mandowndevice.com Open in urlscan Pro
172.66.43.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mandowndevice.com/
Submission: On June 03 via manual (June 3rd 2023, 7:27:50 pm UTC) from CA — Scanned from GE

Summary HTTP 82 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 37 domains to perform 82 HTTP transactions. The main IP is 172.66.43.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is mandowndevice.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 6th 2023. Valid for: a year.

This is the only time mandowndevice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	172.66.43.35 172.66.43.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
2	52.58.239.147 52.58.239.147	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.58 108.138.36.58	16509 (AMAZON-02) (AMAZON-02)
4	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	104.22.4.254 104.22.4.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	52.92.152.144 52.92.152.144	16509 (AMAZON-02) (AMAZON-02)
1	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
3	141.101.120.11 141.101.120.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.192.108 18.66.192.108	16509 (AMAZON-02) (AMAZON-02)
1	104.26.13.60 104.26.13.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	52.211.49.201 52.211.49.201	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.192.56 18.66.192.56	16509 (AMAZON-02) (AMAZON-02)
1	18.164.52.93 18.164.52.93	16509 (AMAZON-02) (AMAZON-02)
3 5	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	107.21.45.226 107.21.45.226	14618 (AMAZON-AES) (AMAZON-AES)
1	107.21.42.231 107.21.42.231	14618 (AMAZON-AES) (AMAZON-AES)
1 7	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 3	37.252.171.52 37.252.171.52	() ()
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	89.207.16.137 89.207.16.137	() ()
1 1	69.173.144.165 69.173.144.165	() ()
1	91.228.74.208 91.228.74.208	() ()
2	23.35.236.201 23.35.236.201	() ()
1 2	34.98.64.218 34.98.64.218	() ()
82	28

14 172.66.43.35 (United States)

ASN13335 (CLOUDFLARENET, US)

mandowndevice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.239.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-239-147.eu-central-1.compute.amazonaws.com

cmp.seersco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-58.muc50.r.cloudfront.net

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.4.254 (None, )

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.152.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.101.120.11 (None, )

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.192.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-108.muc50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.60 (None, )

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.211.49.201 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-49-201.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.215 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-56.muc50.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-93.cdg50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.91 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.45.226 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-45-226.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.42.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-42-231.compute-1.amazonaws.com

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.124.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.16.137 (None, ) 2 redirects

ASN- ()

eyeota-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, ) 1 redirects

ASN- ()

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.208 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (None, ) 1 redirects

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mandowndevice.com mandowndevice.com	411 KB
10	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 718 ce.lijit.com — Cisco Umbrella Rank: 978	11 KB
7	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1123	4 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4315 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5638 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14535	15 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	332 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	3 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 618 i6.liadm.com — Cisco Umbrella Rank: 2301	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 365 data.adsrvr.org Failed	1 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3115	1 KB
3	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 871	1 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 15314 t.dtscout.com — Cisco Umbrella Rank: 14388	4 KB
2	openx.net 1 redirects us-u.openx.net	420 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com Failed	12 KB
2	dotomi.com 2 redirects eyeota-match.dotomi.com	676 B
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12982 s4.histats.com — Cisco Umbrella Rank: 12815	5 KB
2	seersco.com cmp.seersco.com	4 KB
1	quantserve.com cms.quantserve.com	373 B
1	rubiconproject.com 1 redirects pixel-eu.rubiconproject.com pixel-us-east.rubiconproject.com Failed	807 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 518	671 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 870	602 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 557	428 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 16565	590 B
1	google.ge www.google.ge — Cisco Umbrella Rank: 16373	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	455 B
1	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 11723	5 KB
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	blismedia.com Failed tr.blismedia.com Failed
0	creativecdn.com Failed creativecdn.com Failed
0	amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	1rx.io Failed sync.1rx.io Failed
0	rfihub.com Failed p.rfihub.com Failed
82	37

	Domain	Requested by
14	mandowndevice.com	mandowndevice.com
7	ps.eyeota.net	1 redirects mandowndevice.com
5	ce.lijit.com	mandowndevice.com ap.lijit.com ce.lijit.com
5	ap.lijit.com	3 redirects mandowndevice.com data-beacons.s-onetag.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mandowndevice.com
5	www.googletagmanager.com	mandowndevice.com www.googletagmanager.com
4	fonts.gstatic.com	mandowndevice.com
3	ib.adnxs.com	3 redirects
3	cm.g.doubleclick.net	1 redirects ce.lijit.com
3	match.adsrvr.org	3 redirects
3	pixel.onaudience.com	3 redirects
3	bcp.crwdcntrl.net	2 redirects mandowndevice.com
3	get.s-onetag.com	e.dtscout.com get.s-onetag.com
2	us-u.openx.net	1 redirects ce.lijit.com
2	ads.pubmatic.com	ce.lijit.com
2	eyeota-match.dotomi.com	2 redirects
2	i.liadm.com	2 redirects
2	t.dtscout.com	e.dtscout.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	cmp.seersco.com	mandowndevice.com cmp.seersco.com
1	cms.quantserve.com	ce.lijit.com
1	pixel-eu.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	i6.liadm.com	mandowndevice.com
1	um.simpli.fi	1 redirects
1	data-beacons.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	stags.bluekai.com	mandowndevice.com
1	t.dtscdn.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	www.google.ge	mandowndevice.com
1	www.google.com	mandowndevice.com
1	s4.histats.com	s10.histats.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	s10.histats.com	mandowndevice.com
1	cdn.ywxi.net	mandowndevice.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	pixel-sync.sitescout.com Failed	ce.lijit.com
0	data.adsrvr.org Failed	ce.lijit.com
0	rtb.mfadsrvr.com Failed	ce.lijit.com
0	tr.blismedia.com Failed	ce.lijit.com
0	pixel-us-east.rubiconproject.com Failed	ce.lijit.com
0	creativecdn.com Failed	ce.lijit.com
0	aax-eu.amazon-adsystem.com Failed	ce.lijit.com
0	match.prod.bidr.io Failed	ce.lijit.com
0	sync.1rx.io Failed	ce.lijit.com
0	p.rfihub.com Failed	ce.lijit.com
82	47

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-06` - `2024-02-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
seersco.dev Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
*.ywxi.net Amazon RSA 2048 M01	`2023-02-22` - `2023-08-03`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-28`	9 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
dtscdn.com GTS CA 1P5	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://mandowndevice.com/
Frame ID: 2E2958F9FEA185A7DF9B3CC4FDDDC388
Requests: 57 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401685820462C86793C84E334EBB2D
Frame ID: 220B00BDD87D364CD069AB0326DA0651
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 887B72CBE0263AC78B7AF03C5AA10903
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: 38A01A31282639707E4BAB349A67C5CA
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: F5892222067B6787B73682217BB06153
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 040DFF201CE589E4E6E8352429F80D0C
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 15D8A3FC050382EC48F2C909DC488B32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Man Down Device Lone Worker Alarm - Man Down Device

