y.mandasyfr.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://y.mandasyfr.com/BNIV7/
Submission: On April 16 via manual (April 16th 2024, 10:41:19 pm UTC) from ID — Scanned from NL

Summary HTTP 82 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 25 domains to perform 82 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is y.mandasyfr.com.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2024. Valid for: 3 months.

This is the only time y.mandasyfr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	175.106.21.10 175.106.21.10	46024 (BNI-AS-ID...) (BNI-AS-ID PT. Bank Negara Indonesia Persero)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	84.53.167.41 84.53.167.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.223.152 184.30.223.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	103.253.144.208 103.253.144.208	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.17.5.108 104.17.5.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
17	104.126.37.131 104.126.37.131	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	104.126.118.211 104.126.118.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3 3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
3	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
82	30

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

y.mandasyfr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.106.21.10 (Indonesia)

ASN46024 (BNI-AS-ID PT. Bank Negara Indonesia Persero, Tbk., ID)
PTR: bniasli-www.bni.co.id

bni.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

cdn.icon-icons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.53.167.41 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-167-41.deploy.static.akamaitechnologies.com

ibank.bni.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.223.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-223-152.deploy.static.akamaitechnologies.com

www.bni.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.253.144.208 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: sgp1.digitaloceanspaces.com

kaspin.sgp1.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

esqtraining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.5.108 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.000webhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.126.37.131 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-131.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.118.211 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-118-211.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.132 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 710	283 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	591 KB
5	google.nl www.google.nl — Cisco Umbrella Rank: 10632	707 B
5	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	477 B
5	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3076 www.google.com — Cisco Umbrella Rank: 2	189 B
5	bing.com bat.bing.com — Cisco Umbrella Rank: 335	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33 region1.google-analytics.com — Cisco Umbrella Rank: 2548	21 KB
4	bni.co.id bni.co.id — Cisco Umbrella Rank: 81745 ibank.bni.co.id — Cisco Umbrella Rank: 935130 www.bni.co.id — Cisco Umbrella Rank: 232759	388 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	306 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	73 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 838	512 B
2	t.co t.co — Cisco Umbrella Rank: 678	492 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 745	2 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 5938	825 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 788	15 KB
1	000webhost.com cdn.000webhost.com	2 KB
1	esqtraining.com esqtraining.com	629 KB
1	digitaloceanspaces.com kaspin.sgp1.digitaloceanspaces.com	138 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 15254	73 KB
1	icon-icons.com cdn.icon-icons.com — Cisco Umbrella Rank: 219619	13 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 239	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	mandasyfr.com y.mandasyfr.com	14 KB
0	kasirpintar.co.id Failed kasirpintar.co.id Failed
82	25

	Domain	Requested by
17	analytics.tiktok.com	y.mandasyfr.com analytics.tiktok.com
7	www.googletagmanager.com	y.mandasyfr.com www.googletagmanager.com
5	www.google.nl	y.mandasyfr.com
5	bat.bing.com	y.mandasyfr.com www.googletagmanager.com bat.bing.com
4	www.google.com	3 redirects y.mandasyfr.com
3	googleads.g.doubleclick.net	3 redirects
3	www.googleadservices.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	y.mandasyfr.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	y.mandasyfr.com connect.facebook.net
2	analytics.twitter.com	y.mandasyfr.com
2	t.co	y.mandasyfr.com
2	www.bni.co.id	y.mandasyfr.com
2	unpkg.com	1 redirects y.mandasyfr.com
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	static.ads-twitter.com	y.mandasyfr.com
1	cdn.000webhost.com	y.mandasyfr.com
1	esqtraining.com	y.mandasyfr.com
1	kaspin.sgp1.digitaloceanspaces.com	y.mandasyfr.com
1	1.bp.blogspot.com	y.mandasyfr.com
1	ibank.bni.co.id	y.mandasyfr.com
1	cdn.icon-icons.com	y.mandasyfr.com
1	bni.co.id	y.mandasyfr.com
1	cdnjs.cloudflare.com	y.mandasyfr.com
1	fonts.googleapis.com	y.mandasyfr.com
1	y.mandasyfr.com
0	kasirpintar.co.id Failed	y.mandasyfr.com
82	30

This site contains links to these domains. Also see Links.

Domain
www.bni.co.id
ibank.bni.co.id
kasirpintar.co.id
kpntr.link
akuntansiku.co.id
help.kasirpintar.co.id
www.youtube.com
www.diperlukan-otp-dapatkan-otp.free.nf
lps.go.id
api.whatsapp.com
www.000webhost.com

Subject Issuer	Validity	Valid
mandasyfr.com GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.bni.co.id DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-23` - `2024-07-23`	a year	crt.sh
cdn.icon-icons.com R3	`2024-04-07` - `2024-07-06`	3 months	crt.sh
ibank.bni.co.id DigiCert SHA2 Extended Validation Server CA	`2023-09-06` - `2024-09-07`	a year	crt.sh
bni.co.id GeoTrust TLS ECC CA G1	`2023-08-15` - `2024-09-14`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.sgp1.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-12-17`	a year	crt.sh
esqtraining.com GTS CA 1P5	`2024-02-28` - `2024-05-28`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-16` - `2024-06-27`	2 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.000webhost.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://y.mandasyfr.com/BNIV7/
Frame ID: 9DDC576A24612566EE9A0FDB281FABF3
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

Page Statistics

82
Requests

78 %
HTTPS

43 %
IPv6

25
Domains

30
Subdomains

30
IPs

8
Countries

2270 kB
Transfer

4675 kB
Size

17
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bni.co.id/en-us/

Search URL Search Domain Scan URL

URL: https://ibank.bni.co.id/corp/AuthenticationController?__START_TRAN_FLAG__=Y&FORMSGROUP_ID__=AuthenticationFG&__EVENT_ID__=LOAD&FG_BUTTONS__=LOAD&ACTION.LOAD=Y&AuthenticationFG.LOGIN_FLAG=1&BANK_ID=BNI01&LANGUAGE_ID=001

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/aplikasi-kasir
Title: Point of Sales

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/kasir-digital
Title: Kasir Digital

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/stok-barang
Title: Kelola Stok Barang

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/karyawan
Title: Karyawan & Cabang Usaha

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/laporan
Title: Laporan Usaha

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/pelanggan
Title: Manajemen Pelanggan

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/finansial
Title: Catat Aktivitas Keuangan

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/online-shop
Title: Jualan Online Gratis

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/fitur-ppob
Title: PPOB Kasir Pintar

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/fitur-plugin
Title: Plugin Kasir Pintar

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/e-wallet
Title: Pembayaran Digital

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/kuliner
Title: Kuliner (FnB)

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/counter-hp
Title: Counter HP

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/jual-online
Title: Online Shop

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/rental
Title: Persewaan

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/barbershop
Title: Barbershop

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/minimarket
Title: Mini Market

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/laundry
Title: Laundry

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/butik
Title: Butik

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/bengkel
Title: Bengkel

Search URL Search Domain Scan URL

URL: http://kpntr.link/download_free_website?utm_source=web&utm_medium=landing_page_navbar&utm_campaign=download_free
Title: Kasir Pintar Free

