mail.mangohills.site Open in urlscan Pro
2400:8901::f03c:91ff:fe00:bf98 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mail.mangohills.site/
Submission: On December 23 via api (December 23rd 2022, 10:13:12 pm UTC) from US — Scanned from US

Summary HTTP 70 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 10 domains to perform 70 HTTP transactions. The main IP is 2400:8901::f03c:91ff:fe00:bf98, located in Singapore and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is mail.mangohills.site.

This is the only time mail.mangohills.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2400:8901::f0... 2400:8901::f03c:91ff:fe00:bf98	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4004:83e::2011	15169 (GOOGLE) (GOOGLE)
70	20

17 2400:8901::f03c:91ff:fe00:bf98 (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)

mail.mangohills.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:807::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:83e::2011 (Washington, United States)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mangohills.site mail.mangohills.site	7 MB
16	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 maps.googleapis.com — Cisco Umbrella Rank: 365 content.googleapis.com — Cisco Umbrella Rank: 1510	233 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com ssl.gstatic.com	887 KB
9	google.com drive.google.com — Cisco Umbrella Rank: 318 www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 92 play.google.com — Cisco Umbrella Rank: 15	163 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1467 ka-f.fontawesome.com — Cisco Umbrella Rank: 2554	182 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	176 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	111 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 548
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 68	96 KB
70	10

	Domain	Requested by
17	mail.mangohills.site	mail.mangohills.site
11	maps.googleapis.com	www.google.com maps.googleapis.com
5	www.gstatic.com	drive.google.com www.gstatic.com
5	ka-f.fontawesome.com	kit.fontawesome.com mail.mangohills.site
4	apis.google.com	www.gstatic.com content.googleapis.com apis.google.com
4	cdn.jsdelivr.net	mail.mangohills.site cdn.jsdelivr.net
3	content.googleapis.com	apis.google.com
3	play.google.com	www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com drive.google.com
2	www.facebook.com	mail.mangohills.site
2	ssl.gstatic.com	www.gstatic.com
2	maps.gstatic.com	www.google.com mail.mangohills.site
2	connect.facebook.net	mail.mangohills.site connect.facebook.net
2	fonts.googleapis.com	mail.mangohills.site drive.google.com
1	csp.withgoogle.com	mail.mangohills.site
1	lh3.googleusercontent.com	drive.google.com
1	www.google.com	mail.mangohills.site
1	drive.google.com	mail.mangohills.site
1	kit.fontawesome.com	mail.mangohills.site
70	19

This site contains links to these domains. Also see Links.

Domain
wellcoproperti.id
wa.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://mail.mangohills.site/
Frame ID: D437CD7EB25A12D005ACF71EEC2E3820
Requests: 36 HTTP requests in this frame

Frame: https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview
Frame ID: 59631212555CB990F2F8CEAFC9BEDD4D
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3964.777304054422!2d106.78152748134728!3d-6.42265289439476!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2e69e96ad967c33f%3A0x4b1f5822dda554f8!2sMango%20Hills%20Residence!5e0!3m2!1sid!2sid!4v1659613583818!5m2!1sid!2sid
Frame ID: F8B89406B44DC8775D12AF04874061BC
Requests: 15 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.WEPncdil2Uw.O%2Fd%3D1%2Frs%3DAHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA%2Fm%3D__features__
Frame ID: 0F3B74E13B654EE2C8ECB25B10D29FF6
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mango Hills Residence

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Lightbox (JavaScript Libraries) Expand

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

70
Requests

76 %
HTTPS

100 %
IPv6

10
Domains

19
Subdomains

20
IPs

2
Countries

8748 kB
Transfer

13032 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wellcoproperti.id/

Search URL Search Domain Scan URL

URL: https://wa.me/6281298705552
Title: WhatsApp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.mangohills.site/ 63 KB
7 KB 2226ms
410ms Document
text/html 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

http://mail.mangohills.site/

Protocol

HTTP/1.1

Server

2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

DomaiNesia /

Resource Hash

530a80559f6a844d1ef851174ff829c7ffda50cba9ae80a7a9f2c50345fd5dd6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Type: text/html; charset=UTF-8
DN-Request-Id: 35fc7ed3bf7bcd46f6ec9441df8c7f5f
Date: Fri, 23 Dec 2022 22:13:03 GMT
Dynamic-Cache-Status: MISS
Referrer-Policy: strict-origin-when-cross-origin
Server: DomaiNesia
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Page-Speed: DomaiNesia
X-XSS-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 190 KB
29 KB 98ms
37ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://mail.mangohills.site/
Origin: http://mail.mangohills.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13586534
x-jsd-version: 5.2.0
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19140-FRA, cache-itm18848-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RkyloN%2FzYTxRbjJQXgqCwSTmzfo07tISRmZcDUpQgox8HnDbAQwF35CZOTwbXOICugCTAK5uf%2BrjtWUPx111TOFdyt1MbOjGDycaYz6tXBN5qDvkEvqgXsRwgr7XLyfxHsGRTp6XVC2fmd5Q%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77e4713b6c2513cd-ORD