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Seers (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

seersco.com/script/cb\.js

Page Statistics

82
Requests

65 %
HTTPS

0 %
IPv6

37
Domains

47
Subdomains

28
IPs

8
Countries

929 kB
Transfer

2108 kB
Size

39
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401685820462C86793C84E334EBB2D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401685820462C86793C84E334EBB2D

Request Chain 42

https://pixel.onaudience.com/?partner=137085098&mapped=10401685820462C86793C84E334EBB2D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=8c501aff-e98e-41f4-85d1-b4cf93644468&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=02d2c2201e7a59be

Request Chain 45

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 46

https://um.simpli.fi/lj_match?r=71919 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1919D9C432E94D49A2D141227644FB51

Request Chain 47

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL&rnd=47619 HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL&rnd=47619&_li_chk=true&previous_uuid=c8770be4b7f3411091fa789cbc1af84d HTTP 303
https://i6.liadm.com/s/57333?bidder_id=204553&rnd=47619&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL

Request Chain 50

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GwWvpSZHiNAyG6yVTMqur_vL/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=e26571a5cc300ac806051a560c4cc1c0

Request Chain 51

https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkhyVTJfUDhCTGt0RmVJczVIUDJ0cmtWYU9ZeVgwRW1nSUN0TjlnVFU0dEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMKSTapZtjnXG1ElcdF2T9k&google_cver=1

Request Chain 54

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=8c501aff-e98e-41f4-85d1-b4cf93644468&bid=1e2n4ou

Request Chain 55

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u HTTP 302
https://ps.eyeota.net/match?uid=8754088516670778769&bid=2cr76e1&referrer_pid=51md42u

Request Chain 56

https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=ab1b647b-9434-4900-b28a-1d8d5c3106f2&referrer_pid=51md42u

Request Chain 57

https://eyeota-match.dotomi.com/match/bounce/current?networkId=41703&version=1&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY HTTP 302
https://eyeota-match.dotomi.com/match/bounce/current?DotomiTest=7efafb18d18d1f9b&is_secure=true&networkId=41703&version=1&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY HTTP 302
https://ps.eyeota.net/match?bid=r8d1b20&uid=AAANCienlMlWZwN0SQVSAAAAAAA&expiration=1685906868&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY&is_secure=true

Request Chain 60

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=83&3pid=LIGDZBNJ-19-H9FD&gdpr=0

Request Chain 61

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0

Request Chain 63

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent=

Request Chain 64

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=92&3pid=8754088516670778769&gdpr=0&gdpr_consent=

Request Chain 66

https://aorta.clickagy.com/pixel.gif?ch=185&cm=GwWvpSZHiNAyG6yVTMqur_vL&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:c2c4f655a92d5a9aeb4759a937bb3da2

Request Chain 67

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=dMg6zP4IH404&ev=1&pid=558511&gdpr_consent=&gdpr=0

Request Chain 69

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0

Request Chain 79

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mandowndevice.com/ 161 KB
29 KB 948ms
636ms Document
text/html 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandowndevice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d79c118c5b756eb124a924c3392920067989ac7209e7e552a9484f4b2eaf28

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d1a55ac48f703b0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 19:27:39 GMT
last-modified: Wed, 17 May 2023 02:55:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HitVt7XMDGoKaKwaqhGayB%2FUfJT23CHTWbAH2yCFmNs8RiRMGfkJExzKD12xY5%2F0F039917%2FYSQDvQLvB5SEAn1FvNhQEQGdv28Kwxs%2FgG65wAgCy8UPHrqMGLdtWhoCnc7YoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 7u2g5.css
mandowndevice.com/wp-content/cache/wpfc-minified/9aoh5g2d/ 33 KB
6 KB 271ms
270ms Stylesheet
text/css 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandowndevice.com/wp-content/cache/wpfc-minified/9aoh5g2d/7u2g5.css
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfedd6917436ae2bcccd99fa6041f01e1f351e336d3c8c69c931bfa072b92ee8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 21:38:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3CBdGUDLQlrNgwmWGC2UtynkFkr%2BJpp80dsp4L61nHOAnJD3%2BqaygLZEVUj4u8KJk4L9cEDZPJsOYRxwRBdoo9kF%2BwvbKs7W6TIBL9as7cXW5qA3UytgWIf7n6TKRIUf%2ByuWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 7d1a55b049d803b0-FRA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
48 KB 429ms
149ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154058957-1

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

20c671f429b9b8cd7bb516cc249b888506ffba9c295d33e8b8af39ade53dd9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 19:27:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 410ms
343ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10792419268

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a624ca1165f6102fc56a808217156c9446899681710996cfd597026e09a000c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69366
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 19:27:39 GMT

GET
H3 200 MERCARI-LOGO.png
mandowndevice.com/wp-content/uploads/2021/08/ 3 KB
3 KB 2037ms
2034ms Image
image/png 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandowndevice.com/wp-content/uploads/2021/08/MERCARI-LOGO.png
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96b363dd2baeb1591ed7c3917a5a8000301b0c61f19ad55ef732211300a9fa6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Oct 2022 20:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g92tIy2GyTEhdszauEJdOKkonqz%2F9W2JuuNqwFjP4m8eLiXb%2BsjkHNcth5Q0DbckEIsTJCDNmaCq0uesEWvjNnAUzfHTcEG8Polb5osKax%2FQkrqZJtH7X1pHpfVOR0CrFn1E8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 7d1a55b3ba6abb4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3014
expires: max-age=A10368000, public

GET
H3 200 Lone-Worker-Man-Down-GPS-Tracker-Alarm.png
mandowndevice.com/wp-content/uploads/2020/06/ 18 KB
18 KB 542ms
539ms Image
image/png 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandowndevice.com/wp-content/uploads/2020/06/Lone-Worker-Man-Down-GPS-Tracker-Alarm.png
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d3d76cdb80b238c78f9499c10f89359865ab788a151e4940285742aa989dd6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Oct 2022 20:24:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47tiex4j1%2FO2PMJPFjK3As9vfxJoXjRKsHtykLa0VLagQD5vcQGmBZqAcLT28m%2F2IC8e5IVdq847rtqkfvjLS27nJAuFaQtOdoQESXEbVSYfXhX2gMdS%2FXj%2FPadeeSX1CuWSCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 7d1a55b3ba6dbb4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17989
expires: max-age=A10368000, public

GET
H3 200 Lone-Worker-Alarm-Device-USA-Canada.png
mandowndevice.com/wp-content/uploads/2021/08/ 12 KB
12 KB 3402ms
3399ms Image
image/png 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandowndevice.com/wp-content/uploads/2021/08/Lone-Worker-Alarm-Device-USA-Canada.png
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20cca9b37eb1803d003db9a0f89a948c8c6e0cc04e55f55d7b0bd8b799138d3d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Oct 2022 20:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfVqqGDoN%2FhpnHojNo9nsust8NZEjElorUmKKZlBAhIy2SAVlTGTBwwtxVfpskjiV0klrUufl7P5oGOXWwoPTqNFohoECJBZCA%2B7KmA6hv3A%2BAT4nU%2BOcgT7ZRQ7IaIoOezl1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 7d1a55b3ba71bb4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12305
expires: max-age=A10368000, public