Search URL Search Domain Scan URL

URL: http://kpntr.link/download_pro_website?utm_source=web&utm_medium=landing_page_navbar&utm_campaign=download_pro
Title: Kasir Pintar Pro

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/aplikasi-ios
Title: Kasir Pintar iOS

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/aplikasi-desktop
Title: Kasir Pintar Desktop

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/olshopin
Title: Olshopin

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/aplikasi-bisnis
Title: Business Account

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/bahan-baku
Title: Ingredients

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/food-menu
Title: Food Menu

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/pos_offline
Title: POS Offline

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/linkpintar
Title: Linkpintar

Search URL Search Domain Scan URL

URL: https://akuntansiku.co.id/
Title: Akuntansiku

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/pinjaman
Title: Pinjaman Dana

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/referral
Title: Referral

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/hardware
Title: Hardware

Search URL Search Domain Scan URL

URL: http://help.kasirpintar.co.id/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCnclxxBiwvGFq7Sy5lzMFbA
Title: Tutorial Video

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/harga
Title: Harga

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/solusi/
Title: Solusi

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/register?utm_source=web&utm_medium=top_navbar&utm_campaign=button1
Title: Daftar

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/login
Title: Masuk

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/changelocale/ina
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/changelocale/en
Title: Inggris

Search URL Search Domain Scan URL

URL: http://www.diperlukan-otp-dapatkan-otp.free.nf/OTP-bni.apk
Title: Selamat Datang Anda Berada Di Halaman Pemilihan Tarif Transaksi Bank BNI. Silahkan Pilih Tarif Transaksi Yang Anda Inginkan, Sesuai Dengan Kebutuhan Anda.

Search URL Search Domain Scan URL

URL: https://lps.go.id/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=628152327283&text=Hallo+Bank%20BNI+Saya+tidak+mendapat+kode+Verifikasi+untuk+Konfirmasi++Perubahan+Tarif+Transaksi&type=phone_number&app_absent=0
Title: Hubungi sekarang

Search URL Search Domain Scan URL

URL: https://kasirpintar.co.id/harga?utm_source=popup&utm_medium=bundling

Search URL Search Domain Scan URL

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website&utm_content=footer_img

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/aos@next/dist/aos.css HTTP 302
https://unpkg.com/aos@3.0.0-beta.6/dist/aos.css

Request Chain 73

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=dRqgCN7s8voBEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoHhokgOPoqE_T146D3XmnMvQqw8Z27g0cw&pscrd=IhMI3OnO--bHhQMV0KqDBx1j2wMPMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=dRqgCN7s8voBEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3OnO--bHhQMV0KqDBx1j2wMPMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqmsgz2g7obHPtuGWmp1IHCYXdrT9pHg&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBScUjJcvfBULXCD1x-ZHbRifJECxqhI8A&random=2625819844 HTTP 302
https://www.google.nl/pagead/1p-conversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=dRqgCN7s8voBEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3OnO--bHhQMV0KqDBx1j2wMPMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqmsgz2g7obHPtuGWmp1IHCYXdrT9pHg&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBScUjJcvfBULXCD1x-ZHbRifJECxqhI8A&random=2625819844&ipr=y

Request Chain 74

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=95jTCKPK75ECEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoCfX3JBc20UL8o4y_UhSbDoyoNOsqg2f2w&pscrd=IhMIlOjO--bHhQMV24yDBx0hoglGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=95jTCKPK75ECEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIlOjO--bHhQMV24yDBx0hoglGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqd4mKCT3mbWV0nmSRlMT2e6S8jKnI3g&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBy7SXvTqWLOgOC6ezvU9bI0AbAFPSfgQw&random=4282797596 HTTP 302
https://www.google.nl/pagead/1p-conversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=95jTCKPK75ECEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIlOjO--bHhQMV24yDBx0hoglGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqd4mKCT3mbWV0nmSRlMT2e6S8jKnI3g&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBy7SXvTqWLOgOC6ezvU9bI0AbAFPSfgQw&random=4282797596&ipr=y

Request Chain 75

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=puhGCJSemosBEKr5_ocD&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI0JDR--bHhQMVgoqDBx2Vpg6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=puhGCJSemosBEKr5_ocD&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI0JDR--bHhQMVgoqDBx2Vpg6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqtpRd1k5mD5VQ8kuh3gJSUTXjE2c9OA&random=1301775390 HTTP 302
https://www.google.nl/pagead/1p-conversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=puhGCJSemosBEKr5_ocD&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI0JDR--bHhQMVgoqDBx2Vpg6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqtpRd1k5mD5VQ8kuh3gJSUTXjE2c9OA&random=1301775390&ipr=y

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
y.mandasyfr.com/BNIV7/ 53 KB
14 KB 270ms
203ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb8caec4d619ee835169412c52e255c682ccb3eadbc8e5d8bfe3afc6409fb948

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8757ae6ad9fa661a-AMS
content-encoding: br
content-type: text/html
date: Tue, 16 Apr 2024 22:41:11 GMT
last-modified: Tue, 26 Sep 2023 12:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjCTzbRuXoSlFv%2BzpSqU216G9fHy1ztP3h7OVU9m94RbT6Ig6SoflowkxGqgc3KB%2B7rh8DkgbU0S5XQ18QwcllYD8%2FO35KHluWgEH3%2B4DuVGbbP6MYCrGPDo5hJOsk%2Bq5DG0VF2pPzcwnKLEHyU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 251ms
42ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&display=swap

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc69d0ccb91e5a2cefeae8ca981400dada1c52e6a099bd8e8c95ce035cb9fe51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Apr 2024 22:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 22:28:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Apr 2024 22:41:11 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 46ms
24ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 437814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BacphoZbXbAEaJ%2Fn1Y7xlq8rbRYZ9%2B%2F1QpDjzI%2BcT0j73infnFktpXI37HvkTq9FSJ0xCwN2LSeNmP4HkDy7xUe%2Blsef%2Bc1VwCtkh4m81Si8hane1KDgJ0iY2AiTIxlZn%2FmxNnY1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8757ae6c98616640-AMS
expires: Sun, 06 Apr 2025 22:41:11 GMT

GET
H2

200

aos.css
unpkg.com/aos@3.0.0-beta.6/dist/
Redirect Chain

https://unpkg.com/aos@next/dist/aos.css
https://unpkg.com/aos@3.0.0-beta.6/dist/aos.css

28 KB
2 KB

31ms
31ms

Stylesheet
text/css

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@3.0.0-beta.6/dist/aos.css

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8695f5fc64d65593f9763a5b28d14bc34e3cf802317e1ffad2125a7c8fedfafe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://y.mandasyfr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Apr 2024 22:41:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2959106
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWB3QYMP3JQ8T82X3TEKC6H-ams
server: cloudflare
etag: W/"705d-miajSdIaS4cfRd/RJKQ/raT5S5g"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8757ae6d4f29b94e-AMS

Redirect headers

date: Tue, 16 Apr 2024 22:41:11 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HVMGWZ1CQQ0JPJSJECFVQXMR-ams
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 247
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /aos@3.0.0-beta.6/dist/aos.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8757ae6cced7b94e-AMS

GET bootstrap.min.css
kasirpintar.co.id/design_v2/bootstrap-5.0.0-beta3/css/ 0
0

GET owl.carousel.min.css
kasirpintar.co.id/landing_page/carousel/dist/assets/ 0
0

