd87458f5efe3d57da682e37f9842333f0dbdcced9b46114

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:21:10 GMT
server: cloudflare
etag: W/"0b7f297f65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f4fdd7c-LHR

GET
H3 200 search-component.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 4 KB
2 KB 70ms
68ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/search-component.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af777f263c875becbe9f27168f4150b5b8abe5d3329590ada21ce000358696c

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:07 GMT
server: cloudflare
etag: W/"802343b4f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f51dd7c-LHR

GET
H3 200 md-destination-masthead.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 565ms
562ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-destination-masthead.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a24ab72dbe26c182293abdaf8bab532cbe85d501fc8dbdc1851ad72b94c2aebf

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:37 GMT
server: cloudflare
etag: W/"808061a2f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f52dd7c-LHR

GET
H3 200 background-change.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 2 KB
974 B 75ms
72ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/background-change.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceccf9d6d052f0ddf12355af8deea5102a796f2d5432b2a444352f3fc938c1d8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:00 GMT
server: cloudflare
etag: W/"d77da2d9f65fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f53dd7c-LHR

GET
H3 200 vimeo.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 8 KB
2 KB 243ms
241ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/vimeo.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605d880eec322dbbfb8c51c9696dd676fd5dfa0fb1df786623a838259530b504

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:56:40 GMT
server: cloudflare
etag: W/"0ec868dfb5fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f54dd7c-LHR

GET
H3 200 md-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 68ms
66ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/md-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7e7c52fa762c3cbb9a9c2625d96b6922064811afca8eb1170b6d6aa1fbc76f1

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:24:14 GMT
server: cloudflare
etag: W/"0e39e5f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f55dd7c-LHR

GET
H3 200 masthead-carousel.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 9 KB
3 KB 91ms
89ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/masthead-carousel.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aaea4deceea112c9180a3cac832f270bbced4787757f175740332595fa7ae1a

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:31:03 GMT
server: cloudflare
etag: W/"805567f9f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f57dd7c-LHR

GET
H3 200 match-height.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
830 B 77ms
75ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/match-height.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fa5f5b901d9ca372d4d1c0e6965f431f523bc99dfee78453c390f419decd91

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:27:32 GMT
server: cloudflare
etag: W/"582dd57bf75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6041f58dd7c-LHR

GET
H3 200 back-to-top.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 1 KB
934 B 111ms
109ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/back-to-top.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e79c2984d4f109cb17bc30ac8cef10768d2de4a376ccab96c8f1548de115430

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:26:42 GMT
server: cloudflare
etag: W/"31b8fe5df75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6042f5edd7c-LHR

GET
H3 200 list-social.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 74ms
73ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/list-social.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e752711b9a6d20069db0bebd20d654d55816004fb0a06584f80317e2f8c90f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:42 GMT
server: cloudflare
etag: W/"09f123af75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6042f62dd7c-LHR

GET
H3 200 accordion-footer.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/ 3 KB
1 KB 74ms
72ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/accordion-footer.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

623edc66f2c326a0b290806a0197d3256736f9a8307551fe77d3ad456232e541

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 34
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:23 GMT
server: cloudflare
etag: W/"b2471a2ff75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6042f65dd7c-LHR

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 871E 43 B
632 B 187ms
56ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2026%20May%202023%2021%3A02%3A46%20GMT&n=0&.yp=10169313&f=https%3A%2F%2F11432329.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOCU6vfwk_8CFcnlmgodT80NBg%3Bsrc%3D11432329%3Btype%3Dwrs%3Bcat%3Dwrsal0%3Bord%3D5915493465971%3Bgtm%3D45He35o0%3Bauiddc%3D1932718271.1685134965%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buam%3D%3Buamb%3D0%3Buap%3D%3Buapv%3D%3Buaw%3D0%3B~oref%3Dhttps%253A%252F%252Fwww.mandai.com%252Fen.html&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.14.0&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://11432329.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 26 May 2023 21:02:46 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 79ms
77ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-23015312-37&cid=857466848.1685134965&jid=277578436&_u=6GjACQABBAAAACAAs~&z=242964154

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 80ms
79ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-23015312-37&cid=857466848.1685134965&jid=277578436&_u=6GjACQABBAAAACAAs~&z=242964154

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 handlebars-v4.0.5.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 71 KB
21 KB 78ms
77ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/handlebars-v4.0.5.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f15f8225783d294f040145b0129d2171e53a5a0cddc4359c9b092f17aca2ef72

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:14 GMT
server: cloudflare
etag: W/"0416fb8f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6048fdfdd7c-LHR

GET
H3 200 iscroll.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 33 KB
9 KB 64ms
63ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/iscroll.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67b6849fcd40d27bac12b6329a27194a90c215d19ffdfc10586da449d13d11d

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:26:42 GMT
server: cloudflare
etag: W/"0e5d55df75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6048fe1dd7c-LHR

GET
H3 200 jquery.cookie.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.cookie.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017b544bccd71d66e8e8d7c4e5b87ab2238b09661985d6e288f9674390dda9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:26:02 GMT
server: cloudflare
etag: W/"061fe45f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6049fecdd7c-LHR

GET
H3 200 slick.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 41 KB
11 KB 73ms
72ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/slick.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56d0c0b2f54ca7d8140dd0f72c101a63e67c65a7b05e996386c32d52a357ec45

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:38 GMT
server: cloudflare
etag: W/"017faa2f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6049ffedd7c-LHR

GET
H3 200 jquery-ui.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 249 KB
68 KB 80ms
80ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery-ui.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:26:02 GMT
server: cloudflare
etag: W/"061fe45f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6049800dd7c-LHR

GET
H3 200 jquery.simplePagination.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 6 KB
2 KB 62ms
62ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.simplePagination.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d24c78deef6284bcaecba79a0b8698a016d579e86a1eff6eecaea09477256db8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:25:43 GMT
server: cloudflare
etag: W/"8035ab3af75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f604a818dd7c-LHR

GET
H3 200 jquery.matchHeight.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 3 KB
2 KB 69ms
67ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.matchHeight.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45144a93ef7e117598736fb873741662208e2fe7058cf76879aff799805e3128

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:37 GMT
server: cloudflare
etag: W/"808061a2f75fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f604a81edd7c-LHR

GET
H3 200 lodash.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 72 KB
27 KB 78ms
76ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/lodash.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f771988a30ff1eef6257e180b219ab315ea576be2d8c743fa869d2ea2bf5194

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:33:23 GMT
server: cloudflare
etag: W/"80a3d94cf85fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f604a81fdd7c-LHR

GET
H3 200 storagePolyfill.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 4 KB
2 KB 63ms
62ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/storagePolyfill.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df809c8c68e16dc3e7174dbf19fa156c67af0acae5298c78a7b76a9993551bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:21:11 GMT
server: cloudflare
etag: W/"804d8b98f65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f604a821dd7c-LHR

