Submitted URL: http://www.mandatemedia.com/
Effective URL: https://www.mandatemedia.com/
Submission: On February 17 via api from US

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 64 HTTP transactions. The main IP is 2606:4700:20::681a:70e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandatemedia.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 31st 2019. Valid for: a year.
This is the only time www.mandatemedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 216.58.207.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 3 18.195.176.77 16509 (AMAZON-02)
2 23.37.48.116 16625 (AKAMAI-AS)
2 2a03:2880:f02... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 23.210.248.216 16625 (AKAMAI-AS)
2 9 34.253.138.232 16509 (AMAZON-02)
64 19
Domain Requested by
27 www.mandatemedia.com 1 redirects www.mandatemedia.com
8 d.adroll.com 1 redirects
5 s.adroll.com 1 redirects www.mandatemedia.com
s.adroll.com
5 fonts.gstatic.com www.mandatemedia.com
3 l.sharethis.com 1 redirects www.mandatemedia.com
2 ssl.google-analytics.com www.mandatemedia.com
2 connect.facebook.net www.mandatemedia.com
connect.facebook.net
2 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
2 www.google-analytics.com www.googletagmanager.com
www.mandatemedia.com
2 www.googleadservices.com www.mandatemedia.com
www.googleadservices.com
2 www.emailmeform.com www.mandatemedia.com
www.emailmeform.com
1 d.adroll.mgr.consensu.org 1 redirects
1 www.google.de www.mandatemedia.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 ajax.googleapis.com www.emailmeform.com
1 www.facebook.com www.mandatemedia.com
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 fonts.googleapis.com www.mandatemedia.com
1 platform-api.sharethis.com www.mandatemedia.com
1 www.googletagmanager.com www.mandatemedia.com
64 22
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-07-31 -
2020-07-30
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
*.sharethis.com
Go Daddy Secure Certificate Authority - G2
2017-09-26 -
2020-09-29
3 years crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
emailmeform.com
CloudFlare Inc ECC CA-2
2020-02-13 -
2020-10-09
8 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
*.sharethis.mgr.consensu.org
Go Daddy Secure Certificate Authority - G2
2018-05-21 -
2020-05-21
2 years crt.sh
cert1.a1.atm.aqfer.net
Let's Encrypt Authority X3
2019-12-26 -
2020-03-25
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh
*.google.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
www.google.de
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2020-01-29 -
2021-04-29
a year crt.sh
adroll.mgr.consensu.org
Amazon
2019-11-06 -
2020-12-06
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.mandatemedia.com/
Frame ID: 939BB6891E7CC957FBF3F8191E9F34F6
Requests: 61 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal.html
Frame ID: FCD01652605DF2BF211E9F053BDB9AD6
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=0.369.18588&cid=c010&cls=B
Frame ID: 79CBE16F089C1D07FFC55FF8888DA091
Requests: 1 HTTP requests in this frame

Frame: https://www.emailmeform.com/builder/embed/l099SO6C6dQ
Frame ID: 99E166FC415EDB1F36597FEB2981798E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.mandatemedia.com/ HTTP 301
    https://www.mandatemedia.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

64
Requests

100 %
HTTPS

76 %
IPv6

15
Domains

22
Subdomains

19
IPs

4
Countries

2354 kB
Transfer

2765 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mandatemedia.com/ HTTP 301
    https://www.mandatemedia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://l.sharethis.com/pview?event=pview&hostname=www.mandatemedia.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.mandatemedia.com%2F&source=sharethis.js&fcmp=false&title=Mandate%20Media&cms=unknown&publisher=5acb98bf003b52001341b765&sop=true&ts1581948223786=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en HTTP 301
  • https://l.sharethis.com/sc?cm=CiAABl5KnT8AAAATLYa5Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.mandatemedia.com%2F&publisher=5acb98bf003b52001341b765&sop=true
Request Chain 51
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://www.mandatemedia.com/&tiba=Mandate%20Media&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QJ1KXpfpIZHdgAfyrbrYCw&sscte=1&crd=&gtd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.mandatemedia.com/&tiba=Mandate%20Media&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=228243349&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.mandatemedia.com/&tiba=Mandate%20Media&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=228243349&resp=GooglemKTybQhCsO&ipr=y
Request Chain 53
  • https://s.adroll.com/j/exp/JIR4Y3WYJ5GJ5GX6KXXAXH/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 55
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/JIR4Y3WYJ5GJ5GX6KXXAXH?_s=135bb60c112a294e2422000c3d584efe&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/JIR4Y3WYJ5GJ5GX6KXXAXH/?_s=135bb60c112a294e2422000c3d584efe&_b=2
Request Chain 56
  • https://d.adroll.com/pixel/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5?adroll_fpc=c1f9315202284f12ee55c7aad91e1892-1581948225977&xid_ch=f&pv=22951820382.256027&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.mandatemedia.com%2F HTTP 302
  • https://s.adroll.com/pixel/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5/2UNATWZWQ5DJNIP4VQXTUB.js

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.mandatemedia.com/
Redirect Chain
  • http://www.mandatemedia.com/
  • https://www.mandatemedia.com/
11 KB
4 KB
Document
General
Full URL
https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b40976d5d67c0f94b08ab6383914121f3c0872c8b5a0a3854b98cee17fc3ec