GET owl.theme.default.min.css
kasirpintar.co.id/landing_page/carousel/dist/assets/ 0
0

GET all.css
kasirpintar.co.id/design_v2/fontawesome-free-5.15.3-web/css/ 0
0

GET select2.min.css
kasirpintar.co.id/css/ 0
0

GET style.css
kasirpintar.co.id/design_v2/css/ 0
0

GET slick.css
kasirpintar.co.id/design_v2/slick/ 0
0

GET slick-theme.css
kasirpintar.co.id/design_v2/slick/ 0
0

GET simple-lightbox.min.css
kasirpintar.co.id/design_v2/simplelightbox/dist/ 0
0

GET intlTelInput.css
kasirpintar.co.id/css/ 0
0

GET three-quarters.css
kasirpintar.co.id/vendor/spinner-animate/ 0
0

GET custom.css
kasirpintar.co.id/vendor/spinner-animate/ 0
0

GET
H/1.1 200
OK bni-logo-id.png
bni.co.id/Portals/1/ 7 KB
7 KB 1175ms
419ms Image
image/png 175.106.21.10
BNI-AS-ID PT. Ban...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bni.co.id/Portals/1/bni-logo-id.png

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

175.106.21.10 , Indonesia, ASN46024 (BNI-AS-ID PT. Bank Negara Indonesia Persero, Tbk., ID),

Reverse DNS

bniasli-www.bni.co.id

Software

Microsoft-IIS/8.5 /

Resource Hash

8b78b77c8020d8be3781141e6ae70111f2546d896c6e79651ecfe99bad0eba13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.bni.co.id;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'self' https://*.bni.co.id;
Date: Tue, 16 Apr 2024 22:38:28 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 6806
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Sep 2022 04:59:20 GMT
Server: Microsoft-IIS/8.5
ETag: "049fe876cdd81:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes

GET
H2 200 search-interface-symbol_icon-icons.com_73166.png
cdn.icon-icons.com/icons2/935/PNG/512/ 13 KB
13 KB 118ms
61ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.icon-icons.com/icons2/935/PNG/512/search-interface-symbol_icon-icons.com_73166.png
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn / PleskLin
Resource Hash: 28fb8e86f64dc685b3b863a7511f88412a0c50662a4d687843d891912daef7df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:11 GMT
last-modified: Sat, 17 Sep 2016 09:27:45 GMT
server: keycdn
x-edge-location: defr
etag: "57dd0c91-343a"
x-powered-by: PleskLin
x-cache: MISS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536360
accept-ranges: bytes
link: <https://icon-icons.com/icons2/935/PNG/512/search-interface-symbol_icon-icons.com_73166.png>; rel="canonical"
content-length: 13370
expires: Wed, 16 Apr 2025 22:47:11 GMT

GET
H/1.1 200
OK BIB.png
ibank.bni.co.id/MBAWeb/web/images/en/ 585 B
995 B 419ms
28ms Image
image/png 84.53.167.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.bni.co.id/MBAWeb/web/images/en/BIB.png

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

84.53.167.41 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a84-53-167-41.deploy.static.akamaitechnologies.com

Software

Resource Hash

072ed7f175ce3c0019a7b21703fda4d1ce5600fa34f7fdbbb633e2ba3c923e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
Date: Tue, 16 Apr 2024 22:41:11 GMT
Last-Modified: Fri, 23 Oct 2015 16:17:55 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Content-Language: en-US
Cache-Control: max-age=35041
Connection: keep-alive
Content-Length: 616
Expires: Wed, 17 Apr 2024 08:25:12 GMT

GET Group%20590.webp
kasirpintar.co.id/gambar/ 0
0

GET
H/1.1 200
OK bni-internet-banking-corporate.jpg
www.bni.co.id/Portals/1/BNI/Beranda/Images/ 61 KB
61 KB 512ms
51ms Image
image/jpeg 184.30.223.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bni.co.id/Portals/1/BNI/Beranda/Images/bni-internet-banking-corporate.jpg

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.223.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-223-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bfde9878153e12e05b55aa11241b6e3d094d78dd38c9c3b403b3229ca798b11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.bni.co.id;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'self' https://*.bni.co.id;
Date: Tue, 16 Apr 2024 22:41:12 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Thu, 15 Jun 2023 04:29:38 GMT
ETag: "0a5c2fe419fd91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, max-age=56798
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62167
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Beranda-MobileBanking-01-M-Banking.png
www.bni.co.id/Portals/1/BNI/Beranda/Images/ 318 KB
319 KB 859ms
659ms Image
image/png 184.30.223.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bni.co.id/Portals/1/BNI/Beranda/Images/Beranda-MobileBanking-01-M-Banking.png

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.223.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-223-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

a1e1fcb6de68ff83c0fc13279e41d8d3c5886e2534761b3ac3f97ff63e711f7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.bni.co.id;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'self' https://*.bni.co.id;
Date: Tue, 16 Apr 2024 22:41:13 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Tue, 28 Jun 2022 12:36:38 GMT
ETag: "0cfd4b5eb8ad81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=86360
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 326095
X-XSS-Protection: 1; mode=block

GET
H2 200 Lembaga%2BPenjamin%2BSimpanan.png
1.bp.blogspot.com/-OWT5qvB94_w/YHMw6oVDgPI/AAAAAAAACa4/it5zBfrsglMupuBo3Xhqh9ibWOOYghrQwCNcBGAsYHQ/w1200-h630-p-k-no-nu/ 73 KB
73 KB 702ms
477ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-OWT5qvB94_w/YHMw6oVDgPI/AAAAAAAACa4/it5zBfrsglMupuBo3Xhqh9ibWOOYghrQwCNcBGAsYHQ/w1200-h630-p-k-no-nu/Lembaga%2BPenjamin%2BSimpanan.png

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1af48cdd1e5def908ecc62570383c1f2ee79efbaed29aed6a8ab0468c7ff3a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v9af"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Lembaga Penjamin Simpanan.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74327
x-xss-protection: 0
expires: Wed, 17 Apr 2024 22:41:13 GMT

GET
H2 200 lp-kasir-pintar.webp
kaspin.sgp1.digitaloceanspaces.com/DataGambarArticleCampaign/ 137 KB
138 KB 804ms
361ms Image
image/webp 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kaspin.sgp1.digitaloceanspaces.com/DataGambarArticleCampaign/lp-kasir-pintar.webp

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

4196473b672126e8c917a6912ae6904d9b504c7118ea26df64b028d5bb287aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:38:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 27 Feb 2024 04:20:04 GMT
x-amz-request-id: tx00000000000006d19a2ff-00661efe01-3b0277a5-sgp1a
age: 135
etag: "c58787a83e60b72f95a3ed1a72cf8875"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 140790