GET
H3 200 lone-worker-device.png
mandowndevice.com/wp-content/uploads/2020/06/ 74 KB
74 KB 813ms
810ms Image
image/png 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandowndevice.com/wp-content/uploads/2020/06/lone-worker-device.png
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d070e103499a84f2f1bed1666ec5c4a2e9161fea79feaa8fa84666df6b81bddb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Oct 2022 20:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJSpw%2BLcxzZ3qSeemgIfyDB4AL4svYCF5Wdeg86%2FLyHpy4k5AesolnND1oYDJxuwmAGw6ZO4xG1QTqTGV8vybvWm%2BMsL6exIWMG8R31kNtQA7l9zI2wIrXUmNGMmJKc1mQOY5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 7d1a55b3ba6cbb4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 75493
expires: max-age=A10368000, public

GET
H3 200 Wearable-SOS-Button-Wristband-Beltclip.jpg
mandowndevice.com/wp-content/uploads/2020/06/ 12 KB
12 KB 1900ms
1897ms Image
image/jpeg 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandowndevice.com/wp-content/uploads/2020/06/Wearable-SOS-Button-Wristband-Beltclip.jpg
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877c767373322f9cfde5c4607288b21032b84f85fda025455cb5627ea3e10ca

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Oct 2022 20:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DT5dc1%2BNnQutZmhbsFBTeUtTj7rSg4fScE5qloSsbxoShltU2lNa4j0MEe2hdSAqqxqyhFihq5dRubyPvqtOsOjNXx57g%2B1NIxFA7bJ3rKnpvQF7emuo4F4U4q0eNzE0O5jEqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 7d1a55b3ba6fbb4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11919
expires: max-age=A10368000, public

GET
H3 200 email-decode.min.js Show response
mandowndevice.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 415ms
415ms Script
application/javascript 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandowndevice.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 May 2023 15:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6476145d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tindri7XEwZylc4uavLFkWGigZNJrCm9%2Ffjbft2xOntn8B0IVa5d%2FEQ6aLTdRVxAWiIO0LTOgQekCAsXueaWqr7St0E6e05ZjMAor6YuGVM3Wwz4mMDpARNa6H5cKIIP9UbMoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d1a55b3ba6bbb4d-FRA
expires: Mon, 05 Jun 2023 19:27:40 GMT

GET
H2 200 cb.js Show response
cmp.seersco.com/script/ 8 KB
3 KB 757ms
458ms Script
application/javascript 52.58.239.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.seersco.com/script/cb.js
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.239.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-239-147.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.55 () PHP/8.0.27 / PHP/8.0.27
Resource Hash: 6b64e6329a8ce4c826501024573473733ea7b3e35d4afcacfb407c94e79c20d4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: gzip
server: Apache/2.4.55 () PHP/8.0.27
x-powered-by: PHP/8.0.27
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept: application/json
cache-control: no-cache, private, max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Mon, 03 Jul 2023 19:27:39 GMT

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 19 KB
5 KB 595ms
146ms Script
text/javascript 108.138.36.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-58.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

87c35a9091f97271c0034ba8e825c9f175b6b1c5fdf2cbb16176a99b8eba5ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 112
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4657
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B7766B86624D4D3946F5AE48167E3B5E115CE8E3E000000000000000000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: F2Z5YFgbcvKHMopOrsbW7eDJYHiSyt6NRMdhjQC1R6b_bJFTE4EFnQ==
expires: Sat, 03 Jun 2023 20:25:47 GMT

GET
H3 200 7u2g5.js Show response
mandowndevice.com/wp-content/cache/wpfc-minified/212eixb4/ 98 KB
35 KB 2997ms
2995ms Script
application/javascript 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandowndevice.com/wp-content/cache/wpfc-minified/212eixb4/7u2g5.js
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d355460345f5a714b5a7acda5872ffc30e7f0f4682b3dabdb0ef40132da40a3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23902
cf-polished: origSize=100717
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 21:38:05 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPfe89xIUtEy1GuuRrc2qP%2BSl2zAPOufS59Nv551kye2wRayyi9XF0M%2FLSmcgp%2FVh%2B4aytr2uCX44xbJwKfzhT93uVTo3pmTdEg1nNjBHyH%2FNTTCBMgl%2BNJWwrp8OFT9JIjOWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 7d1a55b3ba68bb4d-FRA
expires: max-age=A10368000, public

GET
H3 200 7u2g9.js Show response
mandowndevice.com/wp-content/cache/wpfc-minified/dqejt0q/ 269 KB
61 KB 948ms
945ms Script
application/javascript 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandowndevice.com/wp-content/cache/wpfc-minified/dqejt0q/7u2g9.js
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6212758098dc8958246b4f4c264e451eee167e7f31c0493502acf5929ec4dc30

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23902
cf-polished: origSize=275151
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 21:38:09 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czqGCHfBpy%2BjSw8DiqSR6hD3%2Fdslx50SyaF03Gbdx2yPRTtfCkoDYkY9nBhP8wZq%2FBU50YO%2BDHY8gRnp%2FxRKYoRW5vnICx1uUyckUfc1Ch1NhLU6dIRWxEr74r5aMIhqVnmebA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 7d1a55b49ba9bb4d-FRA
expires: max-age=A10368000, public

GET
H3 200 7u2g5.css
mandowndevice.com/wp-content/cache/wpfc-minified/shnc9r5/ 92 KB
13 KB 3723ms
3722ms Stylesheet
text/css 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandowndevice.com/wp-content/cache/wpfc-minified/shnc9r5/7u2g5.css
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46385964366dcbc521123c84c4900a51e53ee05b0879ca3f84c8d51051c1445f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 21:38:05 GMT
server: cloudflare
age: 23902
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Atc8n%2FAsB0gURE%2BEYQ2TKM5X6trj8wVBiU0Zy95OT2P%2Fm2EOcwO9JJqf4nWrxgeAfTEd27k%2BhyXCODRnT1d2rF7jbOR7v%2FZIozY6RfkqZGTPKjKy%2BS6Nt0kpNQwdsyp1UjxnIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 7d1a55b49badbb4d-FRA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 Personal-Safety-Alarm-1024x683.jpg
mandowndevice.com/wp-content/uploads/2020/10/ 50 KB
50 KB 2151ms
2150ms Image
image/webp 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandowndevice.com/wp-content/uploads/2020/10/Personal-Safety-Alarm-1024x683.jpg
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0780b2f6d0e57e939751b3e65496ca032d08971f44d3e3692f2d1296d62fdf25