Request headers

:method
GET
:authority
www.mandatemedia.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

status
200
date
Mon, 17 Feb 2020 14:03:43 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4d4d64df8a4ab964293f066e2fa7b8151581948223; expires=Wed, 18-Mar-20 14:03:43 GMT; path=/; domain=.mandatemedia.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56684e6c4821d72d-FRA
content-encoding
br

Redirect headers

Date
Mon, 17 Feb 2020 14:03:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 17 Feb 2020 15:03:43 GMT
Location
https://www.mandatemedia.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
56684e6a0ce163b9-FRA
js
www.googletagmanager.com/gtag/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1050908-2
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b27e7271e9be3996778998282d4f3cab29bca345b474f05762fc07d8e601f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28494
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Feb 2020 14:03:43 GMT
redesigncore1.css
www.mandatemedia.com/media/css/
139 B
244 B
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/redesigncore1.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f886254958b97c9f1d48ab3c9fbd4883d3d436f64f2f9471763efadc4edc1f

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 13:13:50 GMT
server
cloudflare
etag
W/"1db763-95-58f0e0339ff80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
cf-polished
origSize=149
cf-ray
56684e6dec8fd72d-FRA
cf-bgj
minify
sharethis.js
platform-api.sharethis.com/js/
90 KB
28 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6200:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af92b9af6ba3092c044392917d1a68eb916f25c3235ecdbd21e8c350161db214

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 13:59:44 GMT
content-encoding
gzip
age
243
etag
W/"1681c-qglTwxY3G+VlImeYQ0adeXQrPwQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
status
200
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Tp4n6aY7tfrAxioxpYL7ArS7fPtztd8kj8Qhnv49L0SbgicvTIGkZw==
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
css
fonts.googleapis.com/
2 KB
493 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,600,700,800|Roboto:300,500,700,900
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9bbf519807016df6f5e618b34a4d001a48d7a2b1478541e89dfc4ec5873c9d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
access-control-allow-origin
*
date
Mon, 17 Feb 2020 14:03:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 17 Feb 2020 14:03:43 GMT
headerlogo.png
www.mandatemedia.com/media/images/
4 KB
4 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/headerlogo.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da2fbb370c34a670d7124e8d66336186b6e657c40ad32f8acb50fb214609016

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 17:43:28 GMT
server
cloudflare
etag
"1db768-e1a-58efda9ab5000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e62d72d-FRA
content-length
3610
arrow-left.png
www.mandatemedia.com/media/images/
2 KB
2 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/arrow-left.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e628d52bebd693705b91513177105a0390b76a9c602bd96cc17dfbd861abac

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:42:41 GMT
server
cloudflare
etag
"1db76b-663-58ee7054bda40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e65d72d-FRA
content-length
1635
arrow-right.png
www.mandatemedia.com/media/images/
2 KB
2 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/arrow-right.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aef8c0a6b2aaed96682eed6df4ff39b05fdb086795e6d0ac5a04f98e0b0b233

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:42:45 GMT
server
cloudflare
etag
"1db76a-657-58ee70588e340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e67d72d-FRA
content-length
1623
merkley.png
www.mandatemedia.com/media/images/
129 KB
130 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/merkley.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9444805a0e13996015bd0f6b2146c558b250eafc4550fb0b51bf6e715ac5976

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:45:26 GMT
server
cloudflare
etag
"1db77c-2057a-58ee70f218d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e69d72d-FRA
content-length
132474
merkley.portfolio.png
www.mandatemedia.com/media/images/
245 KB
246 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/merkley.portfolio.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3137b7d55dba01c0f7a3de2510bfb202f9546f78ddeaa9c15035e7eaa449aa61

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 15:18:45 GMT
server
cloudflare
etag
"1db781-3d570-58ee78647df40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e6ad72d-FRA
content-length
251248
rubio.portfolio.png
www.mandatemedia.com/media/images/
235 KB
235 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/rubio.portfolio.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5adf31d41f372587e6933615ad9651cb02e6b41e53d639d2e2263ae04a81d51

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 15:18:40 GMT
server
cloudflare
etag
"1db782-3ac61-58ee785fb9400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e6bd72d-FRA
content-length
240737
portfolio.kennedy.2020.png
www.mandatemedia.com/media/images/
205 KB
205 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/portfolio.kennedy.2020.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d62aca3d9f71a14582a7f591ec7a0c465535d2e63e403203e2be7d7508bb609

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Feb 2020 18:20:07 GMT
server
cloudflare
etag
"1db7b1-332d6-59e6505a2e3c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e6fd72d-FRA
content-length
209622
portfolio.rosenblum.png
www.mandatemedia.com/media/images/
223 KB
223 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/portfolio.rosenblum.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8c0a481d8b1fb6bdec7b846f57d130d24b18459de761eedc44c255971543f

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 15:18:48 GMT
server
cloudflare
etag
"1db780-37a4c-58ee78675a600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e73d72d-FRA
content-length
227916
portfolio.wyden.png
www.mandatemedia.com/media/images/
209 KB
209 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/portfolio.wyden.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f5c8ed6dd7386e16d721238329776abae0e407a3506ffa69f3d1c46ea66145