GET
H3 200 generatetoken.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/ 4 KB
1 KB 63ms
63ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/plugins/membership/generatetoken.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3fc9971e8317cc70bb327ee2669908420f3c23aebb06de1e66edf052ee29236

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:23:42 GMT
server: cloudflare
etag: W/"0138cf2f65fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f604a822dd7c-LHR

GET
H3 200 debounce.min.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 731 B
862 B 71ms
70ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/debounce.min.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:30:04 GMT
server: cloudflare
etag: W/"5bb759d6f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f604a823dd7c-LHR

GET
H3 200 bird-paradise-mandai-masthead-desktop-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 421 KB
421 KB 920ms
919ms Image
image/jpeg 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/bird-paradise-mandai-masthead-desktop-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2d49da5049f8a2216cb829247d10c62b288f085b41a70df038c60cf50f1132

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 431092
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:38 GMT
server: cloudflare
etag: "2ca211a3f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f604b826dd7c-LHR

GET
H3 200 homepage-banner-parks-carousel-ns-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 265 KB
265 KB 946ms
945ms Image
image/jpeg 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-ns-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aeb2f75f0404a841f293ebf83b53a0d495655c71034f0750504fe2a2f6301ab

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 271144
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:14 GMT
server: cloudflare
etag: "8142d5b8f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f604b82bdd7c-LHR

GET
H3 200 homepage-banner-parks-carousel-rw-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 341 KB
342 KB 554ms
553ms Image
image/jpeg 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-rw-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa84a5453b4580d357e409198d46e8bc79b2257cfa607e1bd47826acf032c947

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 349439
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:31:51 GMT
server: cloudflare
etag: "3d8ae16f85fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f604b82fdd7c-LHR

GET
H3 200 homepage-banner-parks-carousel-sz-web-1920x1080.jpg
www.mandai.com/content/dam/mandai/destination/park-carousel/ 358 KB
358 KB 582ms
581ms Image
image/jpeg 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/destination/park-carousel/homepage-banner-parks-carousel-sz-web-1920x1080.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbeee5eb65eb3d90fa4a4191e1c70b4391b7999d931658b9b45dd2c783194eb5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 366357
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:30:05 GMT
server: cloudflare
etag: "eed8dcd6f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f604b831dd7c-LHR

GET
H3 200 background-d.jpg
www.mandai.com/content/dam/mandai/test/ 366 KB
366 KB 881ms
880ms Image
image/jpeg 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/test/background-d.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc99d1e20fe5bd9007cc2b33de0590229319d95be0f877376855d1bfd0a44f61

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 374277
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:28:38 GMT
server: cloudflare
etag: "9b2b1ba3f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f604b833dd7c-LHR

GET
H3 200 conservation-banner-1920x933.jpg
www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/ 138 KB
138 KB 619ms
618ms Image
image/jpeg 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/content/dam/mandai/care-for-planet/conservation-included/conservation-banner-1920x933.jpg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9e4d368f9e9ca3e8f01c131adf5b86c61d9324c8a7b5280fd8bcd6b901ca2e5

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
cf-polished: origSize=144855
alt-svc: h3=":443"; ma=86400
content-length: 140837
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 Mar 2023 15:27:45 GMT
server: cloudflare
etag: "a6b6d283f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f604b837dd7c-LHR

GET
H2 200 RCd6b0182561154cd5943305decc9b7ec5-source.min.js Show response
assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/ 1 KB
742 B 57ms
54ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e9925ccd723/6a33b502dbfc/4f187b4f1db3/RCd6b0182561154cd5943305decc9b7ec5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 83cfe7a09abf6fac9cdaf5d6da2c07b859cbad7075a062db25855927d4b000b6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
content-encoding: gzip
last-modified: Sun, 07 May 2023 09:23:20 GMT
server: AkamaiNetStorage
etag: "c44c4c3ddb795e774ead4715caac7955:1683451400.813168"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 506
expires: Fri, 26 May 2023 22:02:46 GMT

GET
H3 200 ajax-loader.gif
www.mandai.com/etc/designs/wrs/clientlib-site/css/ 3 KB
3 KB 65ms
65ms Image
image/gif 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/css/ajax-loader.gif

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-all.min.94e4be206ee6a6a1947b263043bcbf54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 32
cf-polished: origSize=4178, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 2592
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 Mar 2023 15:28:25 GMT
server: cloudflare
etag: "13838d9bf75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
cf-ray: 7cd8f60548e8dd7c-LHR

GET
H3 200 mandai-arrow-green-left.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
1 KB 62ms
62ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-left.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cab82ea75cd66e69e3594efc140c1dbd58bf1f11091ea0af05dbe97e8ffde24

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 32
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:31:03 GMT
server: cloudflare
etag: W/"d0ac8cf9f75fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6056903dd7c-LHR

GET
H3 200 mandai-arrow-green-right.svg
www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/ 1 KB
2 KB 60ms
59ms Image
image/svg+xml 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandai.com/etc/designs/wrs/clientlib-site/images/mandai/mandai-arrow-green-right.svg

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a4031534936da754801f3a1272d6af544b0780bc53e69cc0ea3aabfe52c361

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/etc/designs/wrs/clientlib-site/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: HIT
age: 32
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=i6XC1i6A2q9N_i_tPJXzhvutntYX0N2Avnzq4qUS7Zk-1685134966-0-AbfYCU5JleuBIh4w2v_yXlHD6BH7m8LIjFREmZhIvYnNKjaqXMUM8r802MGfTNNd7B_nXEX9iQn4vGFGDBdg6YQz8GoVkpb6rB1cdEYBdug0XAunaA4BkpGYzY2iBlXbUFGeXKoBs6Ybfmb5hIk_iEU; report-to cf-csp-endpoint
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:29:03 GMT
server: cloudflare
etag: W/"9539ecb1f75fd91:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=i6XC1i6A2q9N_i_tPJXzhvutntYX0N2Avnzq4qUS7Zk-1685134966-0-AbfYCU5JleuBIh4w2v_yXlHD6BH7m8LIjFREmZhIvYnNKjaqXMUM8r802MGfTNNd7B_nXEX9iQn4vGFGDBdg6YQz8GoVkpb6rB1cdEYBdug0XAunaA4BkpGYzY2iBlXbUFGeXKoBs6Ybfmb5hIk_iEU"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
vary: Accept-Encoding
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6056905dd7c-LHR

GET
H3 200 header Show response
www.mandai.com/bin/wrs/ 52 B
582 B 261ms
260ms XHR
application/json 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/bin/wrs/header