GET
H/1.1 200
OK A.app.css.pagespeed.cf.nZ275xKcMy.css
mail.mangohills.site/assets/css/ 3 KB
1 KB 227ms
226ms Stylesheet
text/css 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.mangohills.site/assets/css/A.app.css.pagespeed.cf.nZ275xKcMy.css
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 011a716a95c4d464277b8976e1603da044f79b314da2acb11a02ecb2f387ceb1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Page-Speed: DomaiNesia
Date: Fri, 23 Dec 2022 22:13:03 GMT
Content-Encoding: gzip
DN-Request-Id: a47136cdfd08f8bb7e3599b00760c46c
Last-Modified: Fri, 23 Dec 2022 22:13:03 GMT
Server: DomaiNesia
X-Original-Content-Length: 3810
ETag: W/"0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 919
Expires: Sat, 23 Dec 2023 22:13:03 GMT

GET
H/1.1 200
OK swiper-bundle.min.css
mail.mangohills.site/assets/vendor/swiper/ 16 KB
5 KB 224ms
224ms Stylesheet
text/css 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.mangohills.site/assets/vendor/swiper/swiper-bundle.min.css
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:03 GMT
Content-Encoding: gzip
DN-Request-Id: d27b19b9ca3cc4220628b1d2f409e2fc
Last-Modified: Mon, 01 Aug 2022 06:41:26 GMT
Server: DomaiNesia
X-Original-Content-Length: 16466
ETag: "62e77596-4052"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=300, s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4557
Expires: Fri, 23 Dec 2022 22:18:03 GMT

GET
H/1.1 200
OK simple-lightbox.min.css
mail.mangohills.site/assets/vendor/simplelightbox/dist/ 4 KB
1 KB 450ms
224ms Stylesheet
text/css 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.mangohills.site/assets/vendor/simplelightbox/dist/simple-lightbox.min.css
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 7bbb1f20e530d62120c358c09d849c30b3cc15f3c1e6536a9205fe53b96db50c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:03 GMT
Content-Encoding: gzip
DN-Request-Id: e0fbe440f10fb6b6aa2ba49f58c550a7
Last-Modified: Wed, 15 Jun 2022 10:21:02 GMT
Server: DomaiNesia
X-Original-Content-Length: 3842
ETag: "62a9b28e-f02"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=300, s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1040
Expires: Fri, 23 Dec 2022 22:18:03 GMT

GET
H/1.1 200
OK promo.png
mail.mangohills.site/assets/img/content/ 313 KB
313 KB 448ms
225ms Image
image/png 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/promo.png
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 2fcf8712d820e03a42d29f938c51132c659e2ecd246d03badf18e7d599b83171

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
DN-Request-Id: d3c0c5eaa393299cbe46766e20499d94
Last-Modified: Mon, 08 Aug 2022 02:52:08 GMT
Server: DomaiNesia
ETag: "62f07a58-4e249"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320073

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/ 78 KB
24 KB 39ms
38ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://mail.mangohills.site/
Origin: http://mail.mangohills.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13586824
x-jsd-version: 5.2.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-cdg20780-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfyxBzAkhwEeKF1ITvFZxvwPUsjBnX032a1ObKExSk0AcsrTCqyz6NveWbpZMGdZQ%2B%2Bwo6DgvE96%2BTzL7vksRCA5rwRzzbHrfhEm0%2F7i2vDXVajnn4DJ9g%2BOaiIBZWUPX%2FpocsAGivgXJrH53bU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77e4713c7df013cd-ORD

GET
H/1.1 200
OK swiper-bundle.min.js Show response
mail.mangohills.site/assets/vendor/swiper/ 140 KB
39 KB 236ms
235ms Script
application/javascript 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.mangohills.site/assets/vendor/swiper/swiper-bundle.min.js
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
Content-Encoding: gzip
DN-Request-Id: fe0bc2d2fce32e9efb658710a459df37
Last-Modified: Mon, 01 Aug 2022 06:41:26 GMT
Server: DomaiNesia
ETag: W/"62e77596-22fb1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: s-maxage=10
Connection: keep-alive

GET
H/1.1 200
OK simple-lightbox.min.js Show response
mail.mangohills.site/assets/vendor/simplelightbox/dist/ 45 KB
9 KB 231ms
230ms Script
application/javascript 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.mangohills.site/assets/vendor/simplelightbox/dist/simple-lightbox.min.js
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 23398a4c4e53423174388886c618dd2814fabc0aca59830b440a8d0d4e14e550

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
Content-Encoding: gzip
DN-Request-Id: 51b725b6ae1196971ffea36e8dfaa594
Last-Modified: Wed, 15 Jun 2022 10:21:02 GMT
Server: DomaiNesia
ETag: W/"62a9b28e-b4f1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: s-maxage=10
Connection: keep-alive

GET
H/1.1 200
OK lazysizes.min.js Show response
mail.mangohills.site/assets/vendor/lazysizes/ 8 KB
4 KB 233ms
232ms Script
application/javascript 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.mangohills.site/assets/vendor/lazysizes/lazysizes.min.js
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
Content-Encoding: gzip
DN-Request-Id: 045bf1d67a1e4171ddc3ea8b10f82a5b
Last-Modified: Mon, 17 May 2021 09:26:40 GMT
Server: DomaiNesia
ETag: W/"60a236d0-1ed1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: s-maxage=10
Connection: keep-alive

GET
H2 200 7d8aa395e6.js Show response
kit.fontawesome.com/ 11 KB
4 KB 248ms
101ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/7d8aa395e6.js