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Oct 2022 20:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23902
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiVjWKidLdJ3Ye%2BfIGed%2FtQ0yaejwgBirQqLljhQDnrz0L2%2FY7B6FuNxD0EN8QXFfJK6OrZoS1lP%2BEAtHW6nhh2exg2rWiBmMiqkQ050izk4R5yWgES%2F%2F%2BRf0A4tfavJiuATmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=16070400
cf-ray: 7d1a55b49ba8bb4d-FRA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 modules.woff
mandowndevice.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 1756ms
1755ms Font
x-font/woff 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandowndevice.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Request headers

Referer: https://mandowndevice.com/
Origin: https://mandowndevice.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Apr 2023 01:32:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euTDghm%2FR4nyyg27MwSFWi4Yz5a%2Fr%2BkluWiujci7mX5a6tBzspiogp%2FjEoBULZFLacraVTbXLX8NiKFj7csHYQ28U%2FzxFZKaXfVeBKdv3LY%2F7qsyWLCX37WxI55inD4LY3aWUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: x-font/woff
cache-control: max-age=16070400
cf-ray: 7d1a55b49bacbb4d-FRA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 25 KB
25 KB 436ms
147ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

320fb7e771568759087a963cc5d33a8d88897f498ee0b67ad1adb2ef320d2a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandowndevice.com/
Origin: https://mandowndevice.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:25:50 GMT
x-content-type-options: nosniff
age: 25310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25384
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:15:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 12:25:50 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 25 KB
25 KB 707ms
419ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

ce4714944663ab66446464e544e69808450bee9d0332659795eacea5751fc4f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandowndevice.com/
Origin: https://mandowndevice.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 23:24:30 GMT
x-content-type-options: nosniff
age: 331390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25456
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:15:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 23:24:30 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 24 KB
24 KB 660ms
372ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

607eb42162512af73de673e5529e0f752efc846afd3cd75ca794af1ddc2f3d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandowndevice.com/
Origin: https://mandowndevice.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 18:37:02 GMT
x-content-type-options: nosniff
age: 348638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24712
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:15:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 18:37:02 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 25 KB
25 KB 630ms
343ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4uaVI.woff2

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

267c4408afac4eb1a40e54d12acadad4cd265f66782a519a3b70ce417729197d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandowndevice.com/
Origin: https://mandowndevice.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 21:47:18 GMT
x-content-type-options: nosniff
age: 78022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25272
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 21:47:18 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 446ms
148ms Script
text/javascript 104.22.4.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 2661
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7d1a55b67db21da8-FRA
content-length: 4547

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 190ms
188ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BFWEZT5XCV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154058957-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fe4f5b47aa32d5edc4a2f1f6ba099b8da9d757f914e9804e50b1e8b37809eeba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 19:27:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 452ms
140ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154058957-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 18:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3133
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 20:35:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 155ms
153ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10792419268&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154058957-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

19f1770f19ed743a4e398229c604c4e4a9ccc67c55093d2196d10bce7a91a140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69355
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 19:27:40 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10792419268/ 3 KB
2 KB 467ms
173ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10792419268/?random=1685820460335&cv=11&fst=1685820460335&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmandowndevice.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&auid=2100289987.1685820460&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10792419268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2a00db517c379d384c9d087bc2dff754668e2f68fa5fddd85ec839f87b7c73a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 175ms
175ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BFWEZT5XCV&gtm=45je35v0&_p=246752855&cid=1099303127.1685820461&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685820460&sct=1&seg=0&dl=https%3A%2F%2Fmandowndevice.com%2F&dt=Man%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFWEZT5XCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandowndevice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 verifyDomain Show response
cmp.seersco.com/api/ 201 B
510 B 678ms
402ms XHR
application/json 52.58.239.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.seersco.com/api/verifyDomain
Requested by: Host: cmp.seersco.com
URL: https://cmp.seersco.com/script/cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.239.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-239-147.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.55 () PHP/8.0.27 / PHP/8.0.27
Resource Hash: 848ab0606ac645b25b606f0a803544be30bb224ae058576bec7e4241863a28f5

Request headers

Referer: https://mandowndevice.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 03 Jun 2023 19:27:41 GMT
server: Apache/2.4.55 () PHP/8.0.27
x-powered-by: PHP/8.0.27
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
accept: application/json
cache-control: no-cache, private, max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Mon, 03 Jul 2023 19:27:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
70 KB 161ms
160ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6R5RGK6XSR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154058957-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9660e6a93962b6f4f25442b15cf96a2b21194d5433172910f51410be258ebbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 19:27:40 GMT

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/mandowndevice.com/ 243 B
822 B 1018ms
316ms XHR
application/xml 52.92.152.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/mandowndevice.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.152.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 233a9df8a4548b8992f762f997c28161155487669e237324adb830678ac3ca22

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 19:27:40 GMT
Server: AmazonS3
x-amz-request-id: 0J1DEFFZGEQXNDTW
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: https://mandowndevice.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/xml
x-amz-id-2: 1F5+w+iAWCHF1HtcBhkwarEIKdqva/iztxQMJyHSCSERCcwZW64zkMqvhGBL+iXRiHLs1TnSRHQ=

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/mandowndevice.com/ 243 B
822 B 1081ms
315ms XHR
application/xml 52.92.152.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/mandowndevice.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.152.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3d16575465418287167b97b9961a85c510017857a8bfdeba4a86cdb702a2c527

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 19:27:40 GMT
Server: AmazonS3
x-amz-request-id: 0J14SQFH0TFQ9YMY
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: https://mandowndevice.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/xml
x-amz-id-2: hGQarzpCtzJiaHUxjWAAmIlMnw0ZAEVTUPVSWJfGJjR08VUcoK7m/T7e90bb89WvXwMuEf7UynU=

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 378 B
513 B 1124ms
232ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4723098&@f16&@g1&@h1&@i1&@j1685820460648&@k0&@l1&@mMan%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-188990273&@b3:1685820461&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmandowndevice.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 9b6384a0a2cf80245e4e87dca520dec15d9b13b415dedf312289d8814c7558bf

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 19:27:41 GMT
Connection: close
Content-Length: 378
Content-Type: text/html;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 149ms
148ms XHR
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=246752855&t=pageview&_s=1&dl=https%3A%2F%2Fmandowndevice.com%2F&ul=en-us&de=UTF-8&dt=Man%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1646004960&gjid=1229096821&cid=1099303127.1685820461&tid=UA-154058957-1&_gid=497748594.1685820461&_r=1&gtm=457e35v0&jsscut=1&z=981162920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandowndevice.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandowndevice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
155 B 142ms
141ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=246752855&t=pageview&_s=1&dl=https%3A%2F%2Fmandowndevice.com%2F&ul=en-us&de=UTF-8&dt=Man%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=1099303127.1685820461&tid=UA-154058957-1&_gid=497748594.1685820461&gtm=457e35v0&jsscut=1&did=dZTNiMT&gdid=dZTNiMT&z=1137107338

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 21:25:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79321
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10792419268/ 42 B
455 B 949ms
658ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10792419268/?random=1685820460335&cv=11&fst=1685818800000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmandowndevice.com%2F&frm=0&tiba=Man%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=854466485&rmt_tld=0&ipr=y