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.mandai.com/en.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f605994cdd7c-LHR
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 interact Show response
smetrics.mandai.com/ee/irl1/v1/ 371 B
780 B 211ms
72ms Fetch
application/json 63.140.62.164
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.mandai.com/ee/irl1/v1/interact?configId=e0dadaea-a164-437c-a78a-42cffc63b50a&requestId=3f549aee-717d-4a3d-9c98-749efdc2d0a0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ab58664f1d446d5b85e27680012b2974174281a3/satelliteLib-174e437f9c7bbc3269e118fb99465df5956bdf57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

22f2a997dd301b32930509284ffd5c2e98d2d33718fdc089db039c586a13f55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandai.com/en.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 26 May 2023 21:02:46 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-adobe-ingress: hp
x-xss-protection: 1; mode=block
x-request-id: 3f549aee-717d-4a3d-9c98-749efdc2d0a0
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mandai.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 23.5.42-HOTFIXPUSHTOKENS:ba26a434

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame BBCD 0
11 B 154ms
153ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=459f30d4a3aef327341b0d3fb4faab8b2935df061685134964
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 26 May 2023 21:02:46 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 jquery.modal.js Show response
www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/ 13 KB
4 KB 565ms
565ms Script
application/javascript 2606:4700::6812:5f04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandai.com/etc/designs/wrs/footLibs/js/libs/plugins/jquery.modal.js

Requested by

Host: www.mandai.com
URL: https://www.mandai.com/etc/designs/wrs/headLibs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f04 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d13f70bc882993f6d4640e60bed4b5fe27e10dc75f17fbd0bc7672a3ecfdf42f

Security Headers

Name	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 15:52:39 GMT
server: cloudflare
etag: W/"803de1fdfa5fd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray: 7cd8f6061a33dd7c-LHR

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame BBCD 0
12 B 155ms
154ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 26 May 2023 21:02:46 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame BBCD 0
11 B 155ms
155ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=459f30d4a3aef327341b0d3fb4faab8b2935df061685134964
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 26 May 2023 21:02:46 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK ea213a47.mp4 Show response
164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-40927299... Frame BBCD 3 MB
3 MB 85ms
85ms XHR
video/mp4 2a02:26f0:780::210:ca09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://164vod-adaptive.akamaized.net/exp=1685138564~acl=%2F06bd5936-4826-4f80-a4da-409272998d7b%2F%2A~hmac=01016d8034fce577dd766ab64c9c232c66a8f25d296b31ea783978300a9d5d08/06bd5936-4826-4f80-a4da-409272998d7b/parcel/video/ea213a47.mp4?r=dXMtY2VudHJhbDE%3D&range=4563847-7297121
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.25/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:780::210:ca09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 51f0a39cced108571e144355b1a5b86b5ba2ddc4667d7e27b55411c09d3af1ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 21:02:47 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
origin-retrieved-hour: 1685077200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 2733275
AK-REFERENCE-ID: 0.5ca1002.1685134967.187f914f
Last-Modified: Fri, 26 May 2023 05:30:07 GMT
Server: parcel
ETag: "-CJ22u72gkv8CEAE="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31480268
Akamai-Edge-IP: 2a02:26f0:780::210:ca09
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 1626935178112.png
files.vouch.sg/files/60b9e36a547f7400165c552c/ 549 B
857 B 404ms
265ms Image
image/png 143.204.231.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/60b9e36a547f7400165c552c/1626935178112.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.231.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-231-84.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:48 GMT
via: 1.1 7637a62973d8d496eb6956a2114d44ba.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 06:26:14 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C1
etag: "7ba90422931f52be89d1284b77f8b016"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 549
x-amz-cf-id: TEMvhbe_SfKUZQjMQRM73XahyZG7RbJ99zF-XMzE84wBQYw8vynm7Q==

GET
H2 200 1655801521060.png
files.vouch.sg/files/613afb2ee42545001564fef5/ 514 B
818 B 407ms
268ms Image
image/png 143.204.231.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.vouch.sg/files/613afb2ee42545001564fef5/1655801521060.png
Requested by: Host: www.mandai.com
URL: https://www.mandai.com/en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.231.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-231-84.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:48 GMT
via: 1.1 7637a62973d8d496eb6956a2114d44ba.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:51:53 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C1
etag: "200984452bb9c370ccc880fdd1c6adce"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 514
x-amz-cf-id: QmapBNzZ5y_17w61BT0YXHMdgkP9gZkiPRM-eVbMrgV6ZV4MsgTJag==

GET
H2

200

/ Show response
app.vouchconcierge.com/bot-g/ Frame 0A4B
Redirect Chain

https://app.vouchconcierge.com/bot/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&profile=Default&fallbackURL=https://www.mandai.com/en.html
https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default

2 KB
1 KB

551ms
551ms

Document
text/html

108.139.243.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/widget3/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-119.mxp63.r.cloudfront.net
Software: /
Resource Hash: 7d66b120a80394fae1a9f508a99f276972d9e0bb90c17ee304deadeaf088ebe2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 732
content-type: text/html
date: Fri, 26 May 2023 21:02:48 GMT
etag: "a26c45d16d050bcd144faa60e4da1e58"
last-modified: Fri, 12 May 2023 07:27:52 GMT
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amz-apigw-id: FjGy6H5rSQ0FSmA=
x-amz-cf-id: AjUQlueCl-KRLG8L5V1wrjGj_YL1eeiMfz_qECXj9g8_ek3acB_blA==
x-amz-cf-pop: MXP63-P3
x-amzn-remapped-content-length: 1817
x-amzn-remapped-date: Fri, 26 May 2023 21:02:49 GMT
x-amzn-remapped-server: AmazonS3
x-amzn-requestid: 248000dc-fb29-445d-ae14-4e9f677e4e58
x-cache: Miss from cloudfront

Redirect headers

cache-control: max-age=86400
content-length: 0
content-type: application/json
date: Fri, 26 May 2023 21:02:48 GMT
location: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amz-apigw-id: FjGy1FSkyQ0FUlw=
x-amz-cf-id: HKSm8dNSzXOhyPz2q4h9rF4zP37i31kFaq57Nz1c1u3HVvvpuTC53Q==
x-amz-cf-pop: MXP63-P3
x-amzn-requestid: ede19bb6-096c-4226-ba68-1af1c910513c
x-amzn-trace-id: Root=1-64711e78-7ccb741d0021b92d5c0b2cd1;Sampled=0;lineage=5e77314d:0
x-cache: Miss from cloudfront

GET
H2 200 chunk-vendors.218ac605.js Show response
app.vouchconcierge.com/bot-g/js/ Frame 0A4B 3 MB
709 KB 525ms
525ms Script
application/javascript 108.139.243.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouchconcierge.com/bot-g/js/chunk-vendors.218ac605.js
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-119.mxp63.r.cloudfront.net
Software: /
Resource Hash: b6c268f25c10288dfea40e14c3ab52cf0d608c22fa6dff0754da13353452f371