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73dce6338a9cb315d9f8e29bff3c5d17f78a8acc70ad3810c74d63b1c13684a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: http://mail.mangohills.site/
Origin: http://mail.mangohills.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 77e4713ecbace245-ORD
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FzOLyY6Xo6TsAAGa4cmi

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 152ms
58ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/assets/css/A.app.css.pagespeed.cf.nZ275xKcMy.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

659f641de81ca703114fd6675032bfab0410f47b3423d055e020d567b9708759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 22:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 20:45:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 22:13:04 GMT

GET
H3 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/ 87 KB
12 KB 72ms
33ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/assets/css/A.app.css.pagespeed.cf.nZ275xKcMy.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13806663
x-jsd-version: 1.9.1
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19135-FRA, cache-itm18833-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"15a09-bhLh682YP4SOXCgKt3ZJ7rROdLw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BW%2BnaxI7DY3j%2BU8qBtqMBQL%2FCj0nXArl6yFA0oB1nTjefTejTvUELvgZ64BYK98jxSGvMR5Yae9y9yczTUv0%2B%2BsakMYGocQSiiv4LzAi4Dykqtbdn5n5ckAYLQizelXgF7MuF2FadAE9Bmujqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77e4713cbc902c90-ORD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 194ms
46ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Dec 2022 22:13:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XfcoB1JMXfTh6Cg/f0Ho2N1PH3Iraby5rrjE06MApzSDWqmNQMAJDppRSDHd8r2BeXZiuBwRJbhPfQfaMvsC+Q==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 preview Show response
drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/ Frame 5963 76 KB
24 KB 355ms
260ms Document
text/html 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

688b642f3e562db1f2d8bb221705920300a5119d4b9c821591b52395e297449b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_6bRBhWTUeem6IWG0-tbog' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mail.mangohills.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_6bRBhWTUeem6IWG0-tbog' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 22:13:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, nosnippet
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK banner.jpg
mail.mangohills.site/assets/img/banner/ 194 KB
194 KB 444ms
225ms Image
image/jpeg 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/banner/banner.jpg
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: bdc1add1bd7eab83175cc7f6a1e8b978ad3813d0a28df47fb857ec9cbe7fad9e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
DN-Request-Id: 1e79ce73b36352907989ecc6984b157d
Last-Modified: Fri, 05 Aug 2022 07:54:06 GMT
Server: DomaiNesia
ETag: "62eccc9e-306e2"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 198370

GET
H/1.1 200
OK 02.jpg
mail.mangohills.site/assets/img/content/ 5 MB
5 MB 449ms
226ms Image
image/jpeg 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/02.jpg
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/assets/css/A.app.css.pagespeed.cf.nZ275xKcMy.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 23538c71db1b03b155678bb43b588614c8bfc6bd046b0d135dc24f23bae9df26

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/assets/css/A.app.css.pagespeed.cf.nZ275xKcMy.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
DN-Request-Id: 22af2aa56a3cdffd72c25f75779dc0db
Last-Modified: Thu, 04 Aug 2022 12:14:44 GMT
Server: DomaiNesia
ETag: "62ebb834-52fe8d"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5439117

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 175ms
39ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mail.mangohills.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:52:16 GMT
x-content-type-options: nosniff
age: 357648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 18:52:16 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/ 110 KB
111 KB 34ms
33ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css
Origin: http://mail.mangohills.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13803683
x-jsd-version: 1.9.1
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112440
x-served-by: cache-fra19156-FRA, cache-cdg20761-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"1b738-OihLBhh3Hynajra+kA6ZQ5JT3OA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHJkGBdoVBICNEv1pV%2B0iqogGFey272u%2B9EVKL1uwb8o795AcKbD5bkTLnW2GE1o35ADHErxCUcTKjwTkiI2FKE5p766hhPb07YGO%2B8%2FA5n562JxK4sVZ8tH93dm2pqWvKcO9%2BEaO%2B8Gfc4EBGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e4713ded94f232-ORD

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer: http://mail.mangohills.site/
Origin: http://mail.mangohills.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 embed Show response
www.google.com/maps/ Frame F8B8 4 KB
2 KB 332ms
237ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3964.777304054422!2d106.78152748134728!3d-6.42265289439476!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2e69e96ad967c33f%3A0x4b1f5822dda554f8!2sMango%20Hills%20Residence!5e0!3m2!1sid!2sid!4v1659613583818!5m2!1sid!2sid

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9fa2b61c65e1c21bdba7aeab10e6769f80a2c523784b784de843c17e92512ae8

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-VV5NoxvUTXYcXsUcinAOxw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

Referer: http://mail.mangohills.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1704
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-VV5NoxvUTXYcXsUcinAOxw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 23 Dec 2022 22:13:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: mafe
server-timing: gfet4t7; dur=190
vary: Accept-Language
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 100 KB
23 KB 103ms
45ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=7d8aa395e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7d8aa395e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a9f485d6f2e1dabd73d8b9ebba2930177e6d77565963ed32707837ed9bba33