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 15:18:51 GMT
server
cloudflare
etag
"1db77f-343b6-58ee786a36cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e74d72d-FRA
content-length
213942
portfolio.rice.png
www.mandatemedia.com/media/images/
266 KB
267 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/portfolio.rice.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d701d42f14b9d973b033344c852565ff7ca06539ffda37a857a2f75d58de7d02

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 15:18:58 GMT
server
cloudflare
etag
"1db77d-42988-58ee7870e3c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e75d72d-FRA
content-length
272776
logo.2019.png
www.mandatemedia.com/media/images/
14 KB
14 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/logo.2019.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431a16eb3f8f7ce5995fc3fcdc9c25637e55d9bed1607f8c692d4d9263e6da38

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:22:52 GMT
server
cloudflare
etag
"1db76e-3744-58ee6be6d2700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e76d72d-FRA
content-length
14148
footerlogo.png
www.mandatemedia.com/media/images/
2 KB
2 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/footerlogo.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7123edade5197ebb327a50c57eec8a6ccf6e6602a741200dfb2e2bd787f31c

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 17:38:12 GMT
server
cloudflare
etag
"1db769-765-58efd96d58900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e78d72d-FRA
content-length
1893
l099SO6C6dQ
www.emailmeform.com/builder/forms/jsform/
4 KB
2 KB
Script
General
Full URL
https://www.emailmeform.com/builder/forms/jsform/l099SO6C6dQ
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:865b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c30744e88101521da9d5ec8170f25c5b09854705d8dbbc3a38f47624542e6bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1652
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset: utf-8;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
56684e6eba2d649d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
phone.png
www.mandatemedia.com/media/images/
612 B
716 B
Image
General
Full URL
https://www.mandatemedia.com/media/images/phone.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d349017c6ecca6587bad3d0100bbc691e8d76bb27c6182c5fec0211a13fef5f

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:22:55 GMT
server
cloudflare
etag
"1db76d-264-58ee6be9aedc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e7ad72d-FRA
content-length
612
linkedin-circle.png
www.mandatemedia.com/media/images/
698 B
803 B
Image
General
Full URL
https://www.mandatemedia.com/media/images/linkedin-circle.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38428504e47dccd01187adbcdacb414174a0db219b5431fbfca8ee4352415cb9

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:22:59 GMT
server
cloudflare
etag
"1db771-2ba-58ee6bed7f6c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e7cd72d-FRA
content-length
698
twitter-circle.png
www.mandatemedia.com/media/images/
827 B
932 B
Image
General
Full URL
https://www.mandatemedia.com/media/images/twitter-circle.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2cf30eac9edf59a1d63fdc19a2e98a00c8a6db63ef1d850937f64d0a68b73d

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:23:03 GMT
server
cloudflare
etag
"1db770-33b-58ee6bf14ffc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e7ed72d-FRA
content-length
827
facebook-circle.png
www.mandatemedia.com/media/images/
648 B
753 B
Image
General
Full URL
https://www.mandatemedia.com/media/images/facebook-circle.png
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d07a46da075cf214bb28f94db0e7b946f3370970dd11af7ebf861014dc11d4

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:23:07 GMT
server
cloudflare
etag
"1db76f-288-58ee6bf5208c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6e7e7fd72d-FRA
content-length
648
conversion.js
www.googleadservices.com/pagead/
25 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
b1e43308ad37fba80d03dac9a497a96febac77a457711dab836dcf12efb80cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9855
x-xss-protection
0
server
cafe
etag
7067135177091508594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Feb 2020 14:03:43 GMT
redesignhandheld2.css
www.mandatemedia.com/media/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/redesignhandheld2.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa362620c51decf9eba4f5536f9aac4c63eb43d1188ab2ba8a4ece7dd34bd6b

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Aug 2019 15:28:33 GMT
server
cloudflare
etag
W/"1db766-c8f-58f9cb5e66a40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
cf-polished
origSize=3215
cf-ray
56684e6e7e80d72d-FRA
cf-bgj
minify
print.css
www.mandatemedia.com/media/css/
483 B
391 B
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/print.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814672b9e9b6d6e1fbcd4151e78f409d94e0385ada09047643449bd1732c4d92

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Feb 2013 07:36:36 GMT
server
cloudflare
etag
W/"66a50b-20c-4d4f544f7a900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
cf-polished
origSize=524
cf-ray
56684e6e7e81d72d-FRA
cf-bgj
minify
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1050908-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5411
date
Mon, 17 Feb 2020 12:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 17 Feb 2020 14:33:32 GMT
collect
www.google-analytics.com/r/
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1856976883&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandatemedia.com%2F&ul=en-us&de=UTF-8&dt=Mandate%20Media&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=775867627&gjid=1752213329&cid=637388885.1581948224&tid=UA-1050908-2&_gid=826815546.1581948224&_r=1&gtm=2ou250&z=1304923690
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
5acb98bf003b52001341b765.js
buttons-config.sharethis.com/js/
404 B
750 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/5acb98bf003b52001341b765.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:3600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e669cec09ba48156baa648341689d95dee2ab832a225c3eea54c57b72b98449d