Request headers

Referer: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Origin: https://app.vouchconcierge.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 3276650
x-amzn-remapped-server: AmazonS3
x-amz-cf-pop: MXP63-P3
x-amzn-requestid: 72214b70-db68-455a-9086-9d5b837a89d2
x-cache: Miss from cloudfront
x-amz-apigw-id: FjGy8FOtyQ0FcMA=
content-length: 724750
last-modified: Fri, 12 May 2023 07:27:52 GMT
etag: "f9b7a0b3e1a17f049e966d4488b203ab"
content-type: application/javascript
cache-control: no-cache
x-amzn-remapped-date: Fri, 26 May 2023 21:02:49 GMT
x-amz-cf-id: ENtSujO_ADScwUB4SNLsYYgnGU1gN45O3XOjLBgGpdxtu1M7KbaL1Q==

GET
H2 200 app.5c09b3e0.js Show response
app.vouchconcierge.com/bot-g/js/ Frame 0A4B 266 KB
66 KB 729ms
728ms Script
application/javascript 108.139.243.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouchconcierge.com/bot-g/js/app.5c09b3e0.js
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-119.mxp63.r.cloudfront.net
Software: /
Resource Hash: dc0bbe81cc980be511fd3a1c2e26317480b02f4852afb9ef7122527d3641c13e

Request headers

Referer: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Origin: https://app.vouchconcierge.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 271986
x-amzn-remapped-server: AmazonS3
x-amz-request-id: ZS78QWRZ8DQ44RNE
x-amz-cf-pop: MXP63-P3
x-amzn-requestid: e017489f-1052-4959-bd16-d86be6631989
x-cache: Miss from cloudfront
x-amz-apigw-id: FjGzBGLLyQ0FbgA=
content-length: 67324
x-amz-id-2: wZHNQfpRveVsdIUBtZQTLwvtDzWBQ6LA4E6NCKFyOibfJJhpIXR7kjAYfgYbfUFxNjdPSzzvrls=
last-modified: Fri, 12 May 2023 07:27:52 GMT
etag: "223b0c06382d327f2e666cdd4157b0fa"
content-type: application/javascript
cache-control: no-cache
x-amzn-remapped-date: Fri, 26 May 2023 21:02:50 GMT
x-amz-cf-id: WveYQzN1IZEJA2P9ceiQnnrKVniK-1yndLDchAYBID4BPuECPNXuCw==

GET
H2 200 chunk-vendors.8663072a.css
app.vouchconcierge.com/bot-g/css/ Frame 0A4B 367 KB
116 KB 723ms
723ms Stylesheet
text/css 108.139.243.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouchconcierge.com/bot-g/css/chunk-vendors.8663072a.css
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-119.mxp63.r.cloudfront.net
Software: /
Resource Hash: af618a66111ed9bf071fd016d857728b8651e9464e0f60ca1ff51cbfe3abbc63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 375878
x-amzn-remapped-server: AmazonS3
x-amz-cf-pop: MXP63-P3
x-amzn-requestid: 9a02e3c8-0ae8-415d-bfad-4930fe8d2e0c
x-cache: Miss from cloudfront
x-amz-apigw-id: FjGzBEHBSQ0FgvA=
content-length: 118183
last-modified: Fri, 12 May 2023 07:27:52 GMT
etag: "cb81afb1c5ecaa7bb4827cc11169337a"
content-type: text/css
cache-control: no-cache
x-amzn-remapped-date: Fri, 26 May 2023 21:02:50 GMT
x-amz-cf-id: VXIUdefGkfoKj99podsgXWhM0baym9bT-kGeIcX2Tr_sShnM9V29zQ==

GET
H2 200 app.37952c9c.css
app.vouchconcierge.com/bot-g/css/ Frame 0A4B 254 KB
39 KB 718ms
718ms Stylesheet
text/css 108.139.243.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-119.mxp63.r.cloudfront.net
Software: /
Resource Hash: 747505ebc65126b1cba2b5aabf8bb9a639508ee4e44aabe250b0d97e1ccda4e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
via: 1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 259938
x-amzn-remapped-server: AmazonS3
x-amz-cf-pop: MXP63-P3
x-amzn-requestid: 0c2b8b81-5b57-4532-abef-f98b8778f410
x-cache: Miss from cloudfront
x-amz-apigw-id: FjGzBELdSQ0FYRQ=
content-length: 39600
last-modified: Fri, 12 May 2023 07:27:52 GMT
etag: "576dd6cd14ac51c7a427b6437637e160"
content-type: text/css
cache-control: no-cache
x-amzn-remapped-date: Fri, 26 May 2023 21:02:50 GMT
x-amz-cf-id: 9igYzPipS21_IHWzJE5Bmyb2q7vb8AyZDlDc0EqKkuoGOQrFu-JaSQ==

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 2 KB
643 B 183ms
64ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 19:15:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 1 KB
537 B 185ms
67ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Spectral

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ae2aa0c41cc024110a92e7457fd847c0a3e49e3ac2e81f3905dcdadd8c4c221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 21:02:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 1 KB
507 B 188ms
69ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yrsa

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d56ddb7a1b57e424963b293ef30c72c925d9a56e34d784f8bee3d5ef16d65f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 21:02:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 1 KB
556 B 186ms
67ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f445794e6e8734713c60d2a2f8ce5fb42da34bd0aec3049aac4ff2acf53064c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 19:16:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0A4B 8 KB
813 B 234ms
116ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&display=swap

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1c7fa88239175b75665aa8b7a4b465532bf32035841372f4adb24cbbe3cb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 21:02:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 2 KB
628 B 187ms
68ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c513586a4cc1a4f0cd7e2c92bdbd8b1e70dda2e57737f115bb4539ae45b1510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 19:25:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 2 KB
632 B 183ms
65ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 19:20:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 737 B
452 B 183ms
65ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sanchez

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

034b573700efdd9545c50551a39b12fa0e94af738b6e3d956121a4bbdf009ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 21:02:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 2 KB
938 B 181ms
63ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8eced1ac9efe342b56fccda049a1bc9d7276e6b23d5295e7bd5afcf67e94cbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 20:31:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 2 KB
623 B 233ms
115ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 20:09:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 730 B
447 B 235ms
117ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 19:14:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 1 KB
542 B 242ms
125ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f2080831d0145cd823a37204317c3e7ea070a9ee808e019ced5bc29e2e13596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 19:30:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 1013 B
496 B 236ms
118ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 20:01:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 758 B
462 B 236ms
119ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a217ac373f0be4d2fc0f84f0a24a5a9d118fc9ecb52454b2a8384d71b813e8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 20:40:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A4B 2 KB
592 B 237ms
120ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/css/app.37952c9c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89f091cbc141ce489df76626dd083961553c9eb282db866f35bc630b255a2b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 21:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 19:55:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 21:02:49 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-in.com/ Frame 0A4B 817 KB
162 KB 356ms
64ms Script
text/javascript 2606:4700:3038::6815:ea91