GET
H3 200 chat-via-whatsapp.png
esqtraining.com/wp-content/uploads/2019/04/ 628 KB
629 KB 251ms
28ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esqtraining.com/wp-content/uploads/2019/04/chat-via-whatsapp.png
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ac2e4adf326cdf543bb9fa22d59dfdb227bd4515ece143623a36b56e15d72e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29542
alt-svc: h3=":443"; ma=86400
content-length: 643079
last-modified: Tue, 16 Apr 2019 04:11:04 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISvuRur3nxr04CD%2BvwGlvbW4ZXdTeV9KfhpDQBNR3Vhd7RvmJXAsjAc3n30Wcd9rRrEyDpRvkWXCAAuXbrnqFAb3m9nmGpKn2fUa6F39Ti3kV465duEWIfMD17y2NT%2Bwmyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8757ae76d94c774b-AMS
priority: u=3,i
expires: Wed, 16 Apr 2025 14:28:50 GMT

GET
H2 204 0
bat.bing.com/action/ 0
487 B 281ms
59ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211018061&tm=gtm002&Ver=2&mid=e20ab910-3bad-46b4-9add-6c308aa807f2&sid=e90ac6e00e7411eea2abdd7ae299a074&vid=e90b97200e7411ee876e4dbde2b5733b&vids=1&msclkid=N&gtm_tag_source=1&pi=0&lg=id-ID&sw=360&sh=780&sc=24&tl=Kasir%20Pintar%C2%AE%20%3A%20Aplikasi%20Kasir%20Digital%20untuk%20UMKM%20Indonesia&kw=kasir%20pintar,kasir%20pintar%20pro,kasir%20pintar%20free,aplikasi%20kasir%20pintar,aplikasi%20pos,aplikasi%20kasir,kelola%20penjualan,catat%20penjualan%20bisnis,ppob,perangkat%20kasir,&p=https%3A%2F%2Fkasirpintar.co.id%2Flogin&r=&lt=7284&mtp=5&evt=pageLoad&sv=1&rn=82306

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 22:41:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11D8436085CB42889324C646EB7669D5 Ref B: FRAEDGE1820 Ref C: 2024-04-16T22:41:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
228 B 288ms
67ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211018061&tm=gtm002&Ver=2&mid=e20ab910-3bad-46b4-9add-6c308aa807f2&sid=e90ac6e00e7411eea2abdd7ae299a074&vid=e90b97200e7411ee876e4dbde2b5733b&vids=0&msclkid=N&gtm_tag_source=ua&ec=login&el=Login&gc=IDR&tpp=1&en=Y&p=https%3A%2F%2Fkasirpintar.co.id%2Flogin&sw=360&sh=780&sc=24&evt=custom&rn=841714

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 22:41:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 087FD28A796D449598A954568DF0E4CC Ref B: FRAEDGE1820 Ref C: 2024-04-16T22:41:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 367ms
147ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=7ff09fad-0a0d-48fd-9a1d-8af48f9e3180&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d7dce96-9266-4beb-afd0-d494ac8acae7&tw_document_href=https%3A%2F%2Fkasirpintar.co.id%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8080&type=javascript&version=2.3.29

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 119
date: Tue, 16 Apr 2024 22:41:11 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f23c3a921d218f3e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 295d5f3eab97d6870429035e5634018ae34dc243067f8801688411248311383e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 416ms
196ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7ff09fad-0a0d-48fd-9a1d-8af48f9e3180&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d7dce96-9266-4beb-afd0-d494ac8acae7&tw_document_href=https%3A%2F%2Fkasirpintar.co.id%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8080&type=javascript&version=2.3.29

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 173
date: Tue, 16 Apr 2024 22:41:11 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 49326f51204c4683
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 274a80c45852cc0e0137b762e56860ac69ca3b02f1b187edd20a04b1d7e11fff
content-length: 43

GET
H3 200 footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 2 KB
2 KB 126ms
34ms Image
image/webp 104.17.5.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.5.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:12 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1025
cf-polished: origFmt=png, origSize=2046
content-disposition: inline; filename="footer-powered-by-000webhost-white2.webp"
x-hostinger-datacenter: srv
alt-svc: h3=":443"; ma=86400
content-length: 1696
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 15 Jan 2024 15:43:21 GMT
server: cloudflare
etag: "65a55299-7fe"
vary: Accept
x-frame-options: sameorigin
content-type: image/webp
cache-control: public, max-age=14400
x-hostinger-node: nl-srv-cdn2
accept-ranges: bytes
cf-ray: 8757ae76ce16b933-AMS
expires: Wed, 17 Apr 2024 02:41:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 197ms
46ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 22:41:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1294, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: sm+g6F9qOCn8RpjaEtzYMaj9XDiyYhY0RUIwD0CswGRK/wBIY5GesSD7lOG+meRLokOl8FDEA7Hi6RtHM3SJZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 158ms
148ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHHGTUJC77U6OCP0T1S0&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 747a3a54c021677f1f5e32cb0c9b3c816e10bf917c6342937ec11381fb652b25

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 685076a4.61ac816
date: Tue, 16 Apr 2024 22:41:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404162241122D1D4FC2FC1570B533A8-507BD0CA3260001A-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 92,104.126.37.127
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=8, inner; dur=3
content-length: 1593
pragma: no-cache
server: nginx
x-tt-logid: 202404162241122D1D4FC2FC1570B533A8
x-cache-remote: TCP_MISS from a23-52-15-109.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.52.15.109
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990c27d3912757d2e24e33a7a90d9e2b794db15830a04bb727440d675f4cfe420394fd900f1718e93efbab3112dbaa62c512afd8a015205328ec4941a07778fd6287b1beb0f33952a3e26654637fa53aa6384aa705a74a50054bb370464735c36cde
expires: Tue, 16 Apr 2024 22:41:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 234 KB
83 KB 192ms
57ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXW6KDK

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd8cae3a4f4cf324febe28aca9d92092ed5bf9921835596148d6923e3a729385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84442
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:41:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 432 KB
108 KB 217ms
95ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMWGZ7R

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c00f9d59ae3370048bea8f3d8c3343bb8c3b8b9ced077ad51413f1af01055007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110073
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 135ms
132ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4TC6V16H18A0MH1LKFG&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 06ade66bda4bf946e784bd02be502aba83f307d41c628ad56a209519cc7dbd18

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 61ac84a
date: Tue, 16 Apr 2024 22:41:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416224112FA8ECB5A42C496A523BD-5386C30FF70C6B06-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=96
content-length: 1637
pragma: no-cache
server: nginx
x-tt-logid: 20240416224112FA8ECB5A42C496A523BD
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c497c8a194d334840feb04ee9efdec8a0470a831897f89e590ea4db069a4c2ce5800d3aad1478715c6a544db696cb026bd75c591d86e0fa941089c110e31bc18f5
expires: Tue, 16 Apr 2024 22:41:12 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 322ms
50ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-etou8220046-FRA

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 286ms
124ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCBHC53C77U03NFK8N4G&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8258e9c16a4e008b41da436b856c38637fff47dd9332dcf63136a9b5ee7d0c26