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
via: 1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD56-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
server: cloudflare
etag: W/"2dbe34367e935e2684b01124b0860d71"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GGgqpRoIWVS2r0vGLT%2BTgFkrw2lbBqehlGTxJwplMKwK9GaQY2zXl%2F0zUfvM1%2FytVuvNrlXwh8NmgUVF24stq%2BYYnEh6YwApaIJIUYzwYIgNEuzcBKYrHblNVSrqUMe3FzgpRoFy%2FDoqo9nLAsl6BOnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 77e47140b81062dc-ORD
access-control-allow-headers: fa-kit-token
x-amz-cf-id: NyoWtY5ALOltxbahSyPb26-4eXlSgtKUvvqWDthc4-TjMYucLOAwlA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 27 KB
5 KB 107ms
49ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=7d8aa395e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7d8aa395e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b856bad6a7ffe16d3ba0ea0d6c6fe0526385ebd11e589a2efbcbf97386e9ea40

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
via: 1.1 88a1a7ad0454e586dd16517855f87aea.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD56-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
server: cloudflare
etag: W/"0d00741459c51dd7330d97cd19326a7b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eskXlixS8vcHJR4rTvkdTvMwKxfKz3bE%2F9ZRGyd%2BCk8FOaqpgX6ioD8bYmz5M1Jx9fZ05fH1eQotlbeXZu9BPsAEsfR8n44d%2FdXdMkxYdCmQNN0%2BcCRxzYPj1cunz2ulCp29BErVx5LQAg0Gaf5glIYxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 77e47140b81262dc-ORD
access-control-allow-headers: fa-kit-token
x-amz-cf-id: VrSAloFpOduXPMtVtcNbZHtXiry00HzlVmf-6y1i7qumM_NOr2_5MA==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 823 B
717 B 108ms
50ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=7d8aa395e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7d8aa395e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788283b9392704ad36e4767d8e14790895e3a504214d4553da9b4992fd9f2af2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
via: 1.1 42fa987334e4ecfd52be3ba1803e9b82.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD56-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
server: cloudflare
etag: W/"15e2713dff942747406520edde3fd0bf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99yu%2F2V7NSZou%2BhP2XNXrR6qdkDihY4JWMfIZdWc5Ukwy3tpRJ2FxXQ0HdKz5hk9MpZ26uOaaRQoTdJ6YUkzelr2ul9NeMNw5ZiQfVryE0ynBkWqCEgKUXm49FUc%2F8WbrGeFxUc4KDRBK8z9tyG9lBXp%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 77e47140b81662dc-ORD
access-control-allow-headers: fa-kit-token
x-amz-cf-id: VEFA8c0ImEs0ITNH1uEoOb3llGnD7MXt7vNj1DGmyyRcp6do7h4rxA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 2 KB
1 KB 100ms
42ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=7d8aa395e6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7d8aa395e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04994be7db4693bad5bc011cd1aa7a3cdd72c55dd72f478b772de9a795e82210

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
via: 1.1 88a1a7ad0454e586dd16517855f87aea.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD56-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
server: cloudflare
etag: W/"075b2106ba08d32bc88fff3724503b1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vX1PG5PPK%2BRAJy2P96bSaQR%2BnIO8HE2nKSHCtE44VTGS8NIIpWlpieJ6dnWmwIONOp6R2%2BJ%2FQJQQuAjIoe0mRHqwYjo2eGE%2FIOmE0gBsQ0v%2BO32ACEWsvo4hjaoBsy%2FRHLlhwyuOpdrLJdEARAtMqOKabg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 77e47140b81762dc-ORD
access-control-allow-headers: fa-kit-token
x-amz-cf-id: WmJYHxAeVaB1qKagCks5KScxkRsTotzbjRnZ05kmidDxHUVAKeGltg==

GET
H/1.1 200
OK signature.png
mail.mangohills.site/assets/img/content/ 177 KB
177 KB 231ms
229ms Image
image/png 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/signature.png
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: e735adf05cf6edc28d0d9f09541221d23f2d1de3a016b6b757dd31ebb53af952

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
DN-Request-Id: 69ee421a01e6c952e05a6965e2466e9a
Last-Modified: Mon, 11 Apr 2022 06:51:12 GMT
Server: DomaiNesia
ETag: "6253cfe0-2c426"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181286

GET
H/1.1 200
OK logo.png
mail.mangohills.site/assets/logo/ 18 KB
19 KB 229ms
228ms Image
image/png 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/logo/logo.png
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 419f96b03134ae927d6427f4d32571a828a5358114e4d80002628be1cc2f021d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
DN-Request-Id: 4b6a52a93a4773a0ac6e0113845b9eb5
Last-Modified: Thu, 04 Aug 2022 11:23:52 GMT
Server: DomaiNesia
ETag: "62ebac48-49a9"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18857

GET
H/1.1 200
OK 01.jpg
mail.mangohills.site/assets/img/content/ 51 KB
51 KB 228ms
226ms Image
image/jpeg 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/01.jpg
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: b0261f893b23d3ca1ea8ef5871a56770039b85f99bed7564a9e6c7c40c11506a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:04 GMT
DN-Request-Id: 94f59a19fab3dc738545329fff7ee496
Last-Modified: Thu, 04 Aug 2022 12:34:24 GMT
Server: DomaiNesia
ETag: "62ebbcd0-cbd5"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52181

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame F8B8 170 KB
56 KB 131ms
41ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3964.777304054422!2d106.78152748134728!3d-6.42265289439476!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2e69e96ad967c33f%3A0x4b1f5822dda554f8!2sMango%20Hills%20Residence!5e0!3m2!1sid!2sid!4v1659613583818!5m2!1sid!2sid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b5cc37f799d67c77a7407a079f673ebd31073b6636ed24d1a5e809914e0dc687