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ge/pagead/1p-user-list/10792419268/ 42 B
455 B 601ms
158ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-user-list/10792419268/?random=1685820460335&cv=11&fst=1685818800000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmandowndevice.com%2F&frm=0&tiba=Man%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=854466485&rmt_tld=1&ipr=y

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 149ms
148ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6R5RGK6XSR&gtm=45je35v0&_p=246752855&gdid=dZTNiMT&cid=1099303127.1685820461&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685820460&sct=1&seg=0&dl=https%3A%2F%2Fmandowndevice.com%2F&dt=Man%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6R5RGK6XSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandowndevice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
3 KB 618ms
333ms Script
application/javascript 141.101.120.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmandowndevice.com%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4723098&@f16&@g1&@h1&@i1&@j1685820460648&@k0&@l1&@mMan%20Down%20Device%20Lone%20Worker%20Alarm%20-%20Man%20Down%20Device&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-188990273&@b3:1685820461&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmandowndevice.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5668cb8852a89f55bada26ce243f717b247a2471fbd9541b8dcd33d404bd4ff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:42 GMT
x-t: 0.778
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPabLFi7i5vZuSC%2BodpfRWzIDeD8Hkk3xCWhV64rtGY8TY3jf00omKdWFEgEvvExmJ5dGFyGet0VTNkA2tbyTkwx7edv6kDlk670kEi5DpRWq68Wn8awRZzUfKH2RXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 7d1a55c04ac4bb95-FRA
expires: Sat, 03 Jun 2023 19:27:41 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 220B 1 KB
724 B 338ms
338ms Document
text/html 141.101.120.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=10401685820462C86793C84E334EBB2D
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmandowndevice.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d112215ab9192450d12b9e9c8c6272f0abdfd396d55829fb464014a09c4ce0ed

Request headers

Referer: https://mandowndevice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7d1a55c26e42bb95-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 19:27:42 GMT
expires: Sat, 03 Jun 2023 19:27:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aM8BJk8AlazZEkMO2WkCHHGVWmx%2BkPswlIysnOrHa1au1ZXRQMJxT3VTTJYpto5Nv9SfKocoD3KZ5JcLyY1v0oY411Q80MRSrxgg1zpAgboxpESRz%2FTxCTD%2Bcq%2FNK2U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 451ms
161ms Script
text/javascript 18.66.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmandowndevice.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-108.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
date: Fri, 02 Jun 2023 19:57:35 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 84608
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 73we5qS-hGOB9DVLFi9K1vq1wXS3cl7DuTCOWVu81ibrfb9xPliDtw==

GET
H2 200 / Show response
t.dtscout.com/pv/ 50 B
329 B 336ms
336ms Script
application/javascript 141.101.120.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=mandowndevice.com&_ss=474eml52jq&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ge&_pl=d&_cbid=63av&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmandowndevice.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2634468b6f06bee6e1f2cfab6d7756209ce0532e2414148a5841b6428662f98b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:42 GMT
x-t: 0.154
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fv%2Bx3LUCFadkOGOX%2FpBNtqHQRIfu9I7t8I3mqYwTkgCfuLsGDxKpOzo9ocYuRJRSbhNrGoae%2BoTqrFTod%2F6uzXXo767dKcbA43VwqSYr3SHsan9AkQGoRO2FcWeARTc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7d1a55c26e48bb95-FRA
expires: Sat, 03 Jun 2023 19:27:41 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
590 B 534ms
248ms Script
application/javascript 104.26.13.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401685820462C86793C84E334EBB2D&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fmandowndevice.com%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmandowndevice.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:43 GMT
x-t: 0.68
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvRt3%2F%2Bo%2FIE1mowc0v1RDuIDwyP6hwzijLYf5xjflZzpGHXoFwGfgvLW3h2aRqZmlIzjXzY%2FvtNQkTIHpSpQOdy8wlJHV%2BAWlSppLaY34CWMGwDdLWNWagf5Xahxsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 7d1a55c678643809-FRA
expires: Sat, 03 Jun 2023 19:36:45 GMT

GET
H2

200

tpid=10401685820462C86793C84E334EBB2D
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401685820462C86793C84E334EBB2D
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401685820462C86793C84E334EBB2D

49 B
543 B

187ms
187ms

Image
image/gif

52.211.49.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401685820462C86793C84E334EBB2D
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H2
Server: 52.211.49.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-49-201.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.185
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:43 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401685820462C86793C84E334EBB2D
cache-control: no-cache
x-server: 10.45.4.90
content-length: 0
expires: 0

GET
H2

200

52799
stags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401685820462C86793C84E334EBB2D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=8c501aff-e98e-41f4-85d1-b4cf93644468&icm&gdpr=0&gdpr_consent=&cver
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=02d2c2201e7a59be

62 B
428 B

612ms
284ms

Image
image/gif

2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=02d2c2201e7a59be
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: H2
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 03 Jun 2023 19:27:45 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=02d2c2201e7a59be
content-length: 0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
950 B 464ms
154ms Fetch
application/json 18.66.192.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-56.muc50.r.cloudfront.net
Software: /
Resource Hash: a5bf7103a913c517d20c996abfca950b0364ea4731145082ba5d5c2cf86e1b42

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:49:22 GMT
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront), 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, MUC50-P1
age: 23901
x-amzn-requestid: a8a61675-2d6e-46a2-8967-43042e4836bd
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: F8WA-FfMiYcF-9g=
content-length: 535
x-amz-cf-id: SfBX2KYSaUW6F5OzchFH2m2to7_WKQM90P0I5XAQKvR5Nuskh_pVxg==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 471ms
156ms Script
text/javascript 18.164.52.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-93.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding: gzip
via: 1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront)
date: Sat, 03 Jun 2023 18:31:50 GMT
last-modified: Mon, 30 Jan 2023 17:09:16 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P4
age: 3354
etag: W/"b33b67ced6b706568683ecea83e198c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: OQ8I0CcydT_OZ8_zQBPLBmFuOLDs8Vdhlpn5xFU5b6PTPD8hmJ1dwg==

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
465 B

150ms
150ms

Fetch
application/json

216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 8123fbf05ecbef76f0204070a6147fcdc75680566bcb137acebcb2515bd241ec

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 19:27:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mandowndevice.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Sat, 03 Jun 2023 19:27:44 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://mandowndevice.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=71919
https://ce.lijit.com/merge?pid=2&3pid=1919D9C432E94D49A2D141227644FB51

43 B
679 B

437ms
145ms

Image
image/gif

216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=1919D9C432E94D49A2D141227644FB51
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 19:27:45 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sat, 03 Jun 2023 19:27:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=1919D9C432E94D49A2D141227644FB51
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Jun 2023 19:27:45 GMT

GET
H/1.1

200
OK

57333
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL&rnd=47619
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL&rnd=47619&_li_chk=true&previous_uuid=c8770be4b7f3411091fa789cbc1af84d
https://i6.liadm.com/s/57333?bidder_id=204553&rnd=47619&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL