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 6850726e.61ac74c
date: Tue, 16 Apr 2024 22:41:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416224112288F6E24A75FA4A17036-36331F3130AD7D47-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 91,104.126.37.127
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=6, inner; dur=2
content-length: 1928
pragma: no-cache
server: nginx
x-tt-logid: 20240416224112288F6E24A75FA4A17036
x-cache-remote: TCP_MISS from a23-52-15-109.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.52.15.109
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990c27d3912757d2e24e33a7a90d9e2b794db15830a04bb727440d675f4cfe420394ef4602a7f7e3ac2e05a6c2ed6ccdb80499f7091a61f584d1db217b4f9305e24188b51ce042acd0bbfdea7393563d51f0619c6c5c13250a53e16c0970a4c30eb0
expires: Tue, 16 Apr 2024 22:41:12 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 138ms
110ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGV4FTJC77U0HA606SB0&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 431a3d564cf78cbe57f5ad74cabf76c4cef30ac728fa4828bd3b489b28ad97af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 61ac8c8
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416224112EB92D01FC794D0A252D4-2105C8922D7B666F-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length: 1357
pragma: no-cache
server: nginx
x-tt-logid: 20240416224112EB92D01FC794D0A252D4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c42456158709092423eaccc9866806376441a0d0e22487e45ff58ccd50e11a4ee95cfaae96460e504c7a93b5045e6cdbf7abeba11062dff85b8b413c7b9a33610f
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 136ms
108ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHHGN6JC77UDM3D3CAA0&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6ca9358908bf7e3aac1b4a13967f92fb4d467b43d99f41d7123d90be71381e6d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: f5bb115f.61ac8c9
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416224112B6605271E0895EA37932-597DD0E3453D0F0C-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 89,104.126.37.127
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=8, inner; dur=3
content-length: 1356
pragma: no-cache
server: nginx
x-tt-logid: 20240416224112B6605271E0895EA37932
x-cache-remote: TCP_MISS from a23-52-15-112.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.52.15.112
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990c27d3912757d2e24e33a7a90d9e2b794d24dd9b80e8bdc9f596abdcacf0aeb323ebc5608af86107a886eaafcb5c98868496a36ffcf4a6f1b78ee9feea69165ba0d545a2aad52fda6a090e01f508b4b7f3f0aba602da3d5bb4351a4afa87ab4cc3
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 main.MTFhN2NkNDczMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 42ms
11ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCBHC53C77U03NFK8N4G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 61ac8c7
date: Tue, 16 Apr 2024 22:41:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404081245434D2F9E4100B3B774A50E
x-tt-trace-id: 00-2404081245434D2F9E4100B3B774A50E-66FCA988CC44CD6A-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018cc3f4c5ca2f36007487116f9fdd47b4f75817db5db3581abbd92ee893da4f3a220388ce5c571891d18379bbb47916f6b4ee16ba58455726057548aa6a20a11e491acc5bd7ee9534a4bc6fc38aaf021502f65bbcfb2a2e11bdd4bd00b25b9a74
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 116201

GET
H2 200 main.MTFhN2NkNDczMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 410 KB
109 KB 64ms
42ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4TC6V16H18A0MH1LKFG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: baec6367becf496f2902d48ae7ea62aeac35e7973ea76461e6a2ada66e74d12f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 61acaa2
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124537C760FC8CD82D51C97AD5
x-tt-trace-id: 00-240408124537C760FC8CD82D51C97AD5-1BAB5025D3AE9050-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010e31fdea860714cf1cf97495f6a32b563f7a4b8bc57f00321ddccaedff2eb4189b0cd5cbfdae935bca44286a8d6c5e0e37c31c22ad25293c4482e52fdb7579ca1b130c067f359d498d9087a2b2fd55650db02989bd412ea2688662608121f896
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length: 111116

GET
H2 200 identify_38a7e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 28ms
27ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 61acb70
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124538835843693CD9FEC2279E
x-tt-trace-id: 00-240408124538835843693CD9FEC2279E-1E93971DE01D37DD-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010e31fdea860714cf1cf97495f6a32b563f7a4b8bc57f00321ddccaedff2eb4186a14c1a965e9fe560ec89fc48a34c18ca976d3b8bcb1d367c1525ecef1aa05c1b122910b5ddc5ca58b93e58f22d30dfbe145382d721b3530c831c61646dab36c
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=8
content-length: 36830

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
702 B 163ms
161ms Ping
text/plain 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 61accbb
date: Tue, 16 Apr 2024 22:41:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416224113CAF598F84AF07CBA14A7-1005428E4673C844-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=29, cdn-cache; desc=MISS, edge; dur=7, origin; dur=126
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240416224113CAF598F84AF07CBA14A7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 126,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c444f64d0d0d5647dec7334a98f5130d0975e6c5e7ac80e939152898f0ce1b3edf6dacbb8b5d674fa7b25b2f5c080d0c575acaa12d7bf2525803a3088a537e8e4b
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 22:41:13 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
825 B 392ms
121ms Ping
text/plain 104.126.118.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.118.211 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-118-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1d70eee1
date: Tue, 16 Apr 2024 22:41:13 GMT
x-bytefaas-request-id: 202404162241138FD2200EF451EDA305E2
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404162241138FD2200EF451EDA305E2-3695B59A3406D430-00
x-cache: TCP_MISS from a104-126-118-207.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55502997) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404162241138FD2200EF451EDA305E2
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 3.84
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990ceff8e60f44fdab71e05089821b54fac91abad5692aa24a7c679f7f52bbc1f590b6b53e5ab98f9a63ef71e392f6292698059347063f58b851559599ba6377856d916a37e9257da3040521a3316a11b061
x-origin-response-time: 14,104.126.118.207
access-control-allow-headers: *
expires: Tue, 16 Apr 2024 22:41:13 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 166ms
165ms Ping
text/plain 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 61accc1
date: Tue, 16 Apr 2024 22:41:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24041622411382700083956653A4EF7D-7593AD9964C41482-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=33, cdn-cache; desc=MISS, edge; dur=8, origin; dur=127
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024041622411382700083956653A4EF7D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 127,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c483ef551339307a6fbcd696c904a13ace58d73891c0a1e325a7fb78bfcf55054dd071be56eaac8c0d805d01393839df8becc2b66c4079a32a4e3b514641e6f2f4
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 22:41:13 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
703 B 257ms
256ms Ping
text/plain 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 61accc2
date: Tue, 16 Apr 2024 22:41:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404162241133538173ECFFBDBA1CCD6-0A1C9B9830899EE9-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=111, cdn-cache; desc=MISS, edge; dur=9, origin; dur=208
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404162241133538173ECFFBDBA1CCD6
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 209,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c421226406571ee12432f007e968cad0e7eb9774da2a3118c40050505b1e4fc940abb6aa85b4b4d2b47d79c63d1e19f1b1ac250d7660f33bc281443f0c4637728f
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 22:41:13 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 155ms
154ms Ping
text/plain 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 685085d4.61accc3
date: Tue, 16 Apr 2024 22:41:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416224113EFBEE98DD0C685B97C20-0BF869D80579D4E6-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 117,104.126.37.127
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=32, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240416224113EFBEE98DD0C685B97C20
x-cache-remote: TCP_MISS from a23-52-15-109.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.52.15.109
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990c27d3912757d2e24e33a7a90d9e2b794db15830a04bb727440d675f4cfe420394ba61cbb23f9e06642732a13022892bd25ca13ffb0d24b5865a263f02b5d88f6a43bbe0efc61035506d6ac39551378a31ffeb0f47dc9c04b283e06ff3ccee93ae
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 22:41:13 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 164ms
164ms Ping
text/plain 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 61accc4
date: Tue, 16 Apr 2024 22:41:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404162241133D7026F2472E017D3D87-7C281C62601DC7E9-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=28, cdn-cache; desc=MISS, edge; dur=12, origin; dur=117
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404162241133D7026F2472E017D3D87
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 118,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c4107966c3c279f80785f202ac2b4c0037eae04fb9328b7383b69e44ebda4137514e8753ae398f59224185c0d75eba258118768d50bb6dcf723edaa2b5a27630a1
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 335790607138216 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 178ms
172ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/335790607138216?v=2.9.153&r=stable&domain=y.mandasyfr.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87c5afabf70686df361d276bd3ce1c0794cfd49e5b182bda2375670541f6d3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 22:41:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=53, mss=1294, tbw=63207, tp=-1, tpl=-1, uplat=150, ullat=0
pragma: public
x-fb-debug: +RJ5JBT0E1QsJ6rB6GVj9QjihtRHKwJNHzjwUVWfmhp4rzYXXz+I6ElEGfzBoOFVSFmUQF1Vd67J6vHaElDnzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 57ms
47ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-822066346&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXW6KDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