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:51:14 GMT
content-encoding: gzip
server: mafe
age: 1310
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=23
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56853
x-xss-protection: 0
expires: Fri, 23 Dec 2022 22:21:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5963 13 KB
970 B 143ms
60ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 22:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 21:34:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 22:13:04 GMT

GET
H2 200 rs=AO0039sr-swvLo9dgTQ8q_pa4aGWLL7Cbw
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.xuQhuh34xGA.L.W.O/am=ABA/d=0/ Frame 5963 2 MB
194 KB 133ms
40ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.xuQhuh34xGA.L.W.O/am=ABA/d=0/rs=AO0039sr-swvLo9dgTQ8q_pa4aGWLL7Cbw

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5870853c8d480655c4c25d37503d9aba4b1e3102aa89aa56c9d50826c51e6e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 07:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197954
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 20:08:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 07:57:29 GMT

GET
H3 200 m=v,wb Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=1/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/ Frame 5963 1 MB
442 KB 125ms
41ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=1/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=v,wb

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9409221ea6cab96cc39d90c92f381030c936ba18019d7cbcb297e8a9c1beead6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 452385
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 20:08:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 17:19:47 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.2.1/webfonts/ 147 KB
148 KB 76ms
41ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4

Request headers

Referer: http://mail.mangohills.site/
Origin: http://mail.mangohills.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:04 GMT
via: 1.1 3666407bd87365d79a6fc5d429816f84.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD56-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150500
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
server: cloudflare
etag: "69a76555beae5c43a59559396c1aeb54"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHZT46vjLfrurvUFDADCUakUVUPaxrlTGrKMvPKolXyzVmZsx6PLSbNhuP7Z2aJ0104N3lPsSoL%2F%2Bq8RwlrNCwBzsnGGRaV9iN%2FlUr%2BXzv5AdiOeSyf5CdLurgN%2BdLyZt1gHRnNHOf8tZVyeycv3pCaAqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 77e47141bc06033f-ORD
access-control-allow-headers: fa-kit-token
x-amz-cf-id: umS30yC5zp-8gK5JI4OAs7H2-JbfxICX0oEXXfcn0w1E99wCkuyQRw==

GET
H/1.1 200
OK 02.jpg
mail.mangohills.site/assets/img/content/02/ 191 KB
191 KB 234ms
231ms Image
image/jpeg 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/02/02.jpg
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 02c0ff744258abe5f88741e07992cb80baba6c74fb9eea66881514a3679e21ac

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:05 GMT
DN-Request-Id: 4833149c7583e92b575aab89bb78164e
Last-Modified: Fri, 05 Aug 2022 07:54:08 GMT
Server: DomaiNesia
ETag: "62eccca0-2fa62"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195170

GET
H3 200 612084340572093 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 208ms
157ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/612084340572093?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebc7a4c584a6137497253783f4c82db02e23f8e578bf09b4ae71151fad514e62

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Dec 2022 22:13:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5DQEmxbyYYUjg5bGIGbBplOezluJFsgSXo5Teweiu1Y2wmnVhkQjczW7Yif9ZWqjFBBybi3/FKV4t7bWAeQXAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame F8B8 3 B
46 B 160ms
63ms XHR
application/json 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/id_ALL/ Frame F8B8 222 KB
69 KB 141ms
43ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/51/3/intl/id_ALL/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26cdfb52ffd79812772af67907357a5718b060d901091d783fa7ea656213f416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 14:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69535
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 14:41:03 GMT

GET
H3 200 rs=AA2YrTvROJRIUHNXRGvxagmQNrIBf8h-LQ Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.OsyHHRpFvlk.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ Frame 5963 91 KB
32 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.OsyHHRpFvlk.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvROJRIUHNXRGvxagmQNrIBf8h-LQ

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a738ad63595487e91479d33d797abe44cc1f8932517e1d79a7b2f85b2b6c5cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33039
x-xss-protection: 0
last-modified: Sat, 10 Dec 2022 02:50:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 06:39:50 GMT

GET
H/1.1 200
OK 01.jpg
mail.mangohills.site/assets/img/content/02/ 194 KB
194 KB 227ms
227ms Image
image/jpeg 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/02/01.jpg
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: bdc1add1bd7eab83175cc7f6a1e8b978ad3813d0a28df47fb857ec9cbe7fad9e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:05 GMT
DN-Request-Id: e98cffb8bd44b7ac9ad8c34733bf47a8
Last-Modified: Fri, 05 Aug 2022 07:54:06 GMT
Server: DomaiNesia
ETag: "62eccc9e-306e2"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 198370

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/ Frame 5963 108 KB
36 KB 141ms
40ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.OsyHHRpFvlk.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvROJRIUHNXRGvxagmQNrIBf8h-LQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a9455f7ee4a19a06a1a1ae13977113779c1cd70bf1d4744a3316ae5a5e9423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36630
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:19:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 21:46:40 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/ Frame F8B8 249 KB
68 KB 133ms
42ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5d6660590c8a0eae9cc4db7b2c0f3703a669be197a971e41082a80d4d19ff80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69765
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:51:27 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/ Frame F8B8 166 KB
61 KB 166ms
76ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b047769a561b0cf2d3b64efad93c6f785e8e6c6b8618710a72601fd325c770d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 00:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62769
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 00:29:12 GMT