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/js/chunk-vendors.218ac605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea91 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d46c148058b3548f1390d8e3edfc6e7e24a8f1152de82a65ebd221d1b13bf108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:51 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-lcy-eglc8600029-LCY
last-modified: Fri, 26 May 2023 18:08:52 GMT
server: cloudflare
x-timer: S1685124643.824005,VS0,VE2
etag: W/"b4479daa5267445dab86158eb31296ba28c382fe9a19711071c34c806813ecc2"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09YEqk3i237pd0Gy7muh%2FvdovISG2aPumBkkrF6PBox86g5IZYnrhB5eTXqH5msIhT2SnqW%2FzeD3p83K4wS%2FdzH166aK2Ek2uddTtJ3V4psnBlbtzpe%2BKaEm2M3HCXIiv8Ez0hUuBW%2BmEArV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7cd8f626ce7e71bd-LHR
x-cache-hits: 1

GET
H2 200 sdk-hiKwpyzQp0LCEZ2W Show response
cdn.growthbook.io/api/features/ Frame 0A4B 2 KB
1 KB 215ms
61ms Fetch
application/json 18.66.112.12

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-hiKwpyzQp0LCEZ2W
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/js/chunk-vendors.218ac605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.12 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 1b1e6ed093b3548948dbd32965feae5a5ffa856db158e9b07d7aa79a8ad2bb48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.vouchconcierge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:02:15 GMT
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 36
x-powered-by: Express
etag: W/"8a5-H9gxtdrl7+dBWGy4X+Tr2Iuugu0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
x-amz-cf-id: lzkFtlRECrLajwRRR6cMXYZ5LccebMFlWSXbZ8PxDfDg6gQjX6_10A==

GET
BLOB 200
OK 708fbd68-531c-440f-b6ce-266b42be0373
https://app.vouchconcierge.com/ Frame 0A4B 451 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vouchconcierge.com/708fbd68-531c-440f-b6ce-266b42be0373
Requested by: Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/?ak=PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3&fallbackURL=https%3A%2F%2Fwww.mandai.com%2Fen.html&profile=Default
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cc8172948c5fc3f6f320a81127956f78bf293cb63b04eee4a73167fd1b07d22

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 461731
Content-Type

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0A4B 15 KB
16 KB 169ms
53ms Font
font/woff2 2a00:1450:4001:806::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouchconcierge.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 68195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 May 2024 02:06:17 GMT

OPTIONS
H2 204 style
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 246ms
245ms Preflight 13.213.177.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.177.250 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-177-250.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 21:02:52 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 style Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 0A4B 22 KB
22 KB 414ms
414ms XHR
application/json 13.213.177.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/style

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/js/chunk-vendors.218ac605.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.177.250 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-177-250.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

423dbdaa4b1fef0c78b9a64c0299ff3b36656e3c31db3722b91b9f3a80dbd7b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Fri, 26 May 2023 21:02:52 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 22032
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"5610-5muPjTBsYzgXejuq34qiarZw1Co"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 204 defaultlang
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0 248ms
248ms Preflight 13.213.177.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.177.250 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-177-250.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,content-type,ignore-cookie,url-referer
Access-Control-Request-Method: GET
Origin: https://app.vouchconcierge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: api-key,content-type,ignore-cookie,url-referer
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://app.vouchconcierge.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 21:02:53 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 defaultlang Show response
bpr.vouchconcierge.com/api/v2/widget/ Frame 0A4B 168 B
885 B 346ms
345ms XHR
application/json 13.213.177.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Requested by

Host: app.vouchconcierge.com
URL: https://app.vouchconcierge.com/bot-g/js/chunk-vendors.218ac605.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.177.250 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-177-250.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
ignore-cookie: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.vouchconcierge.com/
api-key: PU30nDK.8TzbEMFP5frYtm7H3OTKnqOT2OBe8_EZRK3
url-referer: https://www.mandai.com/en.html

Response headers

date: Fri, 26 May 2023 21:02:53 GMT
content-security-policy: script-src 'self';style-src 'self';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 168
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
wtf: FWT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vouchconcierge.com
etag: W/"a8-ABMHoOoyasvFFdqjZUdfsSlL5hk"
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ Frame 0A4B 14 KB
14 KB 57ms
56ms Font
font/woff2 2a00:1450:4001:806::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vouchconcierge.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:30:45 GMT
x-content-type-options: nosniff
age: 541928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 14:30:45 GMT

OPTIONS defaultlang
bpr.vouchconcierge.com/api/v2/widget/ Frame 0
0

GET defaultlang
bpr.vouchconcierge.com/api/v2/widget/ Frame 0A4B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Domain: bpr.vouchconcierge.com
URL: https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Domain: bpr.vouchconcierge.com
URL: https://bpr.vouchconcierge.com/api/v2/widget/defaultlang