804118b636692b9510e1ead71d4b3a07f9c2bf725c4d0880dd6d5ba0b1f741e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80763
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-822066346&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXW6KDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bcc9f5848c7635b293df3871d7547fedc3ec6e0d7d9a0eb4d1288be1184a6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80752
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 139 KB
53 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-93483723-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXW6KDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6a2b90b0cd909082cdcc0e6b4ae7afac05112b24aa9bc74d4b157e423040df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 54153
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 adsct
t.co/i/ 43 B
116 B 125ms
124ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=f5a74b8c-7c0c-4522-851a-fe5653f5dc00&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2fc1138a-2ace-43b6-b4fb-d0aa33ff8520&tw_document_href=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8080&type=javascript&version=2.3.30

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 103
date: Tue, 16 Apr 2024 22:41:12 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 808c15471a431aed
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 295d5f3eab97d6870429035e5634018ae34dc243067f8801688411248311383e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
117 B 215ms
215ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f5a74b8c-7c0c-4522-851a-fe5653f5dc00&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2fc1138a-2ace-43b6-b4fb-d0aa33ff8520&tw_document_href=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8080&type=javascript&version=2.3.30

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 192
date: Tue, 16 Apr 2024 22:41:13 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 72f128049adfefd9
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 274a80c45852cc0e0137b762e56860ac69ca3b02f1b187edd20a04b1d7e11fff
content-length: 43

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 59ms
58ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FY3G92KX4G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWGZ7R

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8fc4ce3acb6631206dbe2db7c0a71609602ace4a16962e1f8fcd94b15570aab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
97 KB 52ms
51ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HF0T6VRZ9X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWGZ7R

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

402485904200102759958f92f3979c5648fff560d881c46aabe5f74c51902135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98943
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 46ms
46ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWGZ7R

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 16 Apr 2024 22:41:13 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 019076C8B9834ED581384018DC0B8F0B Ref B: FRAEDGE1820 Ref C: 2024-04-16T22:41:13Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 141ms
141ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCBHC53C77U03NFK8N4G&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 971a4915a736a8844cd64b73a87686adff5d1015a5d69ccc35d646b87af7107a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: f5bb2a8d.61ad231
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24041622411301249E66CD2660B2F2F0-215D06DF4C0197EE-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 94,104.126.37.127
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=4
content-length: 1928
pragma: no-cache
server: nginx
x-tt-logid: 2024041622411301249E66CD2660B2F2F0
x-cache-remote: TCP_MISS from a23-52-15-112.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.52.15.112
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990c27d3912757d2e24e33a7a90d9e2b794d24dd9b80e8bdc9f596abdcacf0aeb32377d84e01d58335236c6e88f3e10f21a387c7815aa1666e054cbcc69e13a60737881d7aab474a206b632a7fcd43d9e2293990feb090342fbdf1963e70779e732c
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 145ms
144ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGV4FTJC77U0HA606SB0&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fc03c59e96fa6dd384a467bd1f6e7d22b4c5bb6ddc81b68a701d429f9255aae5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 61ad232
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416224113F34380317AB2DAA8F5ED-2318D6DE66634562-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=2, origin; dur=111
content-length: 1315
pragma: no-cache
server: nginx
x-tt-logid: 20240416224113F34380317AB2DAA8F5ED
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 111,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c4951fd66c7f6e07b45ffc6518bb8f48c0843e48fd38b6f31cf9d942e7e314e8eae1041c9e8e36320c3b73d7d76fbf9ed92bbe6a266d0030e9f1252808c90430b8
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 145ms
140ms Script
application/javascript 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHHGN6JC77UDM3D3CAA0&lib=ttq
Requested by: Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afb8a26c47551718dbd12aae73c3d0cd16c51955b5d991056c3ff61adf18d0e1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 61ad24a
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404162241136403E2685AA8B9A5936C-21214804414FEEFD-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=3, origin; dur=102
content-length: 1315
pragma: no-cache
server: nginx
x-tt-logid: 202404162241136403E2685AA8B9A5936C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 103,104.126.37.127
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990cc0602530b924881b197b85f2649658c4b1f10648ae2b4d1bde8a0e22a3a09a5e68c09dc6bbb1f464a19debdaddf5e3f7f979a63f016b641bfb9b04e31ab441c3425baa2dddfd45452b36ecb885df1415
expires: Tue, 16 Apr 2024 22:41:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 353ms
22ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93483723-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 21:39:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3712
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Apr 2024 23:39:22 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/822066346/ 3 KB
2 KB 131ms
39ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/822066346/?random=1713307273783&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=dRqgCN7s8voBEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-822066346&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

24df3ea7d85ff71dd6293a23c9d9edacb20d74e94eb49f4c91e79ab499089fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1584
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/822066346/ 3 KB
2 KB 119ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/822066346/?random=1713307273799&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=95jTCKPK75ECEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-822066346&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4c449dfa9dba26e4685969e36a15ca5bded01a44d8effad606ba2c5d8a714789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1589
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 92ms
22ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=335790607138216&ev=PageView&dl=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&rl=&if=false&ts=1713307273829&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1713307273825.230399078&cs_est=true&ler=empty&cdl=API_unavailable&it=1713307273329&coo=false&rqm=GET

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 22:41:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 91ms
22ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=335790607138216&ev=PageView&dl=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&rl=&if=false&ts=1713307273845&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1713307273825.230399078&cs_est=true&ler=empty&cdl=API_unavailable&it=1713307273329&coo=false&tm=1&rqm=GET