GET
H3 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/ Frame F8B8 71 KB
25 KB 181ms
95ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31271f631987b09ceb066363f7625ba8d4908f85492c5948100e8ab8be07dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26044
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:20:53 GMT

GET
H3 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/ Frame F8B8 3 KB
1 KB 123ms
64ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57bcdd853f4d7c186bf4ac382da6a03410627a9f51def2525d3cb28f5f1c7855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 06:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1387
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 06:32:35 GMT

GET
DATA 200
OK truncated
/ Frame F8B8 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/ Frame F8B8 27 KB
10 KB 85ms
65ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65881aedf02b09a4fbe4ddf0209cb50e89cd1b522c934c485714c13072e42d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9967
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 17:49:52 GMT

GET
H3 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/ Frame F8B8 3 KB
1 KB 81ms
62ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=id&region=id&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17af5876bcad0f6433b71afbbd1d69a0b66abab414e74ad3b783773ad9dea39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1371
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:25:00 GMT

GET
H3 200 m=MpJwZc,UUJqVe,syh,sy1r,sy25,s39S4,syi,sy1t,pw70Gc Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=0/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/ Frame 5963 11 KB
4 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=0/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=MpJwZc,UUJqVe,syh,sy1r,sy25,s39S4,syi,sy1t,pw70Gc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=1/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03434200a59b95c5ddd32d31327847fbabf9b3913d14fd09371bd35620fb8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 14:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4511
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 20:08:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 14:58:27 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/ Frame 5963 204 KB
70 KB 132ms
45ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8668f83f6f1888b3a0c71d89e02fed33e13c86dce7aefa36d6ff4944e00ce82c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71508
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:19:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 19:32:01 GMT

POST
H2 200 log Show response
play.google.com/ Frame 5963 131 B
520 B 195ms
83ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=1/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 22:13:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 v-sprite48.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 5963 111 KB
51 KB 161ms
40ms Image
image/svg+xml 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite48.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.xuQhuh34xGA.L.W.O/am=ABA/d=0/rs=AO0039sr-swvLo9dgTQ8q_pa4aGWLL7Cbw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72de8e244e9f71dc1141242aa3f5493cab4ecf9b8d728e8982998470e09e2aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 14:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51325
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 15:38:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Wed, 20 Dec 2023 14:33:31 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5963 28 KB
28 KB 142ms
42ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drive.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 42505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 10:24:40 GMT

POST
H2 200 log Show response
play.google.com/ Frame 5963 131 B
196 B 144ms
87ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=1/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 22:13:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 AFDK6gPqi8jg5D1UttYvETrYqLi8ZIqXDKUdvZ2pORIeSEbaOq_nbwbj2TezQ4CIRRa-7vN5esc9uVhnrsEMa-RpVUwDaJRrQA=w1920-h1080-k-pd
lh3.googleusercontent.com/drive-viewer/ Frame 5963 96 KB
96 KB 463ms
346ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/drive-viewer/AFDK6gPqi8jg5D1UttYvETrYqLi8ZIqXDKUdvZ2pORIeSEbaOq_nbwbj2TezQ4CIRRa-7vN5esc9uVhnrsEMa-RpVUwDaJRrQA=w1920-h1080-k-pd

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9082f2be4addd62a8f64c7efcab61a16aa8a47aaad81621ed1fc211b5af3eb3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="MHL.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97872
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=sy5,sy15,sAbmxd Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=0/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/ Frame 5963 15 KB
6 KB 41ms
40ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=0/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=sy5,sy15,sAbmxd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=1/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3e0395ba3c6ef2e1abd4cf21da7ba3058a68aa38ab2f51c8ef8cef1e61c750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 12:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 20:08:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 12:43:22 GMT

GET
H3 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame F8B8 326 B
350 B 145ms
62ms Image
image/bmp 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 22:13:05 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Fri, 23 Dec 2022 22:13:05 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame F8B8 44 KB
6 KB 93ms
92ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-6.438482996832763&2d106.73979171947435&2m2&1d-6.405432330679125&2d106.82401761064008&2u16&4sid&5e0&6sm%40629000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._a1g7w7&client=google-maps-embed&token=128081

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c4d05c09c564f91da50349ce68ac99cadbc6b9dad3046b526b059e8951d807c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 22:13:05 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 0F3B 382 B
1 KB 182ms
59ms Document
text/html 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.WEPncdil2Uw.O%2Fd%3D1%2Frs%3DAHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc87917c9d6dc865028d0f410eadf3bacbb3ecd0dca314a157d7c1be897c0990

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-1pLW925hqmi4mAaE7oQO-w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 274
content-security-policy: script-src 'nonce-1pLW925hqmi4mAaE7oQO-w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 22:13:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 play-overlay.png
ssl.gstatic.com/s2/tt/images/ Frame 5963 2 KB
2 KB 127ms
43ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/tt/images/play-overlay.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.xuQhuh34xGA.L.W.O/am=ABA/d=0/rs=AO0039sr-swvLo9dgTQ8q_pa4aGWLL7Cbw

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cce022c4202effcfcbebaea07eb5df4e18569c64b438636ee1efa8547d56f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 07:25:45 GMT
x-content-type-options: nosniff
age: 226041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/focus
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1638
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="focus"
vary: Origin
report-to: {"group":"focus","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/focus"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 07:25:45 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame F8B8 62 B
84 B 64ms
63ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=100658