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 14:03:45 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
last-modified
Mon, 09 Apr 2018 16:49:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"f240a3312f522526b0cf801a157405aa"
x-cache
Miss from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=60,public
accept-ranges
bytes
content-length
404
x-amz-cf-id
96SufIuPzZsUNeqQbq_kfH9UwbB9VoBmrI_dlF73zLqUhjhOTNflsQ==
portal.html
c.sharethis.mgr.consensu.org/ Frame FCD0
0
0
Document
General
Full URL
https://c.sharethis.mgr.consensu.org/portal.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b800:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.mandatemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
iframe
Referer
https://www.mandatemedia.com/

Response headers

status
200
content-type
text/html; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
accept-ranges
bytes
last-modified
Mon, 27 Jan 2020 20:26:17 GMT
content-encoding
gzip
date
Mon, 17 Feb 2020 13:59:33 GMT
cache-control
max-age=600, public
etag
W/"3802-16fe8aef228"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
RdC-QoVr_Wt5F-MUiGal_krzm12f4SL92JSUZW9ia9RAUO6tZLkc8g==
age
250
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=www.mandatemedia.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.mandatemedia.com%2F&source=sharethis.js&fcmp=false&title=Mand...
  • https://l.sharethis.com/sc?cm=CiAABl5KnT8AAAATLYa5Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.mandatemedia.com%2F&publisher=5acb98bf003b52001341b765&sop=true
0
-1 B
XHR
General
Full URL
https://l.sharethis.com/sc?cm=CiAABl5KnT8AAAATLYa5Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.mandatemedia.com%2F&publisher=5acb98bf003b52001341b765&sop=true
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.176.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-176-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

Date
Mon, 17 Feb 2020 14:03:43 GMT
Location
/sc?cm=CiAABl5KnT8AAAATLYa5Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.mandatemedia.com%2F&publisher=5acb98bf003b52001341b765&sop=true
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.mandatemedia.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
Content-Length
181
Stid
CiAABl5KnT8AAAATLYa5Aw==

Redirect headers

Date
Mon, 17 Feb 2020 14:03:43 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.mandatemedia.com
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location
/sc?cm=CiAABl5KnT8AAAATLYa5Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.mandatemedia.com%2F&publisher=5acb98bf003b52001341b765&sop=true
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
Content-Length
181
Stid
CiAABl5KnT8AAAATLYa5Aw==
redesignscreen1.css
www.mandatemedia.com/media/css/
76 B
158 B
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/redesignscreen1.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584fb513f950d773a12af14dc6f8f1085057f3e468ca013027ff016fa5a04d64

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2019 13:13:59 GMT
server
cloudflare
etag
W/"1db764-5f-58f0e03c353c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
cf-polished
origSize=95
cf-ray
56684e6f0807d72d-FRA
cf-bgj
minify
antiscreen.css
www.mandatemedia.com/media/css/
0
107 B
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/antiscreen.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Mar 2013 14:43:06 GMT
server
cloudflare
etag
"1da641-0-4d7a730dad280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e6f0808d72d-FRA
content-length
0
cf-bgj
minify
sc
l.sharethis.com/
51 B
511 B
XHR
General
Full URL
https://l.sharethis.com/sc?cm=CiAABl5KnT8AAAATLYa5Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.mandatemedia.com%2F&publisher=5acb98bf003b52001341b765&sop=true
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.176.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-176-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
fa504e2b592a29fa48fc8262607c53a84e8cdced4440fb475ac7dd35b011342e

Request headers

Referer
https://www.mandatemedia.com/
Origin
https://www.mandatemedia.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

Date
Mon, 17 Feb 2020 14:03:44 GMT
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.mandatemedia.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
Content-Length
51
Stid
CiAABl5KnT8AAAATLYa5Aw==
t.dhj
t.sharethis.com/1/d/
2 KB
1 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.mandatemedia.com&gdpr_domain=.consensu.org&rnd=1581948224022
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.48.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-48-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
153b331df13b27501f80988be240ed32d1872072c06d25e670b2447b436962e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 14:03:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
960
Expires
Mon, 17 Feb 2020 15:03:44 GMT
reset.css
www.mandatemedia.com/media/css/
616 B
412 B
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/reset.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec52fb95a4eb70611efb452ed720f5f43fdbf96d43e2dedab8f3cd75bc55939

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Feb 2013 07:36:36 GMT
server
cloudflare
etag
W/"66a507-270-4d4f544f7a900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
cf-polished
origSize=624
cf-ray
56684e703b17d72d-FRA
cf-bgj
minify
redesigntext.css
www.mandatemedia.com/media/css/
572 B
403 B
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/redesigntext.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13284e23d4ed463b67bd4196bafa57c26c83cab0d5323e65dc218ee6842e7b6

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 18:03:51 GMT
server
cloudflare
etag
W/"1db765-290-58efdf290cfc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
cf-polished
origSize=656
cf-ray
56684e703b19d72d-FRA
cf-bgj
minify
redesigncustom1.css
www.mandatemedia.com/media/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.mandatemedia.com/media/css/redesigncustom1.css
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814c56e4d9df7f804970beb57eefdc56e6b93d4cbe5d92dc3edd3ba8226ca3b2