43 B
274 B

911ms
226ms

Image
image/gif

107.21.42.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/57333?bidder_id=204553&rnd=47619&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL

Requested by

Host: mandowndevice.com
URL: https://mandowndevice.com/

Protocol

HTTP/1.1

Server

107.21.42.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-42-231.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 19:27:47 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/57333?bidder_id=204553&rnd=47619&bidder_uuid=GwWvpSZHiNAyG6yVTMqur_vL
Date: Sat, 03 Jun 2023 19:27:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 887B 85 B
483 B 142ms
142ms Document
text/html 18.66.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-108.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://mandowndevice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 759001
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 26 May 2023 00:37:46 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
x-amz-cf-id: 7CbzIts7jASxFCtmCqaO78zVpNNBlMSuDSCAHNxkeK9nU5pldNIWpw==
x-amz-cf-pop: MUC50-P1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 887B 766 B
1 KB 143ms
142ms Script
text/javascript 18.66.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-108.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 00:34:36 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 759190
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 4uNyU-c29OCNcy4kb2sQpdRH--0Z3RpNUkWmpZ7PrZcaQ-2KvE_mog==

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GwWvpSZHiNAyG6yVTMqur_vL/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=e26571a5cc300ac806051a560c4cc1c0

43 B
999 B

147ms
147ms

Image
image/gif

216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=e26571a5cc300ac806051a560c4cc1c0
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 19:27:46 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=e26571a5cc300ac806051a560c4cc1c0
cache-control: no-cache
x-server: 10.45.17.85
content-length: 0
expires: 0

GET
H/1.1

200
OK

/ Show response
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0

831 B
1 KB

145ms
145ms

Script
application/javascript

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c4ec8c2daae54ed4dd8bfdfbb02cf4d360c077ac295038d74d6daa54b08d46b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Sat, 03 Jun 2023 19:27:47 GMT
Content-Length: 831
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Date: Sat, 03 Jun 2023 19:27:47 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 6 KB
3 KB 152ms
152ms Script
text/javascript 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 19:27:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 May 2023 18:01:56 GMT
Server: nginx
ETag: W/"64593914-17e9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sat, 10 Jun 2023 19:27:47 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkhyVTJfUDhCTGt0RmVJczVIUDJ0cmtWYU9ZeVgwRW1nSUN0TjlnVFU0dEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMKSTapZtjnXG1ElcdF2T9k&google_cver=1

70 B
440 B

192ms
192ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMKSTapZtjnXG1ElcdF2T9k&google_cver=1
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 03 Jun 2023 19:27:48 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMKSTapZtjnXG1ElcdF2T9k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=8c501aff-e98e-41f4-85d1-b4cf93644468&bid=1e2n4ou

70 B
440 B

144ms
143ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8c501aff-e98e-41f4-85d1-b4cf93644468&bid=1e2n4ou
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 03 Jun 2023 19:27:47 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=8c501aff-e98e-41f4-85d1-b4cf93644468&bid=1e2n4ou
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u
https://ps.eyeota.net/match?uid=8754088516670778769&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

138ms
137ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8754088516670778769&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 03 Jun 2023 19:27:49 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Sat, 03 Jun 2023 19:27:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.82; 91.239.206.82; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 90b4fee5-58b2-40e9-8b40-100369ffbd90
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ps.eyeota.net/match?uid=8754088516670778769&bid=2cr76e1&referrer_pid=51md42u
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?bid=7vi0rg0&uid=ab1b647b-9434-4900-b28a-1d8d5c3106f2&referrer_pid=51md42u

70 B
440 B

584ms
421ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=7vi0rg0&uid=ab1b647b-9434-4900-b28a-1d8d5c3106f2&referrer_pid=51md42u
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 03 Jun 2023 19:27:48 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Sat, 03 Jun 2023 19:27:47 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x15 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://ps.eyeota.net/match?bid=7vi0rg0&uid=ab1b647b-9434-4900-b28a-1d8d5c3106f2&referrer_pid=51md42u
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 03 Jun 2023 19:27:46 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://eyeota-match.dotomi.com/match/bounce/current?networkId=41703&version=1&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY
https://eyeota-match.dotomi.com/match/bounce/current?DotomiTest=7efafb18d18d1f9b&is_secure=true&networkId=41703&version=1&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY
https://ps.eyeota.net/match?bid=r8d1b20&uid=AAANCienlMlWZwN0SQVSAAAAAAA&expiration=1685906868&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY&is_secure=true

70 B
440 B

139ms
138ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8d1b20&uid=AAANCienlMlWZwN0SQVSAAAAAAA&expiration=1685906868&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY&is_secure=true
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 03 Jun 2023 19:27:49 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:48 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://ps.eyeota.net/match?bid=r8d1b20&uid=AAANCienlMlWZwN0SQVSAAAAAAA&expiration=1685906868&nuid=2ekVg3RAtgovrDfxmBig0u4zmQ-h00PHIW1M6T1UXLkY&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3 200 MERCARI-LOGO.png
mandowndevice.com/wp-content/uploads/2021/08/ 3 KB
3 KB 143ms
142ms Image
image/png 172.66.43.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandowndevice.com/wp-content/uploads/2021/08/MERCARI-LOGO.png
Requested by: Host: mandowndevice.com
URL: https://mandowndevice.com/wp-content/cache/wpfc-minified/212eixb4/7u2g5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96b363dd2baeb1591ed7c3917a5a8000301b0c61f19ad55ef732211300a9fa6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://mandowndevice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:27:49 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Oct 2022 20:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23911
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPXbu2uxJENzcjri9VlpMnojKKRiFRPRXKAgCM018H6uhZ%2B5OegA9pBF%2BEV%2F5dDEuPCrwa8hdDRqBmitMq9BbylHGzrwMgWonKRFxh42XPapY%2FOBdCyUl4HQifm63hSG8%2F4BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 7d1a55ed8beebb4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3014
expires: max-age=A10368000, public

GET
H/1.1 200
OK beacon Show response
ce.lijit.com/ Frame 38A0 4 KB
2 KB 146ms
146ms Document
text/html 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 9af6b3c7224b0fd87cfb600cd4ff046d32effa3506a8dfa928c0a53c4c00ee0c

Request headers

Referer: https://mandowndevice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding: gzip
Content-Length: 983
Content-Type: text/html
Date: Sat, 03 Jun 2023 19:27:49 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Vary: Accept-Encoding, User-Agent
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 38A0
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=83&3pid=LIGDZBNJ-19-H9FD&gdpr=0

43 B
2 KB

145ms
145ms

Image
image/gif

216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=83&3pid=LIGDZBNJ-19-H9FD&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 19:27:50 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=83&3pid=LIGDZBNJ-19-H9FD&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2

403

pixel
cm.g.doubleclick.net/ Frame 38A0
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0