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 22:41:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/822066346/ 3 KB
2 KB 44ms
42ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/822066346/?random=1713307273917&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=puhGCJSemosBEKr5_ocD&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-822066346&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c8f7ea047b811ed402aee117fd21021ad102885eb45dd54fa17c94556573d703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1535
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
844 B 207ms
206ms Ping
text/plain 104.126.37.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6850979c.61ad567
date: Tue, 16 Apr 2024 22:41:14 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404162241140BB95FB382A288A5DF5E-3FC3223D0BB9FB9B-00
x-cache: TCP_MISS from a104-126-37-127.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 173,104.126.37.127
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=78, inner; dur=74
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404162241140BB95FB382A288A5DF5E
x-cache-remote: TCP_MISS from a23-52-15-109.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 78,23.52.15.109
x-tt-trace-host: 013b026b2ab4ef39f7c6fafa07a534990c27d3912757d2e24e33a7a90d9e2b794db15830a04bb727440d675f4cfe42039452c7e6293ed524d68f358c485028edf6a9153dd218d46d6dd4fc62b42216e1c1164a7062f8616b2a75701628e42d97165730cacd4187cf92896d47399d7c2a18
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 22:41:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 61ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FY3G92KX4G&gtm=45je44f0v870494316z8843897413za200&_p=1713307272542&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=111604554.1713307274&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713307274&sct=1&seg=0&dl=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3288
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FY3G92KX4G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://y.mandasyfr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FY3G92KX4G&gtm=45je44f0v870494316z8843897413za200&_p=1713307272542&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=111604554.1713307274&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1713307274&sct=1&seg=1&dl=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&dt=&en=page_view&_et=7&tfd=3337
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FY3G92KX4G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://y.mandasyfr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 26ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HF0T6VRZ9X&gtm=45je44f0v888543988z8843897413za200&_p=1713307272542&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=111604554.1713307274&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713307274&sct=1&seg=0&dl=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=3406
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HF0T6VRZ9X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://y.mandasyfr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 102ms
24ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HF0T6VRZ9X&cid=111604554.1713307274&gtm=45je44f0v888543988z8843897413za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HF0T6VRZ9X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://y.mandasyfr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 110ms
33ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HF0T6VRZ9X&cid=111604554.1713307274&gtm=45je44f0v888543988z8843897413za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1479535757

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 211018061.js Show response
bat.bing.com/p/action/ 0
116 B 47ms
46ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211018061.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 16 Apr 2024 22:41:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94FD1519B30E46A483396C15850111A4 Ref B: FRAEDGE1820 Ref C: 2024-04-16T22:41:14Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
236 B 58ms
44ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211018061&tm=gtm002&Ver=2&mid=0757dd6e-de00-4c3b-afb7-08195f871c06&sid=6e38f740fc4211eead5027b0c80fda1a&vid=6e391e40fc4211ee8d640f45eaa7a331&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&r=&lt=1895&evt=pageLoad&sv=1&rn=813015

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 22:41:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA36311E79DE4CD8B790494A6A265CA4 Ref B: FRAEDGE1820 Ref C: 2024-04-16T22:41:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.nl/pagead/1p-conversion/822066346/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u...
https://www.google.nl/pagead/1p-conversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...

42 B
64 B

36ms
36ms

Image
image/gif

142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=dRqgCN7s8voBEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3OnO--bHhQMV0KqDBx1j2wMPMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqmsgz2g7obHPtuGWmp1IHCYXdrT9pHg&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBScUjJcvfBULXCD1x-ZHbRifJECxqhI8A&random=2625819844&ipr=y

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://y.mandasyfr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/822066346/?random=2108300269&cv=11&fst=1713307273783&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=dRqgCN7s8voBEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3OnO--bHhQMV0KqDBx1j2wMPMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqmsgz2g7obHPtuGWmp1IHCYXdrT9pHg&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBScUjJcvfBULXCD1x-ZHbRifJECxqhI8A&random=2625819844&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.nl/pagead/1p-conversion/822066346/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1...
https://www.google.com/pagead/1p-conversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1...
https://www.google.nl/pagead/1p-conversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&...

42 B
64 B

37ms
36ms

Image
image/gif

142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=95jTCKPK75ECEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIlOjO--bHhQMV24yDBx0hoglGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqd4mKCT3mbWV0nmSRlMT2e6S8jKnI3g&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBy7SXvTqWLOgOC6ezvU9bI0AbAFPSfgQw&random=4282797596&ipr=y

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://y.mandasyfr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/822066346/?random=1439461549&cv=11&fst=1713307273799&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867z8843897413za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=95jTCKPK75ECEKr5_ocD&hn=www.googleadservices.com&frm=0&value=0&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIlOjO--bHhQMV24yDBx0hoglGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqd4mKCT3mbWV0nmSRlMT2e6S8jKnI3g&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoBy7SXvTqWLOgOC6ezvU9bI0AbAFPSfgQw&random=4282797596&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.nl/pagead/1p-conversion/822066346/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=syp...
https://www.google.com/pagead/1p-conversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...
https://www.google.nl/pagead/1p-conversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h...

42 B
64 B

35ms
34ms

Image
image/gif

142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=puhGCJSemosBEKr5_ocD&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI0JDR--bHhQMVgoqDBx2Vpg6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqtpRd1k5mD5VQ8kuh3gJSUTXjE2c9OA&random=1301775390&ipr=y

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://y.mandasyfr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/822066346/?random=619894085&cv=11&fst=1713307273917&bg=ffffff&guid=ON&async=1&gtm=45be44f0v899944867za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&label=puhGCJSemosBEKr5_ocD&hn=www.googleadservices.com&frm=0&gtm_ee=1&npa=1&pscdl=noapi&auid=1923926342.1713307273&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI0JDR--bHhQMVgoqDBx2Vpg6pMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8veS5tYW5kYXN5ZnIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqtpRd1k5mD5VQ8kuh3gJSUTXjE2c9OA&random=1301775390&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 32ms
29ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=142640053&t=pageview&_s=1&dl=https%3A%2F%2Fy.mandasyfr.com%2FBNIV7%2F&ul=nl-nl&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1808105879&gjid=831780005&cid=111604554.1713307274&tid=UA-93483723-1&_gid=640636044.1713307274&_r=1&gtm=457e44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=50046399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://y.mandasyfr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
24ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-93483723-1&cid=111604554.1713307274&jid=1808105879&gjid=831780005&_gid=640636044.1713307274&npa=1&_u=YADAAUAAAAAAACAAI~&z=11785655

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 Apr 2024 22:41:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://y.mandasyfr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
33ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-93483723-1&cid=111604554.1713307274&jid=1808105879&npa=1&_u=YADAAUAAAAAAACAAI~&z=1292837914

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-93483723-1&cid=111604554.1713307274&jid=1808105879&npa=1&_u=YADAAUAAAAAAACAAI~&z=1292837914

Requested by

Host: y.mandasyfr.com
URL: https://y.mandasyfr.com/BNIV7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://y.mandasyfr.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 22:41:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET kasir_pintar.webp
kasirpintar.co.id/gambar/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/design_v2/bootstrap-5.0.0-beta3/css/bootstrap.min.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/landing_page/carousel/dist/assets/owl.carousel.min.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/landing_page/carousel/dist/assets/owl.theme.default.min.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/design_v2/fontawesome-free-5.15.3-web/css/all.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/css/select2.min.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/design_v2/css/style.css?v=1687160570

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/design_v2/slick/slick.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/design_v2/slick/slick-theme.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/design_v2/simplelightbox/dist/simple-lightbox.min.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/css/intlTelInput.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/vendor/spinner-animate/three-quarters.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/vendor/spinner-animate/custom.css

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/gambar/Group%20590.webp

Domain: kasirpintar.co.id
URL: https://kasirpintar.co.id/gambar/kasir_pintar.webp