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Jan 2020 19:34:48 GMT
server
cloudflare
etag
W/"1db767-3511-59d74aaa10600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2073600
cf-polished
origSize=13585
cf-ray
56684e704b1bd72d-FRA
cf-bgj
minify
t_.htm
t.sharethis.com/a/ Frame 79CB
0
0
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=0.369.18588&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=www.mandatemedia.com&gdpr_domain=.consensu.org&rnd=1581948224022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.48.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-48-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
t.sharethis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://www.mandatemedia.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__stid=CiAABl5KnT8AAAATLYa5Aw==; __stidv=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
iframe
Referer
https://www.mandatemedia.com/

Response headers

Content-Length
1084
Cache-Control
max-age=604800
Expires
Mon, 24 Feb 2020 14:03:44 GMT
Date
Mon, 17 Feb 2020 14:03:44 GMT
Connection
keep-alive
Content-Encoding
gzip
P3P
policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type
text/html
X-Robots-Tag
noindex, nofollow
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb1313b749106aeec0e91e4ac8be57e07fdb8ea62332a402ee3675d4e89aafe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FT5Ix8vkVWVDZo5Y7U/i0A==
status
200
date
Mon, 17 Feb 2020 14:03:44 GMT, Mon, 17 Feb 2020 14:03:44 GMT
expires
Mon, 17 Feb 2020 14:20:22 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1780
x-fb-debug
nkFmpeHOQankquUClBcf6ZEhLWEGFyfyXimkxI2i7x/8RvxCQQKu3uZ1ncwnupAorT/+oU4SiRJPOvrSkDenRg==
x-fb-trip-id
1850256238
x-fb-content-md5
6ffa090b6640b513f79d86899bc71090
etag
"e3d88c152c04dd631907c1ac18e11b11"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
womanpodium.jpg
www.mandatemedia.com/media/images/
495 KB
496 KB
Image
General
Full URL
https://www.mandatemedia.com/media/images/womanpodium.jpg
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699af7342a1ef7b1f65d9d58552b2b43f8502818c731797186022f7d5ca313b0

Request headers

Referer
https://www.mandatemedia.com/media/css/redesigncustom1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2019 14:40:16 GMT
server
cloudflare
etag
"1db76c-7bbab-58ee6fca75400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2073600
accept-ranges
bytes
cf-ray
56684e71cf0dd72d-FRA
content-length
506795
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:400,600,700,800|Roboto:300,500,700,900
Origin
https://www.mandatemedia.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

date
Wed, 05 Feb 2020 01:51:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
1080752
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15784
x-xss-protection
0
expires
Thu, 04 Feb 2021 01:51:12 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v14/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:400,600,700,800|Roboto:300,500,700,900
Origin
https://www.mandatemedia.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

date
Tue, 04 Feb 2020 19:19:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
1104276
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
19172
x-xss-protection
0
expires
Wed, 03 Feb 2021 19:19:08 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v14/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:400,600,700,800|Roboto:300,500,700,900
Origin
https://www.mandatemedia.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

date
Tue, 04 Feb 2020 20:14:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:42 GMT
server
sffe
age
1100958
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
19264
x-xss-protection
0
expires
Wed, 03 Feb 2021 20:14:26 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v14/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:400,600,700,800|Roboto:300,500,700,900
Origin
https://www.mandatemedia.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

date
Fri, 31 Jan 2020 23:33:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:01 GMT
server
sffe
age
1434601
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
19480
x-xss-protection
0
expires
Sat, 30 Jan 2021 23:33:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:400,600,700,800|Roboto:300,500,700,900
Origin
https://www.mandatemedia.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

date
Sat, 18 Jan 2020 01:18:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
2637896
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15872
x-xss-protection
0
expires
Sun, 17 Jan 2021 01:18:48 GMT
sdk.js
connect.facebook.net/en_US/
199 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3dd0b9d111c6263c651d1d59fd15ad42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3ab78f43fbfe74139b2c8d5ea4c616c3ff7c3cdae9f5ddbee01dede3c6628f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.mandatemedia.com/
Origin
https://www.mandatemedia.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
EIoTQ90+Pn5QmAANcI47pQ==
status
200
date
Mon, 17 Feb 2020 14:03:44 GMT, Mon, 17 Feb 2020 14:03:44 GMT
expires
Tue, 16 Feb 2021 13:58:48 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
61024
x-fb-debug
npUleGnsuKqPapRcYyFUPlEMVNS1IyxMqfQZNuR+pp7LnKQ7cK90Okexms6pBp+fQ+uLUONiuhQarMzYOxVZYw==
x-fb-trip-id
1850256238
x-fb-content-md5
ac16ac4567e244a6f9fe39ded582a146
etag
"934333378ffc66c55707f2e80d7d6dc6"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
/
www.facebook.com/tr/
44 B
258 B
Image
General
Full URL
https://www.facebook.com/tr/?id=178436808880815&ev=fb_page_view&dl=https%3A%2F%2Fwww.mandatemedia.com%2F&rl=&if=false&ts=1581948224353&sw=1600&sh=1200
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 14:03:44 GMT, Mon, 17 Feb 2020 14:03:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 14:03:44 GMT
l099SO6C6dQ
www.emailmeform.com/builder/embed/ Frame 99E1
0
0
Document
General
Full URL
https://www.emailmeform.com/builder/embed/l099SO6C6dQ?
Requested by
Host: www.emailmeform.com
URL: https://www.emailmeform.com/builder/forms/jsform/l099SO6C6dQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:865b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.emailmeform.com
:scheme
https
:path
/builder/embed/l099SO6C6dQ?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.mandatemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=rrfudgsolo947t72fu8t28hnuk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
iframe
Referer
https://www.mandatemedia.com/