0
0

148ms
147ms

Image
text/html

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: H2
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Sat, 03 Jun 2023 19:27:49 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 p-CXt61zNBpKUt1.gif
cms.quantserve.com/pixel/ Frame 38A0 35 B
373 B 438ms
141ms Image
image/gif 91.228.74.208

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=

Requested by

Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.208 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET

cm
p.rfihub.com/ Frame 38A0
Redirect Chain

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent=

0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 38A0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=92&3pid=8754088516670778769&gdpr=0&gdpr_consent=

43 B
1 KB

147ms
147ms

Image
image/gif

216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=92&3pid=8754088516670778769&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 19:27:49 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sat, 03 Jun 2023 19:27:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.82; 91.239.206.82; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bc22fee2-e352-401d-a827-033111905fdc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ce.lijit.com/merge?pid=92&3pid=8754088516670778769&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET rmpssp
sync.1rx.io/usersync2/ Frame 38A0 0
0

GET

merge
ce.lijit.com/ Frame 38A0
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=GwWvpSZHiNAyG6yVTMqur_vL&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:c2c4f655a92d5a9aeb4759a937bb3da2

0
0

GET

merge
ce.lijit.com/ Frame 38A0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=dMg6zP4IH404&ev=1&pid=558511&gdpr_consent=&gdpr=0

0
0

GET svr
match.prod.bidr.io/cookie-sync/ Frame 38A0 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 38A0
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0

170 B
243 B

144ms
144ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0

Requested by

Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 19:27:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 03 Jun 2023 19:27:49 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 38A0 0
0

GET cm-notify
creativecdn.com/ Frame 38A0 0
0

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 38A0 0
0

GET sovrn
tr.blismedia.com/v1/api/sync/ Frame 38A0 0
0

GET sync
rtb.mfadsrvr.com/ Frame 38A0 0
0

GET generic
data.adsrvr.org/track/cmf/ Frame 38A0 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame 38A0 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F589 16 KB
6 KB 590ms
303ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ce.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=134699
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 19:27:49 GMT
expires: Mon, 05 Jun 2023 08:52:48 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 040D 16 KB
6 KB 514ms
228ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ce.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=134699
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 03 Jun 2023 19:27:49 GMT
expires: Mon, 05 Jun 2023 08:52:48 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cm
us-u.openx.net/w/1.0/ Frame 15D8
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...

0
0

167ms
166ms

Document
text/html

34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://ce.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 463
content-type: text/html
date: Sat, 03 Jun 2023 19:27:50 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 03 Jun 2023 19:27:49 GMT
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 040D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent=

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=84&3pid=c:c2c4f655a92d5a9aeb4759a937bb3da2

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=49&3pid=dMg6zP4IH404&ev=1&pid=558511&gdpr_consent=&gdpr=0

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=

Domain: tr.blismedia.com
URL: https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=

Domain: data.adsrvr.org
URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62824720&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 13:00:12	Name: _li_ss Value: CgsKCQj_____BxClFQ
.mandowndevice.com/	1970-01-20 14:26:36	Name: _gcl_au Value: 1.1.2100289987.1685820460
.mandowndevice.com/	1970-01-20 21:53:00	Name: _ga_BFWEZT5XCV Value: GS1.1.1685820460.1.0.1685820460.0.0.0
mandowndevice.com/	1970-01-20 21:02:36	Name: HstCfa4723098 Value: 1685820460648
mandowndevice.com/	1970-01-20 21:02:36	Name: HstCla4723098 Value: 1685820460648
mandowndevice.com/	1970-01-20 21:02:36	Name: HstCmu4723098 Value: 1685820460648
mandowndevice.com/	1970-01-20 21:02:36	Name: HstPn4723098 Value: 1
mandowndevice.com/	1970-01-20 21:02:36	Name: HstPt4723098 Value: 1
mandowndevice.com/	1970-01-20 21:02:36	Name: HstCnv4723098 Value: 1
mandowndevice.com/	1970-01-20 21:02:36	Name: HstCns4723098 Value: 1
.mandowndevice.com/	1970-01-20 12:18:26	Name: _gid Value: GA1.2.497748594.1685820461
.mandowndevice.com/	1970-01-20 12:17:00	Name: _gat_gtag_UA_154058957_1 Value: 1
.mandowndevice.com/	1970-01-20 21:53:00	Name: _ga_6R5RGK6XSR Value: GS1.1.1685820460.1.0.1685820460.0.0.0
.mandowndevice.com/	1970-01-20 21:53:00	Name: _ga Value: GA1.1.1099303127.1685820461
.dtscout.com/	1970-01-20 12:17:05	Name: m Value: 1
.dtscout.com/	1970-01-20 12:17:14	Name: oa Value: 1
.dtscout.com/	1970-01-20 14:41:00	Name: df Value: 1685820462
.dtscout.com/	1970-01-20 14:25:10	Name: l Value: 10401685820462C86793C84E334EBB2D
.mandowndevice.com/	1970-01-20 14:22:17	Name: __dtsu Value: 10401685820462C86793C84E334EBB2D
.onaudience.com/	1970-01-20 21:02:36	Name: cookie Value: 65f1654fc72980bd
.onaudience.com/	1970-01-20 12:18:26	Name: done_redirects147 Value: 1
.dtscdn.com/	1970-01-20 16:34:46	Name: uid Value: 10401685820462C86793C84E334EBB2D
.crwdcntrl.net/	1970-01-20 18:45:46	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 18:45:46	Name: _cc_id Value: e26571a5cc300ac806051a560c4cc1c0
.adsrvr.org/	1970-01-20 21:04:02	Name: TDID Value: 8c501aff-e98e-41f4-85d1-b4cf93644468
.onaudience.com/	1970-01-20 12:18:26	Name: done_redirects282 Value: 1
.lijit.com/	1970-01-20 21:02:36	Name: ljt_reader Value: GwWvpSZHiNAyG6yVTMqur_vL
.bluekai.com/	1970-01-20 16:40:31	Name: bku Value: wXT99eYDKtEpKtx/
.bluekai.com/	1970-01-20 16:40:31	Name: bkpa Value: KJy9cyeQd02pSUHknpD0BpA8wtkAwE90jeJM1M/y1VDlRED8RZDe9/l8YnX=
.simpli.fi/	1970-01-20 21:04:02	Name: suid Value: 1919D9C432E94D49A2D141227644FB51
.lijit.com/	1970-01-20 21:02:36	Name: _ljtrtb_2 Value: 1919D9C432E94D49A2D141227644FB51
.liadm.com/	1970-01-20 21:53:00	Name: lidid Value: c8770be4-b7f3-4110-91fa-789cbc1af84d
.lijit.com/	1970-01-20 21:02:36	Name: ljtrtb Value: eJyrVjJSslIytDS0dLF0NjE2crU0cTGxdDRyMTQxNDIyNzMxcXMyNVSqBQC00wjx
.lijit.com/	1970-01-20 21:02:36	Name: _ljtrtb_5001 Value: e26571a5cc300ac806051a560c4cc1c0
.eyeota.net/	1970-01-20 21:04:02	Name: mako_uid Value: 18882bae897-1dd30000010f4505
.eyeota.net/	1970-01-20 12:17:01	Name: SERVERID Value: 17669~DM
.adsrvr.org/	1970-01-20 21:04:02	Name: TDCPM Value: CAEYASABKAIyCwikmL-B65zyOxAFOAFaBmV5ZW90YWAC
.doubleclick.net/	1970-01-20 21:53:00	Name: IDE Value: AHWqTUm93ObZKC_-bEzkPIt85C3dv67CW2DtZOes1QOEjwxOsfxCRNeTxVxIZyCafMI
.mathtag.com/	1970-01-20 21:42:55	Name: uuid Value: ab1b647b-9434-4900-b28a-1d8d5c3106f2