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 22:13:06 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 159ms
52ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=612084340572093&ev=PageView&dl=http%3A%2F%2Fmail.mangohills.site%2F&rl=&if=false&ts=1671833586104&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671833586102.269847749&it=1671833584943&coo=false&rqm=GET

Requested by

Host: mail.mangohills.site
URL: http://mail.mangohills.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Dec 2022 22:13:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame F8B8 62 B
83 B 60ms
60ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s12juxl&10e1&11b0&callback=_xdc_._ydrvbw&client=google-maps-embed&token=118284

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/id_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

6a40bd3ae4c65a330cc959d6a48a0c7735b0de369fb8a77013f32eda8656640b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 22:13:06 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame 0F3B 0
0 161ms
67ms Other
text/html 2607:f8b0:4004:83e::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: mail.mangohills.site
URL: http://mail.mangohills.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:83e::2011 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 0F3B 17 KB
7 KB 76ms
75ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.WEPncdil2Uw.O%2Fd%3D1%2Frs%3DAHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d3066dc794908786066395990a4d208572a5e78eb2bbc963d5ea1e18468f8f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 22:13:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6897
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ba3f6bfd5ee931be"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Dec 2022 22:13:06 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5963 15 KB
15 KB 41ms
40ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1IbhlwE6UAOcYkNxhn3IoS1_oTXbSu3iD/preview

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Origin: https://drive.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 03:07:28 GMT
x-content-type-options: nosniff
age: 241538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 03:07:28 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5963 131 B
152 B 198ms
96ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.H5tOVyb8TA8.O/am=ABA/d=1/rs=AO0039u2MnvBWM4c_8_KP0Mx6EKBvxmwYw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Dec 2022 22:13:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/ Frame 0F3B 67 KB
23 KB 52ms
51ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e6612a0af34ec29a41afbd5bb64b04b39101affd1995bfc61b8a6e7d8aa2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 14:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23869
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:19:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 14:27:18 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 0F3B 0
19 B 175ms
83ms XHR
text/html 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.WEPncdil2Uw.O%2Fd%3D1%2Frs%3DAHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 22:13:06 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 0F3B 0
19 B 166ms
76ms XHR
text/html 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.WEPncdil2Uw.O%2Fd%3D1%2Frs%3DAHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 22:13:06 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 04.jpg
mail.mangohills.site/assets/img/content/02/ 209 KB
209 KB 225ms
224ms Image
image/jpeg 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/02/04.jpg
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: fc637fc1d64d337c74bb76d1edb681d1f7613406058102b1940df12fb4fae251

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:07 GMT
DN-Request-Id: d36e8e661a34129809c1112b2ed7c0c4
Last-Modified: Fri, 05 Aug 2022 07:54:06 GMT
Server: DomaiNesia
ETag: "62eccc9e-3420a"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 213514

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 229ms
179ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=612084340572093&ev=Microdata&dl=http%3A%2F%2Fmail.mangohills.site%2F&rl=&if=false&ts=1671833587609&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mango%20Hills%20Residence%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671833586102.269847749&it=1671833584943&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Dec 2022 22:13:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK 03.jpg
mail.mangohills.site/assets/img/content/02/ 171 KB
171 KB 230ms
229ms Image
image/jpeg 2400:8901::f03c:91ff:fe00:bf98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.mangohills.site/assets/img/content/02/03.jpg
Protocol: HTTP/1.1
Server: 2400:8901::f03c:91ff:fe00:bf98 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: DomaiNesia /
Resource Hash: 3a8d41c394b5cf6b57dca3259117ec4c6d755bb0825ee6157ce330a6ba6bfd62

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.mangohills.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 22:13:07 GMT
DN-Request-Id: 63223a3cdd03836836fac37dcf1c9076
Last-Modified: Fri, 05 Aug 2022 07:54:08 GMT
Server: DomaiNesia
ETag: "62eccca0-2abec"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175084

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 12:47:24	Name: NID Value: 511=qW7Jj2ok-SbBXuh3YqxbEqh6tTWltVHFAUKQfeG12alxVMsuuNbbE9JPfxxjpdtatTIslezk0CTZJVpXFBflh_OLFb-GuTXa68cf6IL99-h9NNIuo_f7iz85J0X7LjW5LCne21lviMMfN4b8N8AfsKK2BkM7kLQsghAdUXr7OyM
			.mangohills.site/	1970-01-20 10:33:29	Name: _fbp Value: fb.1.1671833586102.269847749