Response headers

status
200
date
Mon, 17 Feb 2020 14:03:44 GMT
content-type
text/html; charset=utf-8
content-length
3088
set-cookie
__cfduid=d104ed005bddab7a1e0cb5b1f43e8bea91581948224; expires=Wed, 18-Mar-20 14:03:44 GMT; path=/; domain=.emailmeform.com; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
56684e733e96649d-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: www.emailmeform.com
URL: https://www.emailmeform.com/builder/forms/jsform/l099SO6C6dQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandatemedia.com/
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 01 Feb 2020 03:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1418800
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33593
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Jan 2021 03:57:04 GMT
/
www.googleadservices.com/pagead/conversion/1032238062/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/1032238062/?random=1581948224528&cv=9&fst=1581948224528&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mandatemedia.com%2F&tiba=Mandate%20Media&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
4301294bf71239c6cbd446734c04fca3578fbb91c286c7ad13b70af59c799790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1079
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6876
date
Mon, 17 Feb 2020 12:09:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Mon, 17 Feb 2020 14:09:08 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1508584958&utmhn=www.mandatemedia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mandate%20Media&utmhid=1856976883&utmr=-&utmp=%2F&utmht=1581948224548&utmac=UA-1050908-2&utmcc=__utma%3D244496409.637388885.1581948224.1581948225.1581948225.1%3B%2B__utmz%3D244496409.1581948225.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1515961531&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1032238062/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1...
  • https://www.google.com/pagead/1p-user-list/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_h...
  • https://www.google.de/pagead/1p-user-list/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_hi...
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.mandatemedia.com/&tiba=Mandate%20Media&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=228243349&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-user-list/1032238062/?random=1632882900&cv=9&fst=*&num=1&value=0&label=5gliCOqXkAIQ7uea7AM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.mandatemedia.com/&tiba=Mandate%20Media&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=228243349&resp=GooglemKTybQhCsO&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roundtrip.js
s.adroll.com/j/
34 KB
11 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.mandatemedia.com
URL: https://www.mandatemedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
18193705ab98d0aa0d38c44621932f9599495d8e708fc41afb7ef892ab0895ae

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
lfmGdNKg5RpvOV9rgmEkoYf4yRMYp92f
Content-Encoding
gzip
x-amz-request-id
CF2698AF4ECDBB0C
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Mon, 17 Feb 2020 14:03:45 GMT
Connection
keep-alive
Content-Length
10738
x-amz-id-2
XOPKCCC75hTreRBEowGrlWbCCdZ7Sq9AOTK9wflo/A42EY34c+mx3gheNXC+rUzATlHFDVwJg1E=
Last-Modified
Thu, 06 Feb 2020 22:47:39 GMT
Server
AmazonS3
ETag
"bdad36c9dcb5278bdd961fb364516719"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/JIR4Y3WYJ5GJ5GX6KXXAXH/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

x-amz-version-id
Y8nS1mIzhBe8JEQvENARcyn9JPX.scLz
Content-Encoding
gzip
x-amz-request-id
E1C9941DB941DD1E
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Mon, 17 Feb 2020 14:03:46 GMT
Connection
keep-alive
Content-Length
48
x-amz-id-2
lqt/Q3YwSp0JZGFSkK+nCWTAycdLPcPppTHD0vKT62G9CJJy1uY9PFVXzze6e8zRgmHtjNxi+Co=
Last-Modified
Thu, 06 Feb 2020 23:04:12 GMT
Server
AmazonS3
ETag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Mon, 17 Feb 2020 14:03:45 GMT
Server
AkamaiGHost
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5/
0
773 B
Script
General
Full URL
https://s.adroll.com/j/pre/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
PgUtDb49hVjJ9XfJUVmcZnzXxH7TacRF
Content-Encoding
gzip
x-amz-request-id
1BBBE3C466EFF190
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Mon, 17 Feb 2020 14:03:46 GMT
Connection
keep-alive
Content-Length
20
x-amz-id-2
oMpv9DfLPcrJvkMgwutxO0n9FIMW5eO4DH6MwvVGqILZMkrgMD19m68P0sr5EdTTBpHcpiBXNF4=
Last-Modified
Sun, 16 Feb 2020 21:04:41 GMT
Server
AmazonS3
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/JIR4Y3WYJ5GJ5GX6KXXAXH/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/JIR4Y3WYJ5GJ5GX6KXXAXH?_s=135bb60c112a294e2422000c3d584efe&_b=2
  • https://d.adroll.com/consent/check/JIR4Y3WYJ5GJ5GX6KXXAXH/?_s=135bb60c112a294e2422000c3d584efe&_b=2
113 B
582 B
Script
General
Full URL
https://d.adroll.com/consent/check/JIR4Y3WYJ5GJ5GX6KXXAXH/?_s=135bb60c112a294e2422000c3d584efe&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.138.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-138-232.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
c6a7246d0bf9e82c10519cbdc02e03bdcdfe432362343f8aae70d200c3411012