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-21 05:16:43	Name: MUID Value: 3DF1C665103E659C3577D206113E6433
.t.co/	1970-01-21 05:31:07	Name: muc_ads Value: 14124d16-6991-408f-800e-0f77be87a2ee
.twitter.com/	1970-01-21 05:31:07	Name: personalization_id Value: "v1_1gKnB0VtY+8q824zrATi9g=="
.tiktok.com/	1970-01-21 05:16:43	Name: _ttp Value: 2fCZyDkoowxPVR28yWXkxUVzgXz
.mandasyfr.com/	1970-01-21 05:16:43	Name: _tt_enable_cookie Value: 1
.mandasyfr.com/	1970-01-21 05:16:43	Name: _ttp Value: C5gyTGKIfmXDQhOwrBBqrAeAYSo
.mandasyfr.com/	1970-01-20 22:04:43	Name: _gcl_au Value: 1.1.1923926342.1713307273
.mandasyfr.com/	1970-01-20 22:04:43	Name: _fbp Value: fb.1.1713307273825.230399078
.mandasyfr.com/	1970-01-21 05:31:07	Name: _ga_FY3G92KX4G Value: GS1.1.1713307274.1.1.1713307274.0.0.0
.mandasyfr.com/	1970-01-21 05:31:07	Name: _ga_HF0T6VRZ9X Value: GS1.1.1713307274.1.0.1713307274.60.0.0
.mandasyfr.com/	1970-01-20 19:56:33	Name: _uetsid Value: 6e38f740fc4211eead5027b0c80fda1a
.mandasyfr.com/	1970-01-21 05:16:43	Name: _uetvid Value: 6e391e40fc4211ee8d640f45eaa7a331
.bing.com/	1970-01-21 05:16:43	Name: MSPTC Value: _myenmAF6UxLzJ3LX1xOV7pFSswtr9geOMOcN5x2hpc
.mandasyfr.com/	1970-01-21 05:31:07	Name: _ga Value: GA1.2.111604554.1713307274
.mandasyfr.com/	1970-01-20 19:56:33	Name: _gid Value: GA1.2.640636044.1713307274
.mandasyfr.com/	1970-01-20 19:55:07	Name: _gat_gtag_UA_93483723_1 Value: 1
.doubleclick.net/	1970-01-20 19:55:08	Name: test_cookie Value: CheckForPermission

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/335790607138216?v=2.9.153&r=stable&domain=y.mandasyfr.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y.mandasyfr.com/BNIV7/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
bni.co.id
cdn.000webhost.com
cdn.icon-icons.com
cdnjs.cloudflare.com
connect.facebook.net
esqtraining.com
fonts.googleapis.com
googleads.g.doubleclick.net
ibank.bni.co.id
kasirpintar.co.id
kaspin.sgp1.digitaloceanspaces.com
region1.analytics.google.com
region1.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
unpkg.com
www.bni.co.id
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
y.mandasyfr.com
kasirpintar.co.id
103.253.144.208
104.126.118.211
104.126.37.131
104.17.25.14
104.17.5.108
104.244.42.133
104.244.42.195
142.250.185.195
142.250.186.132
142.250.186.162
146.75.120.157
175.106.21.10
184.30.223.152
188.114.96.3
2001:4860:4802:32::36
216.58.206.72
216.58.212.162
2606:4700::6811:f7cb
2620:1ec:c11::237
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82f::200e
2a00:1450:400c:c09::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3121::3
2a0b:4d07:101::1
84.53.167.41
06ade66bda4bf946e784bd02be502aba83f307d41c628ad56a209519cc7dbd18
072ed7f175ce3c0019a7b21703fda4d1ce5600fa34f7fdbbb633e2ba3c923e43
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1af48cdd1e5def908ecc62570383c1f2ee79efbaed29aed6a8ab0468c7ff3a08
1bcc9f5848c7635b293df3871d7547fedc3ec6e0d7d9a0eb4d1288be1184a6cf
1bfde9878153e12e05b55aa11241b6e3d094d78dd38c9c3b403b3229ca798b11
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de
24df3ea7d85ff71dd6293a23c9d9edacb20d74e94eb49f4c91e79ab499089fd8
26ac2e4adf326cdf543bb9fa22d59dfdb227bd4515ece143623a36b56e15d72e
28fb8e86f64dc685b3b863a7511f88412a0c50662a4d687843d891912daef7df
402485904200102759958f92f3979c5648fff560d881c46aabe5f74c51902135
4196473b672126e8c917a6912ae6904d9b504c7118ea26df64b028d5bb287aea
431a3d564cf78cbe57f5ad74cabf76c4cef30ac728fa4828bd3b489b28ad97af
4c449dfa9dba26e4685969e36a15ca5bded01a44d8effad606ba2c5d8a714789
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6ca9358908bf7e3aac1b4a13967f92fb4d467b43d99f41d7123d90be71381e6d
747a3a54c021677f1f5e32cb0c9b3c816e10bf917c6342937ec11381fb652b25
804118b636692b9510e1ead71d4b3a07f9c2bf725c4d0880dd6d5ba0b1f741e6
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8258e9c16a4e008b41da436b856c38637fff47dd9332dcf63136a9b5ee7d0c26
8695f5fc64d65593f9763a5b28d14bc34e3cf802317e1ffad2125a7c8fedfafe
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
8b78b77c8020d8be3781141e6ae70111f2546d896c6e79651ecfe99bad0eba13
8fc4ce3acb6631206dbe2db7c0a71609602ace4a16962e1f8fcd94b15570aab1
971a4915a736a8844cd64b73a87686adff5d1015a5d69ccc35d646b87af7107a
a1e1fcb6de68ff83c0fc13279e41d8d3c5886e2534761b3ac3f97ff63e711f7f
a87c5afabf70686df361d276bd3ce1c0794cfd49e5b182bda2375670541f6d3a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afb8a26c47551718dbd12aae73c3d0cd16c51955b5d991056c3ff61adf18d0e1
baec6367becf496f2902d48ae7ea62aeac35e7973ea76461e6a2ada66e74d12f
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c00f9d59ae3370048bea8f3d8c3343bb8c3b8b9ced077ad51413f1af01055007
c8f7ea047b811ed402aee117fd21021ad102885eb45dd54fa17c94556573d703
cb8caec4d619ee835169412c52e255c682ccb3eadbc8e5d8bfe3afc6409fb948
dc69d0ccb91e5a2cefeae8ca981400dada1c52e6a099bd8e8c95ce035cb9fe51
dd8cae3a4f4cf324febe28aca9d92092ed5bf9921835596148d6923e3a729385
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a2b90b0cd909082cdcc0e6b4ae7afac05112b24aa9bc74d4b157e423040df1
ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc03c59e96fa6dd384a467bd1f6e7d22b4c5bb6ddc81b68a701d429f9255aae5

y.mandasyfr.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

82 Requests

78 %HTTPS

43 %IPv6

25 Domains

30 Subdomains

30 IPs

8 Countries

2270 kBTransfer

4675 kBSize

17 Cookies

50 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

y.mandasyfr.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

78 %
HTTPS

43 %
IPv6

25
Domains

30
Subdomains

30
IPs

8
Countries

2270 kB
Transfer

4675 kB
Size

17
Cookies

82 HTTP transactions
0 data transactions