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6QTkulczrQw
.youtube.com/	1970-01-20 16:24:46	Name: VISITOR_INFO1_LIVE Value: xq1Inz4XVw8
.vimeo.com/	1970-01-20 12:05:36	Name: __cf_bm Value: YoKPiE7sWaQLFEwtGe6mV5rnBC7qChh1RR8pBINefko-1685134964-0-AWNcdJEOZRK6QH0vWPatP+yJIvIfs62EBbZJMLpe6z5AWdr/r//2odjhjuILD/94eALbFeM58G+zeaWGyt69gvc=
.mandai.com/	1970-01-20 14:15:10	Name: _gcl_au Value: 1.1.1932718271.1685134965
.mandai.com/	1970-01-20 21:41:34	Name: _ga Value: GA1.2.857466848.1685134965
.mandai.com/	1970-01-20 12:05:35	Name: _gat_UA-23015312-4 Value: 1
.mandai.com/	1970-01-20 12:05:35	Name: _gat_szsuperrolluplp Value: 1
.mandai.com/	1969-12-31 23:59:59	Name: Value: GA1.2.857466848.1685134965
.tiktok.com/	1970-01-20 21:27:10	Name: _ttp Value: 2QLZkRLiy40S25pSgtHHaVdFXL8
.mandai.com/	1970-01-20 12:07:01	Name: _gid Value: GA1.2.1122681335.1685134965
.vimeo.com/	1970-01-20 21:41:34	Name: vuid Value: pl1348142908.543681950
.mandai.com/	1970-01-20 21:27:10	Name: _tt_enable_cookie Value: 1
.mandai.com/	1970-01-20 21:27:10	Name: _ttp Value: Syl2Zpq2cy3eYCULNpTDCharYFW
.doubleclick.net/	1970-01-20 21:27:10	Name: IDE Value: AHWqTUkq6JLk_0biUa5_ykqfkjNxZKF6_0Bd33g50CVi7fcCi56nhsKUN-NKq_tV
.mandai.com/	1970-01-20 14:15:10	Name: _fbp Value: fb.1.1685134965304.1497091518
.quantserve.com/	1970-01-20 21:35:49	Name: mc Value: 64711e75-4f426-3fa94-8486c
.mandai.com/	1970-01-20 21:30:03	Name: __qca Value: P0-806483833-1685134965033
.mandai.com/	1970-01-20 12:05:35	Name: _gat_gtag_UA_23015312_37 Value: 1
.demdex.net/	1970-01-20 16:24:46	Name: demdex Value: 89863783217815353462124517735626372427
.adnxs.com/	1970-01-20 14:15:10	Name: uuid2 Value: 4899543228013589748
.mandai.com/	1970-01-20 21:34:22	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_identity Value: CiY4OTU3ODM2NTUyODYyNzgwMzc5MjEzMzk3ODM2OTM4MjcxNDU5NFIRCNT9-86FMRABGAEqBElSTDHwAdT9-86FMQ==
.mandai.com/	1970-01-20 12:05:36	Name: kndctr_44243DF7584A9D790A495ECF_AdobeOrg_cluster Value: irl1
.mandai.com/	1970-01-20 21:27:10	Name: AMCV_44243DF7584A9D790A495ECF%40AdobeOrg Value: MCMID\|89578365528627803792133978369382714594
.yahoo.com/	1970-01-20 20:51:32	Name: A3 Value: d=AQABBHYecWQCEN_eC5e701xTwx8EKftg2GcFEgEBAQFvcmR7ZOAKyiMA_eMAAA&S=AQAAAuQA7Kjmn6lupZjR959RXT0
.sojern.com/	1970-01-20 20:51:10	Name: gid Value: CAESEE8abdzKcmcZw5N9IYJ8eYE
.sojern.com/	1970-01-20 20:51:10	Name: cid Value: 82b0b18a-e31f-949a-11b9-802cf8dec080#1685059200000
.sojern.com/	1970-01-20 14:15:10	Name: apnid Value: 4899543228013589748
www.mandai.com/	1969-12-31 23:59:59	Name: renderid Value: rend02
www.mandai.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: node01mux8yuo52l9b16utzyug3lsfx1610855.node0
www.mandai.com/	1969-12-31 23:59:59	Name: svrid Value: s223