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:45 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript
content-length
113

Redirect headers

status
302
date
Mon, 17 Feb 2020 14:03:45 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/JIR4Y3WYJ5GJ5GX6KXXAXH/?_s=135bb60c112a294e2422000c3d584efe&_b=2
2UNATWZWQ5DJNIP4VQXTUB.js
s.adroll.com/pixel/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5/
Redirect Chain
  • https://d.adroll.com/pixel/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5?adroll_fpc=c1f9315202284f12ee55c7aad91e1892-1581948225977&xid_ch=f&pv=22951820382.256027&cookie=&adroll_s_ref=&keyw=&arrfrr=...
  • https://s.adroll.com/pixel/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5/2UNATWZWQ5DJNIP4VQXTUB.js
2 KB
2 KB
Script
General
Full URL
https://s.adroll.com/pixel/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5/2UNATWZWQ5DJNIP4VQXTUB.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
01e7b730dc34d75a8ea7373f8286e259a5a68f7ced399f10723b976e534572ee

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393

Response headers

x-amz-version-id
bV3sfrV8HZSLvHp7.APPf4FraiB5fKsP
Content-Encoding
gzip
x-amz-request-id
027BCB2A81B15823
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Mon, 17 Feb 2020 14:03:46 GMT
Connection
keep-alive
Content-Length
861
x-amz-id-2
4N4ma2eoQVyvBO6EB0YPYX28X8qc8hNTiJltM5WjFv87SGX55FCBC6YkpsOrq66tyHgjUwIexx8=
Last-Modified
Tue, 04 Feb 2020 01:53:25 GMT
Server
AmazonS3
ETag
"928fe4918d379050d8dd59ace34752f3"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

date
Mon, 17 Feb 2020 14:03:45 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.16.1
x-rule
*
x-segment-eid
2UNATWZWQ5DJNIP4VQXTUB
location
https://s.adroll.com/pixel/JIR4Y3WYJ5GJ5GX6KXXAXH/LMDTKKNVLBFUXLWLDVB5L5/2UNATWZWQ5DJNIP4VQXTUB.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
LMDTKKNVLBFUXLWLDVB5L5
x-segment-name
*
x-advertisable-eid
JIR4Y3WYJ5GJ5GX6KXXAXH
x-conversion-currency
out
d.adroll.com/cm/r/
42 B
500 B
Image
General
Full URL
https://d.adroll.com/cm/r/out?xid_ch=f&advertisable=JIR4Y3WYJ5GJ5GX6KXXAXH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.138.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-138-232.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:46 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
out
d.adroll.com/cm/b/
42 B
500 B
Image
General
Full URL
https://d.adroll.com/cm/b/out?xid_ch=f&advertisable=JIR4Y3WYJ5GJ5GX6KXXAXH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.138.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-138-232.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:46 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
out
d.adroll.com/cm/x/
42 B
500 B
Image
General
Full URL
https://d.adroll.com/cm/x/out?xid_ch=f&advertisable=JIR4Y3WYJ5GJ5GX6KXXAXH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.138.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-138-232.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:46 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
out
d.adroll.com/cm/l/
42 B
499 B
Image
General
Full URL
https://d.adroll.com/cm/l/out?xid_ch=f&advertisable=JIR4Y3WYJ5GJ5GX6KXXAXH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.138.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-138-232.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:46 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
out
d.adroll.com/cm/o/
42 B
500 B
Image
General
Full URL
https://d.adroll.com/cm/o/out?xid_ch=f&advertisable=JIR4Y3WYJ5GJ5GX6KXXAXH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.138.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-138-232.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:46 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
out
d.adroll.com/cm/g/
42 B
500 B
Image
General
Full URL
https://d.adroll.com/cm/g/out?xid_ch=f&advertisable=JIR4Y3WYJ5GJ5GX6KXXAXH&google_nid=adroll2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.138.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-138-232.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mandatemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 14:03:46 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| FB function| auto_size_iframe function| getScriptURL string| dataUrl object| auto_size_iframe_instance function| $ function| jQuery object| google_conversion_id object| google_conversion_language object| google_conversion_format object| google_conversion_color object| google_conversion_label object| google_conversion_value function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_disable_viewthrough object| google_gtag_event_data object| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url string| adroll_adv_id string| adroll_pix_id object| _gaq object| _gat boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list

13 Cookies

Domain/Path Name / Value
www.emailmeform.com/ Name: PHPSESSID
Value: rrfudgsolo947t72fu8t28hnuk
.t.sharethis.com/ Name: pxcelPage_c010_B
Value: 0_6_1581948224309
.sharethis.com/ Name: __stidv
Value: 2
.mandatemedia.com/ Name: __utma
Value: 244496409.637388885.1581948224.1581948225.1581948225.1
.mandatemedia.com/ Name: _gat_gtag_UA_1050908_2
Value: 1
.mandatemedia.com/ Name: __utmc
Value: 244496409
.sharethis.com/ Name: __stid
Value: CiAABl5KnT8AAAATLYa5Aw==
.mandatemedia.com/ Name: __utmb
Value: 244496409.1.10.1581948225
.mandatemedia.com/ Name: __utmz
Value: 244496409.1581948225.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.mandatemedia.com/ Name: _ga
Value: GA1.2.637388885.1581948224
.mandatemedia.com/ Name: __utmt
Value: 1
.mandatemedia.com/ Name: _gid
Value: GA1.2.826815546.1581948224
.mandatemedia.com/ Name: __cfduid
Value: d4d4d64df8a4ab964293f066e2fa7b8151581948223