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cdn.jsdelivr.net
connect.facebook.net
content.googleapis.com
csp.withgoogle.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
lh3.googleusercontent.com
mail.mangohills.site
maps.googleapis.com
maps.gstatic.com
play.google.com
ssl.gstatic.com
www.facebook.com
www.google.com
www.gstatic.com
2400:8901::f03c:91ff:fe00:bf98
2606:4700::6810:5514
2606:4700::6812:1734
2606:4700:e4::ac40:a916
2607:f8b0:4004:83e::2011
2607:f8b0:4006:807::200a
2607:f8b0:4006:807::200e
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::2004
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::2001
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
011a716a95c4d464277b8976e1603da044f79b314da2acb11a02ecb2f387ceb1
02c0ff744258abe5f88741e07992cb80baba6c74fb9eea66881514a3679e21ac
04994be7db4693bad5bc011cd1aa7a3cdd72c55dd72f478b772de9a795e82210
06a9455f7ee4a19a06a1a1ae13977113779c1cd70bf1d4744a3316ae5a5e9423
08cce022c4202effcfcbebaea07eb5df4e18569c64b438636ee1efa8547d56f8
1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4
22e6612a0af34ec29a41afbd5bb64b04b39101affd1995bfc61b8a6e7d8aa2ff
23398a4c4e53423174388886c618dd2814fabc0aca59830b440a8d0d4e14e550
23538c71db1b03b155678bb43b588614c8bfc6bd046b0d135dc24f23bae9df26
26cdfb52ffd79812772af67907357a5718b060d901091d783fa7ea656213f416
2fcf8712d820e03a42d29f938c51132c659e2ecd246d03badf18e7d599b83171
3a8d41c394b5cf6b57dca3259117ec4c6d755bb0825ee6157ce330a6ba6bfd62
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
419f96b03134ae927d6427f4d32571a828a5358114e4d80002628be1cc2f021d
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
44d3066dc794908786066395990a4d208572a5e78eb2bbc963d5ea1e18468f8f
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
530a80559f6a844d1ef851174ff829c7ffda50cba9ae80a7a9f2c50345fd5dd6
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57bcdd853f4d7c186bf4ac382da6a03410627a9f51def2525d3cb28f5f1c7855
5870853c8d480655c4c25d37503d9aba4b1e3102aa89aa56c9d50826c51e6e69
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
659f641de81ca703114fd6675032bfab0410f47b3423d055e020d567b9708759
688b642f3e562db1f2d8bb221705920300a5119d4b9c821591b52395e297449b
6a40bd3ae4c65a330cc959d6a48a0c7735b0de369fb8a77013f32eda8656640b
6b3e0395ba3c6ef2e1abd4cf21da7ba3058a68aa38ab2f51c8ef8cef1e61c750
72de8e244e9f71dc1141242aa3f5493cab4ecf9b8d728e8982998470e09e2aba
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
73dce6338a9cb315d9f8e29bff3c5d17f78a8acc70ad3810c74d63b1c13684a6
788283b9392704ad36e4767d8e14790895e3a504214d4553da9b4992fd9f2af2
7bbb1f20e530d62120c358c09d849c30b3cc15f3c1e6536a9205fe53b96db50c
8668f83f6f1888b3a0c71d89e02fed33e13c86dce7aefa36d6ff4944e00ce82c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9082f2be4addd62a8f64c7efcab61a16aa8a47aaad81621ed1fc211b5af3eb3b
9409221ea6cab96cc39d90c92f381030c936ba18019d7cbcb297e8a9c1beead6
9fa2b61c65e1c21bdba7aeab10e6769f80a2c523784b784de843c17e92512ae8
a31271f631987b09ceb066363f7625ba8d4908f85492c5948100e8ab8be07dc1
a738ad63595487e91479d33d797abe44cc1f8932517e1d79a7b2f85b2b6c5cae
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b0261f893b23d3ca1ea8ef5871a56770039b85f99bed7564a9e6c7c40c11506a
b03434200a59b95c5ddd32d31327847fbabf9b3913d14fd09371bd35620fb8c9
b047769a561b0cf2d3b64efad93c6f785e8e6c6b8618710a72601fd325c770d6
b5cc37f799d67c77a7407a079f673ebd31073b6636ed24d1a5e809914e0dc687
b5d6660590c8a0eae9cc4db7b2c0f3703a669be197a971e41082a80d4d19ff80
b856bad6a7ffe16d3ba0ea0d6c6fe0526385ebd11e589a2efbcbf97386e9ea40
bdc1add1bd7eab83175cc7f6a1e8b978ad3813d0a28df47fb857ec9cbe7fad9e
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f
c17af5876bcad0f6433b71afbbd1d69a0b66abab414e74ad3b783773ad9dea39
c4d05c09c564f91da50349ce68ac99cadbc6b9dad3046b526b059e8951d807c1
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97
cc87917c9d6dc865028d0f410eadf3bacbb3ecd0dca314a157d7c1be897c0990
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
d65881aedf02b09a4fbe4ddf0209cb50e89cd1b522c934c485714c13072e42d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e735adf05cf6edc28d0d9f09541221d23f2d1de3a016b6b757dd31ebb53af952
e7a9f485d6f2e1dabd73d8b9ebba2930177e6d77565963ed32707837ed9bba33
ebc7a4c584a6137497253783f4c82db02e23f8e578bf09b4ae71151fad514e62
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638
fc637fc1d64d337c74bb76d1edb681d1f7613406058102b1940df12fb4fae251
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

mail.mangohills.site Open in urlscan Pro 2400:8901::f03c:91ff:fe00:bf98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

76 %HTTPS

100 %IPv6

10 Domains

19 Subdomains

20 IPs

2 Countries

8748 kBTransfer

13032 kBSize

2 Cookies

2 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.mangohills.site Open in urlscan Pro
2400:8901::f03c:91ff:fe00:bf98 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

76 %
HTTPS

100 %
IPv6

10
Domains

19
Subdomains

20
IPs

2
Countries

8748 kB
Transfer

13032 kB
Size

2
Cookies

70 HTTP transactions
4 data transactions