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/mandowndevice.com/client.json?source=jsmain Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/mandowndevice.com/client.json?source=jsinline Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3dXdnBTWkhpTkF5RzZ5VlRNcXVyX3ZM&gdpr=0 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.pubmatic.com
ap.lijit.com
bcp.crwdcntrl.net
cdn.ywxi.net
ce.lijit.com
cm.g.doubleclick.net
cmp.seersco.com
cms.quantserve.com
creativecdn.com
data-beacons.s-onetag.com
data.adsrvr.org
e.dtscout.com
eyeota-match.dotomi.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
image6.pubmatic.com
mandowndevice.com
match.adsrvr.org
match.prod.bidr.io
onetag-geo.s-onetag.com
p.rfihub.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
ps.eyeota.net
rtb.mfadsrvr.com
s10.histats.com
s3-us-west-2.amazonaws.com
s4.histats.com
stags.bluekai.com
sync.1rx.io
sync.mathtag.com
t.dtscdn.com
t.dtscout.com
tr.blismedia.com
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.ge
www.googletagmanager.com
aax-eu.amazon-adsystem.com
ce.lijit.com
creativecdn.com
data.adsrvr.org
image6.pubmatic.com
match.prod.bidr.io
p.rfihub.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
rtb.mfadsrvr.com
sync.1rx.io
tr.blismedia.com
104.22.4.254
104.26.13.60
107.21.42.231
107.21.45.226
108.138.36.58
141.101.120.11
141.94.171.215
142.250.181.227
142.250.184.228
142.250.185.162
142.250.185.174
142.250.186.168
142.250.186.34
149.56.240.128
172.217.16.195
172.66.43.35
18.164.52.93
18.66.192.108
18.66.192.56
185.29.132.245
2.23.197.190
216.52.2.16
216.52.2.91
23.35.236.201
3.124.210.90
3.33.220.150
34.91.62.186
34.98.64.218
37.252.171.52
52.211.49.201
52.58.239.147
52.92.152.144
69.173.144.165
89.207.16.137
91.228.74.208
0780b2f6d0e57e939751b3e65496ca032d08971f44d3e3692f2d1296d62fdf25
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
19d3d76cdb80b238c78f9499c10f89359865ab788a151e4940285742aa989dd6
19f1770f19ed743a4e398229c604c4e4a9ccc67c55093d2196d10bce7a91a140
20c671f429b9b8cd7bb516cc249b888506ffba9c295d33e8b8af39ade53dd9a1
20cca9b37eb1803d003db9a0f89a948c8c6e0cc04e55f55d7b0bd8b799138d3d
233a9df8a4548b8992f762f997c28161155487669e237324adb830678ac3ca22
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2634468b6f06bee6e1f2cfab6d7756209ce0532e2414148a5841b6428662f98b
267c4408afac4eb1a40e54d12acadad4cd265f66782a519a3b70ce417729197d
2a00db517c379d384c9d087bc2dff754668e2f68fa5fddd85ec839f87b7c73a4
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
320fb7e771568759087a963cc5d33a8d88897f498ee0b67ad1adb2ef320d2a16
3d16575465418287167b97b9961a85c510017857a8bfdeba4a86cdb702a2c527
46385964366dcbc521123c84c4900a51e53ee05b0879ca3f84c8d51051c1445f
49d79c118c5b756eb124a924c3392920067989ac7209e7e552a9484f4b2eaf28
5d355460345f5a714b5a7acda5872ffc30e7f0f4682b3dabdb0ef40132da40a3
607eb42162512af73de673e5529e0f752efc846afd3cd75ca794af1ddc2f3d00
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332
6212758098dc8958246b4f4c264e451eee167e7f31c0493502acf5929ec4dc30
6b64e6329a8ce4c826501024573473733ea7b3e35d4afcacfb407c94e79c20d4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
8123fbf05ecbef76f0204070a6147fcdc75680566bcb137acebcb2515bd241ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848ab0606ac645b25b606f0a803544be30bb224ae058576bec7e4241863a28f5
87c35a9091f97271c0034ba8e825c9f175b6b1c5fdf2cbb16176a99b8eba5ec8
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
9660e6a93962b6f4f25442b15cf96a2b21194d5433172910f51410be258ebbca
9af6b3c7224b0fd87cfb600cd4ff046d32effa3506a8dfa928c0a53c4c00ee0c
9b6384a0a2cf80245e4e87dca520dec15d9b13b415dedf312289d8814c7558bf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5bf7103a913c517d20c996abfca950b0364ea4731145082ba5d5c2cf86e1b42
a624ca1165f6102fc56a808217156c9446899681710996cfd597026e09a000c9
a96b363dd2baeb1591ed7c3917a5a8000301b0c61f19ad55ef732211300a9fa6
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c4ec8c2daae54ed4dd8bfdfbb02cf4d360c077ac295038d74d6daa54b08d46b8
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce4714944663ab66446464e544e69808450bee9d0332659795eacea5751fc4f2
cfedd6917436ae2bcccd99fa6041f01e1f351e336d3c8c69c931bfa072b92ee8
d070e103499a84f2f1bed1666ec5c4a2e9161fea79feaa8fa84666df6b81bddb
d112215ab9192450d12b9e9c8c6272f0abdfd396d55829fb464014a09c4ce0ed
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668cb8852a89f55bada26ce243f717b247a2471fbd9541b8dcd33d404bd4ff
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f877c767373322f9cfde5c4607288b21032b84f85fda025455cb5627ea3e10ca
fe4f5b47aa32d5edc4a2f1f6ba099b8da9d757f914e9804e50b1e8b37809eeba

mandowndevice.com Open in urlscan Pro 172.66.43.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

65 %HTTPS

0 %IPv6

37 Domains

47 Subdomains

28 IPs

8 Countries

929 kBTransfer

2108 kBSize

39 Cookies

0 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mandowndevice.com Open in urlscan Pro
172.66.43.35 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

65 %
HTTPS

0 %
IPv6

37
Domains

47
Subdomains

28
IPs

8
Countries

929 kB
Transfer

2108 kB
Size

39
Cookies

82 HTTP transactions
0 data transactions