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.mandai.com/en.html(Line 66) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.mandai.com/en.html(Line 635) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-5b891907da4bf1d7 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * https: data: 'unsafe-eval' 'unsafe-inline' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11432329.fls.doubleclick.net
164vod-adaptive.akamaized.net
ad.doubleclick.net
adobedc.demdex.net
adservice.google.co.uk
adservice.google.com
analytics.tiktok.com
app.vouchconcierge.com
assets.adobedtm.com
beacon.sojern.com
bpr.vouchconcierge.com
cdn.growthbook.io
cdn.lr-in.com
cm.g.doubleclick.net
connect.facebook.net
f.vimeocdn.com
fcmatch.google.com
fcmatch.youtube.com
files.vouch.sg
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.vimeocdn.com
ib.adnxs.com
mandai.com
match.adsrvr.org
pixel.quantserve.com
pixel.sojern.com
player-telemetry.vimeo.com
player.vimeo.com
players.brightcove.net
rules.quantcount.com
s.yimg.com
s7.addthis.com
secure.quantserve.com
smetrics.mandai.com
sp.analytics.yahoo.com
static.sojern.com
stats.g.doubleclick.net
vimeo.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.mandai.com
www.youtube.com
bpr.vouchconcierge.com
s7.addthis.com
107.178.244.119
108.139.243.119
13.213.177.250
142.250.74.198
143.204.231.84
146.75.118.109
162.159.128.61
162.159.138.60
172.217.16.194
172.217.18.6
18.66.112.12
185.89.210.122
212.82.100.181
216.58.212.130
23.35.237.37
23.36.163.138
2600:9000:223c:5c00:6:44e3:f8c0:93a1
2606:4700:3038::6815:ea91
2606:4700::6812:5f04
2606:4700::6812:6004
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1288:80:807::2
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9c
2a02:26f0:3500:591::1e80
2a02:26f0:780::210:ca09
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.120.202.204
35.244.188.9
35.71.131.137
63.140.62.135
63.140.62.164
011534ecdd7f70787286f4d8684682fda6e32391c3986012b8272adaadbd0c6b
017b544bccd71d66e8e8d7c4e5b87ab2238b09661985d6e288f9674390dda9f2
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
034b573700efdd9545c50551a39b12fa0e94af738b6e3d956121a4bbdf009ae9
036070817771d890020e1c0123d8d1c432490e0ffc556af7f2cadc581cde461d
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0697a8851503c96e20e61a2d389bd66dd7c01e5f1649061ba19c20fa73ba32d6
06e752711b9a6d20069db0bebd20d654d55816004fb0a06584f80317e2f8c90f
087c1e5bcbe2cb24a80bbb6ce653ac448ecb6671656790e6a6bd91becac293da
0af777f263c875becbe9f27168f4150b5b8abe5d3329590ada21ce000358696c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2d49da5049f8a2216cb829247d10c62b288f085b41a70df038c60cf50f1132
0cdbf9f0707d9c063801168b5668de09b7be48569dc5ba42d37f786545c29c37
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10fa31c9959e1f19a226eca226ffa078b5b4fe24cac06352e9ffcc41899b7f2c
11afd716d60cae5adf4e3f607a43fc6d3dfbbc9baa4f8addaba1259e9a23e99e
11cebf90fa954e319e5d97526f860fd1e180fceb2bb8a1e72b66a6035d05b2b9
12b54ca079b73751ef151b50783e27cb50d5777aea33af625723809d8cfa698e
181aff032e21063d9553a1b2e3e6065164489414b94ab3fbc385294208a2394b
1823f5d14bd1e012db57daf71607ff17e45e1e06867702c86207a6e980029cca
1a8e38b9d4a30195add65766cd189b0e06caa74702f91c45c87e8db9dfe51f92
1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3
1b1e6ed093b3548948dbd32965feae5a5ffa856db158e9b07d7aa79a8ad2bb48
1b501137c92b1c7c949189ebfc47a49221e5e9c174cabdeec27579abf854b9ab
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da49d72dd8cf8998a7225387428dddcb435578d81c0b4599c6bcc62fdfeeb2b
22f2a997dd301b32930509284ffd5c2e98d2d33718fdc089db039c586a13f55e
24351a9a74cf6ab827f2655f21f978fda188ba4865a9d114f6b1d898966000c2
25582cc7d9a780a6dfa37156d86ef6b13fa8a396f527a0a9c3d92ac62adc3f6b
264f650dd3288b1c8151403fdf664ca130286bb9b17317f9f74e2bb739f880dc
2730bfa0c5ad0bd9ca1d7c660bc24f9a8315760470662c8f936c3a910dae7a0b
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2aaea4deceea112c9180a3cac832f270bbced4787757f175740332595fa7ae1a
2f2080831d0145cd823a37204317c3e7ea070a9ee808e019ced5bc29e2e13596
2f445794e6e8734713c60d2a2f8ce5fb42da34bd0aec3049aac4ff2acf53064c
2f771988a30ff1eef6257e180b219ab315ea576be2d8c743fa869d2ea2bf5194
3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db
3489bdd5262d9fed79ec5e25de426da27075353ab738a2c1fe988ab2b7faa8b9
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c5e0d3c2f9c461118b50046ab73a0465e17e08eff4b58b6e7a20d41181c21c2
3cc461ec0a84dbbd7f6d8dc3076e64fd0e8210651f8c8403766141b1593cf027
3dd78f2680bd42178a3d7b263709b550940e423ee8075c632c6eb95d0b9b6d6b
3ec36f835c1b0419d10889b92584fa5295fdf693e08b8ae73b5bb47358826f14
4118df788ea26ceb09e9a5abaa16e4e2e620e58c2a85aa0f6b0e30a1e2905598
4129d9a12355befd8dd0d71f95f469e69aa1b4c25d40157056c6e1a425f47bcc
423dbdaa4b1fef0c78b9a64c0299ff3b36656e3c31db3722b91b9f3a80dbd7b5
42f1a463859900410614d76b00c6eb2dfec4a8bf7e6b30793549c2038e67e514
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4488938593f44847e046460f5178c8af28fdbde3a076a6161250ca53f1a914f9
45144a93ef7e117598736fb873741662208e2fe7058cf76879aff799805e3128
47173a026cafa3c624fd1b794afaa5de17f4a5cec1b1507e03935ff942ce1bda
49724f4201be3f73d08bc92e334baec5f832ee4978d80f5634c1e42bfc4e6265
4ae2aa0c41cc024110a92e7457fd847c0a3e49e3ac2e81f3905dcdadd8c4c221
4bf04e11a2580955f11cb0b617bd023c560b5420ca480d908bd2a0c256f67f73
4dd70860c19dc151314d385c5ee4aa15666dcbf01a79c5fc865b9dfbe6dd0862
51f0a39cced108571e144355b1a5b86b5ba2ddc4667d7e27b55411c09d3af1ed
53f4304fcfffea6d7e9cc1d00997ac8cfa9f2ff1c270d7c21bccc957bc6f84f9
5441c498fea7805e07844dfa8db6d8dcc5cdc0c21e47450f06ec741b22e96257
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
56d0c0b2f54ca7d8140dd0f72c101a63e67c65a7b05e996386c32d52a357ec45
577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9
5808c26bad9b348bf5550ed0959e9da53bb98f31a5d8b3149f14162993faee74
587502b2bd968ca1bd87458f5efe3d57da682e37f9842333f0dbdcced9b46114
58c4068a67c3ee377589875407fb9124cddfcc30cfe393bfabf7ad67615447b4
5b38a007c037aaeac3d2977726a1b40293ea43c49af560cc39331dd60853beda
5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f
5c82c8e08221bc7f060b619b3daa70d444f7b292e69c0bc32f7c8259c942b977
5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9
5cc8172948c5fc3f6f320a81127956f78bf293cb63b04eee4a73167fd1b07d22
5cd2929541a7a51f97e2e9d53d49602e1dc4ba7d2dee3de16417e501407d1b9f
5d56ddb7a1b57e424963b293ef30c72c925d9a56e34d784f8bee3d5ef16d65f8
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
605d880eec322dbbfb8c51c9696dd676fd5dfa0fb1df786623a838259530b504
623edc66f2c326a0b290806a0197d3256736f9a8307551fe77d3ad456232e541
6312d25f719bf227da2257f3435038d5129a1077833751610958f9e4c3e34800
6710ad42fe2df8ae514699a0a06fdaa6e1d34edb89fed555ca289cf258a2a4f9