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
platform-api.sharethis.com
s.adroll.com
ssl.google-analytics.com
t.sharethis.com
www.emailmeform.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mandatemedia.com
18.195.176.77
216.58.207.66
23.210.248.216
23.37.48.116
2600:9000:2156:6200:1c:8a07:5e80:93a1
2600:9000:21f3:3600:c:abe:f440:93a1
2600:9000:21f3:b800:c:a9b7:ddc0:93a1
2606:4700:20::681a:70e
2606:4700::6810:865b
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2003
2a00:1450:4001:817::2003
2a00:1450:4001:818::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.253.138.232
01e7b730dc34d75a8ea7373f8286e259a5a68f7ced399f10723b976e534572ee
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
153b331df13b27501f80988be240ed32d1872072c06d25e670b2447b436962e4
18193705ab98d0aa0d38c44621932f9599495d8e708fc41afb7ef892ab0895ae
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
28b40976d5d67c0f94b08ab6383914121f3c0872c8b5a0a3854b98cee17fc3ec
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2b27e7271e9be3996778998282d4f3cab29bca345b474f05762fc07d8e601f49
2d62aca3d9f71a14582a7f591ec7a0c465535d2e63e403203e2be7d7508bb609
2ec52fb95a4eb70611efb452ed720f5f43fdbf96d43e2dedab8f3cd75bc55939
2fa362620c51decf9eba4f5536f9aac4c63eb43d1188ab2ba8a4ece7dd34bd6b
3137b7d55dba01c0f7a3de2510bfb202f9546f78ddeaa9c15035e7eaa449aa61
38428504e47dccd01187adbcdacb414174a0db219b5431fbfca8ee4352415cb9
4301294bf71239c6cbd446734c04fca3578fbb91c286c7ad13b70af59c799790
431a16eb3f8f7ce5995fc3fcdc9c25637e55d9bed1607f8c692d4d9263e6da38
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4c30744e88101521da9d5ec8170f25c5b09854705d8dbbc3a38f47624542e6bb
4d349017c6ecca6587bad3d0100bbc691e8d76bb27c6182c5fec0211a13fef5f
51f5c8ed6dd7386e16d721238329776abae0e407a3506ffa69f3d1c46ea66145
584fb513f950d773a12af14dc6f8f1085057f3e468ca013027ff016fa5a04d64
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
699af7342a1ef7b1f65d9d58552b2b43f8502818c731797186022f7d5ca313b0
6aef8c0a6b2aaed96682eed6df4ff39b05fdb086795e6d0ac5a04f98e0b0b233
7c7123edade5197ebb327a50c57eec8a6ccf6e6602a741200dfb2e2bd787f31c
7da2fbb370c34a670d7124e8d66336186b6e657c40ad32f8acb50fb214609016
814672b9e9b6d6e1fbcd4151e78f409d94e0385ada09047643449bd1732c4d92
814c56e4d9df7f804970beb57eefdc56e6b93d4cbe5d92dc3edd3ba8226ca3b2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8ea8c0a481d8b1fb6bdec7b846f57d130d24b18459de761eedc44c255971543f
a5adf31d41f372587e6933615ad9651cb02e6b41e53d639d2e2263ae04a81d51
a7f886254958b97c9f1d48ab3c9fbd4883d3d436f64f2f9471763efadc4edc1f
af92b9af6ba3092c044392917d1a68eb916f25c3235ecdbd21e8c350161db214
b1e43308ad37fba80d03dac9a497a96febac77a457711dab836dcf12efb80cef
b9444805a0e13996015bd0f6b2146c558b250eafc4550fb0b51bf6e715ac5976
c3ab78f43fbfe74139b2c8d5ea4c616c3ff7c3cdae9f5ddbee01dede3c6628f1
c4d07a46da075cf214bb28f94db0e7b946f3370970dd11af7ebf861014dc11d4
c6a7246d0bf9e82c10519cbdc02e03bdcdfe432362343f8aae70d200c3411012
cb1313b749106aeec0e91e4ac8be57e07fdb8ea62332a402ee3675d4e89aafe4
cd2cf30eac9edf59a1d63fdc19a2e98a00c8a6db63ef1d850937f64d0a68b73d
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d13284e23d4ed463b67bd4196bafa57c26c83cab0d5323e65dc218ee6842e7b6
d701d42f14b9d973b033344c852565ff7ca06539ffda37a857a2f75d58de7d02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e669cec09ba48156baa648341689d95dee2ab832a225c3eea54c57b72b98449d
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6e628d52bebd693705b91513177105a0390b76a9c602bd96cc17dfbd861abac
f9bbf519807016df6f5e618b34a4d001a48d7a2b1478541e89dfc4ec5873c9d7
fa504e2b592a29fa48fc8262607c53a84e8cdced4440fb475ac7dd35b011342e