6a0c98eafce42a3d3665bd018092711d99a9175c396b9fd23a8fab2cd189fe35
6a28473bf583d915b598718433123a861ba39f2d8120fb31f65634dd7fc8e608
6aeb2f75f0404a841f293ebf83b53a0d495655c71034f0750504fe2a2f6301ab
6c513586a4cc1a4f0cd7e2c92bdbd8b1e70dda2e57737f115bb4539ae45b1510
6dc077d5d1e2fa3180f45be2de60785463efd63ec571991dc73a77af6e4e96b1
6f210a70803bcc6e261706ffb0a7ef491cdcb9f384ad4d9eb9e962aea5615187
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
747505ebc65126b1cba2b5aabf8bb9a639508ee4e44aabe250b0d97e1ccda4e7
74837b9da9e7adef5dc375b4cf85495a14ea1cb9160ab5047c9de72517eb8aae
74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee
77f8c10b20f0c532dee2f105d3e782cb5662f1285a19f635d15ed6c86e3e37b4
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
7bd03851e3e84926fcf32756e7275aeec02d6f2bc9bf8292a2f7bb42cbfeab83
7cab82ea75cd66e69e3594efc140c1dbd58bf1f11091ea0af05dbe97e8ffde24
7d11dc673c942b0508ded27776244395d4e30366b695f34ad340d155681d12f6
7d66b120a80394fae1a9f508a99f276972d9e0bb90c17ee304deadeaf088ebe2
7fee08728b501812ba1c44658ad4ef459c107d78bd6e5b27c8ff80f110c34c04
8296c58bbe89c5e6760409f8e3c6b858e2ac30ecbc9340db95c7e9a0ad52efa5
83cfe7a09abf6fac9cdaf5d6da2c07b859cbad7075a062db25855927d4b000b6
8718dc2b8ccfa6b8b7fce0a0c8b77f94e7d2ee9805e03c6b026b50dd49fceb8f
88cce0815e3cc88f1a1003ffada8edf3f311595ecebc8ca5a35c2bc6383efad2
89f091cbc141ce489df76626dd083961553c9eb282db866f35bc630b255a2b7a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e79c2984d4f109cb17bc30ac8cef10768d2de4a376ccab96c8f1548de115430
8eced1ac9efe342b56fccda049a1bc9d7276e6b23d5295e7bd5afcf67e94cbd5
900a288c395b648fd5fae5399cb8eee9e70dd9d110b53667255953848f3b5a21
959ce16bde5f4a7c1a6169db07dcc054bd5e587a7cc61f6bee313e5005d0ce81
98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e
9bfc93c4f6b851a90a552aa1079dbc0cee7e702a76ce3589d2223532327b5385
9ea384fb54a0602e5626e8cc5aaf5f4072d7cbdb8592d34fd5913aef6cecebcc
9f638cae73c4d4f0cf4e1e46a0495c3109ddac3d9794f4f32e2f0c451d31f833
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a217ac373f0be4d2fc0f84f0a24a5a9d118fc9ecb52454b2a8384d71b813e8e0
a24ab72dbe26c182293abdaf8bab532cbe85d501fc8dbdc1851ad72b94c2aebf
a2bb0e180446cb8909ad161b1c8ffe54b7eab5eb171803fa603d9068a0f7e5b7
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
a707af12eaa765cd10949a013545c151a21337cfc566bead3a53cd686c85dad0
aa84a5453b4580d357e409198d46e8bc79b2257cfa607e1bd47826acf032c947
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed04a9b6331923471bee0e2e44ff38b94e68971bd20b735e89f91ab3c0ff64c
af618a66111ed9bf071fd016d857728b8651e9464e0f60ca1ff51cbfe3abbc63
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b60dabc163081fe6317a7959c57a5394a9a43ed22ed2f7d1130b6b875d9e8a24
b6c268f25c10288dfea40e14c3ab52cf0d608c22fa6dff0754da13353452f371
b80665f64f8220669d7a1e882fef1bc543b4574f46d6914d2ed01c3e01f466c5
b82adc50395280274b3baf6b4b03c1af1c4ca610121d957119864d97fb9f4217
b9fac97615f82f9f0b5ade2237b7ff6f487247067654563f8dc7474c6051b2a7
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bbeee5eb65eb3d90fa4a4191e1c70b4391b7999d931658b9b45dd2c783194eb5
bc08e1d211115c0c8af155b6babd95a738768ed55f5367def19ce0ab2801c9ec
be76dbe2049630875c9035d09397c5fd05b522e184afb1f79e42f3ab351a1e52
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c0b157ef9fe14fe21d23507feb0038e4425a7fdde9986da1193cf054cfa56890
c17029f9083794e867b2164edf4f6f4fdd5fb62bc6316f0a3459611732dd29ab
c1ba54ace5ec9ffcfe936b694be4b70a7d3f906900a2e07b419f5e1c6819ce97
c49ff62cbd253d5b3a8784bf05d4eaf15ad92d8a7069799883aa5dc2ef32b638
c4fa5f5b901d9ca372d4d1c0e6965f431f523bc99dfee78453c390f419decd91
cc99d1e20fe5bd9007cc2b33de0590229319d95be0f877376855d1bfd0a44f61
ceccf9d6d052f0ddf12355af8deea5102a796f2d5432b2a444352f3fc938c1d8
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d13f70bc882993f6d4640e60bed4b5fe27e10dc75f17fbd0bc7672a3ecfdf42f
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
d24c78deef6284bcaecba79a0b8698a016d579e86a1eff6eecaea09477256db8
d26d5391c3fd298af377388f1537f4e694f8b79977f658cb5d4e72dbdf19d603
d3eb9355454377f07950e64e4526ea72180cc95ed3ed5cfe5d142f0ef1465a12
d3fc9971e8317cc70bb327ee2669908420f3c23aebb06de1e66edf052ee29236
d46c148058b3548f1390d8e3edfc6e7e24a8f1152de82a65ebd221d1b13bf108
d652fdfc6174c5b36f11a200a83b14e5f78ccb4278efa344c65667588896b827
d65333016e519f3601909a35c59bbc6315f46eecdc3c31d3d7bf36984f141ba0
d67b6849fcd40d27bac12b6329a27194a90c215d19ffdfc10586da449d13d11d
d899949bd1dedf52fbdfd593e6ba48e64645cd0eda16854f26ee07416e17ed18
dc0bbe81cc980be511fd3a1c2e26317480b02f4852afb9ef7122527d3641c13e
dca70c25e1c1867e8f0fdcbaf74ee7b8fcb15ba448d82ffbe1c14c87bf7f05fb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
df809c8c68e16dc3e7174dbf19fa156c67af0acae5298c78a7b76a9993551bb8
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e848630f271080a33f9f680fd046834dc8c137d8655d99d2ac769e6204bbe8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9e4d368f9e9ca3e8f01c131adf5b86c61d9324c8a7b5280fd8bcd6b901ca2e5
ea072d94566d3b23d5cffd6ba378a1b10c572ada79c05956d53764c7b06a68b6
ebb72a8ee62da54956da7d5cd3ca05420d319a9d34e14896a07fc85491666349
ec26b37105adacad70aca3692f80e3dab073f06639daa80f8adcede6af60d76c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee80d91f265e0e3faa0e88d82bcdd90547c63970a6145fc00917b4a19dc7680d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00b8fae4214c99be41aa6a12ecfb93d7fe12605bda0f6b14accf36d9a904b85
f15f8225783d294f040145b0129d2171e53a5a0cddc4359c9b092f17aca2ef72
f16c1964029d249200dbf63d37b09386a79a238cd6da4e2d11dc65472158324a
f266562cadb3de915f5b94cfe30003a93e4c5c66e5ee27ba5e22e2dbb8dc4a5d
f2a4031534936da754801f3a1272d6af544b0780bc53e69cc0ea3aabfe52c361
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a1a55f57197d417e1a05872b6d5fa12e26ad6758a63cf872538fab0eac5a3f
f75b96abf98a7f4874b54f268b85ba2b2fa261741afa891097537bcfa1e73fd3
f7e7c52fa762c3cbb9a9c2625d96b6922064811afca8eb1170b6d6aa1fbc76f1
f9aea4dc1adbeefc9bb308fe80a905349937980451c06dc988cf20ef5c20f918
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fb1c7fa88239175b75665aa8b7a4b465532bf32035841372f4adb24cbbe3cb0c
fe5362340337c48ebcddba8249dffa07ffae6876992538350f6dcdb956021fa5

www.mandai.com Open in urlscan Pro 2606:4700::6812:5f04 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

95 %HTTPS

52 %IPv6

31 Domains

50 Subdomains

40 IPs

7 Countries

16851 kBTransfer

27541 kBSize

30 Cookies

16 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandai.com Open in urlscan Pro
2606:4700::6812:5f04 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

95 %
HTTPS

52 %
IPv6

31
Domains

50
Subdomains

40
IPs

7
Countries

16851 kB
Transfer

27541 kB
Size

30
Cookies

207 HTTP transactions
3 data transactions