urlscan.io logo urlscan.io
SecurityTrails logo

mandynotes.com Open in urlscan Pro
2606:4700:3034::6815:2aa  Public Scan

Go To Rescan Add Verdict Report
URL: https://mandynotes.com/
Submission Tags: phishingrod
Submission: On September 22 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3034::6815:2aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is mandynotes.com.
TLS certificate: Issued by E1 on September 22nd 2023. Valid for: 3 months.
This is the only time mandynotes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
52 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 104.199.210.210 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
24 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 104.199.245.202 396982 (GOOGLE-CL...)
5 203.75.214.136 3462 (HINET Dat...)
4 34.102.239.73 396982 (GOOGLE-CL...)
2 116.50.36.71 18046 (DONGFONG-...)
1 34.111.137.131 396982 (GOOGLE-CL...)
2 4 142.250.186.134 15169 (GOOGLE)
1 35.229.142.89 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.194.212.25 396982 (GOOGLE-CL...)
114 20
52    2606:4700:3034::6815:2aa (United States)

ASN13335 (CLOUDFLARENET, US)
mandynotes.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a06:98c1:3121::3 (United Kingdom)

ASN13335 (CLOUDFLARENET, US)
demo4.iseeu.tw
cm.daexauto.com
2    104.199.210.210 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 210.210.199.104.bc.googleusercontent.com
vawpro.vm5apis.com
2    2600:9000:206f:da00:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
man.vm5apis.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
24    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    104.199.245.202 (Ascension Island)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.245.199.104.bc.googleusercontent.com
match-hubble-man.vm5apis.com
5    203.75.214.136 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
ccea9a06-9a0b-48fd-9af8-a6e8f7558053.t.ssp.hinet.net
4    34.102.239.73 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 73.239.102.34.bc.googleusercontent.com
t.daexauto.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
1    34.111.137.131 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.137.111.34.bc.googleusercontent.com
vahfront.vm5apis.com
4    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
11009166.fls.doubleclick.net
10559160.fls.doubleclick.net
1    35.229.142.89 (Ascension Island)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.142.229.35.bc.googleusercontent.com
iptoweather.vm5apis.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    35.194.212.25 (Ascension Island)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.212.194.35.bc.googleusercontent.com
pt0.vm5apis.com
Apex Domain
Subdomains		 Transfer
52 mandynotes.com
mandynotes.com
15 MB
24 gstatic.com
fonts.gstatic.com
1 MB
9 vm5apis.com
vawpro.vm5apis.com — Cisco Umbrella Rank: 291758
man.vm5apis.com — Cisco Umbrella Rank: 332819
match-hubble-man.vm5apis.com — Cisco Umbrella Rank: 276492
vahfront.vm5apis.com — Cisco Umbrella Rank: 415529
iptoweather.vm5apis.com — Cisco Umbrella Rank: 331482
pt0.vm5apis.com — Cisco Umbrella Rank: 326721
29 KB
6 daexauto.com
t.daexauto.com — Cisco Umbrella Rank: 287692
cm.daexauto.com — Cisco Umbrella Rank: 332465
28 KB
5 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 73975
ccea9a06-9a0b-48fd-9af8-a6e8f7558053.t.ssp.hinet.net
3 KB
4 doubleclick.net
11009166.fls.doubleclick.net — Cisco Umbrella Rank: 361520
10559160.fls.doubleclick.net — Cisco Umbrella Rank: 353913
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
222 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9064
665 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 182
1 KB
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 120700
940 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3500
pixel.wp.com — Cisco Umbrella Rank: 3212
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
66 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
253 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1476
7 KB
1 iseeu.tw
demo4.iseeu.tw
450 KB
114 15
Domain Requested by
52 mandynotes.com mandynotes.com
static.cloudflareinsights.com
24 fonts.gstatic.com fonts.googleapis.com
4 t.daexauto.com man.vm5apis.com
t.daexauto.com
4 t.ssp.hinet.net man.vm5apis.com
t.ssp.hinet.net
3 www.googletagmanager.com mandynotes.com
www.googletagmanager.com
2 adservice.google.de adservice.google.com
2 adservice.google.com 11009166.fls.doubleclick.net
10559160.fls.doubleclick.net
2 cm.daexauto.com mandynotes.com
man.vm5apis.com
2 10559160.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 11009166.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 cm.lndata.com mandynotes.com
man.vm5apis.com
2 match-hubble-man.vm5apis.com vawpro.vm5apis.com
2 man.vm5apis.com mandynotes.com
man.vm5apis.com
2 vawpro.vm5apis.com mandynotes.com
man.vm5apis.com
2 fonts.googleapis.com mandynotes.com
1 ccea9a06-9a0b-48fd-9af8-a6e8f7558053.t.ssp.hinet.net mandynotes.com
1 pt0.vm5apis.com man.vm5apis.com
1 iptoweather.vm5apis.com man.vm5apis.com
1 vahfront.vm5apis.com man.vm5apis.com
1 pixel.wp.com mandynotes.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com mandynotes.com
1 stats.wp.com mandynotes.com
1 demo4.iseeu.tw mandynotes.com
114 24

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
iseeu.tw
www.facebook.com
Subject Issuer Validity Valid
mandynotes.com
E1		 2023-09-22 -
2023-12-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
iseeu.tw
E1		 2023-08-24 -
2023-11-22		 3 months crt.sh
*.vm5apis.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-29 -
2023-11-29		 a year crt.sh
man.vm5apis.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-11		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
t.daexauto.com
GTS CA 1D4		 2023-08-03 -
2023-11-01		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
daexauto.com
GTS CA 1P5		 2023-08-13 -
2023-11-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://mandynotes.com/
Frame ID: EF5B8C6A9F7D24775734837CA21AFFF4
Requests: 99 HTTP requests in this frame

Frame: https://man.vm5apis.com/dist/persistentID.html
Frame ID: 50A8E1D36E97F13C93B4E7D2A42474C9
Requests: 5 HTTP requests in this frame

Frame: https://t.daexauto.com/main.html?partner=vmfive&member=f15def4e-44a7-404d-adee-dfaaa4c44217
Frame ID: 542E7A92B89097433E8CE926A673E829
Requests: 2 HTTP requests in this frame

Frame: https://11009166.fls.doubleclick.net/activityi;dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 99035E016C0D9DC8390AF62525A2D6EB
Requests: 1 HTTP requests in this frame

Frame: https://10559160.fls.doubleclick.net/activityi;dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: B621671C335AB4B668FD0C3F1DFCF94F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 7262B4E8357484579475ECFBB357B266
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: B04B25A3068AC267F8F7387800F517BF
Requests: 1 HTTP requests in this frame

Frame: https://t.daexauto.com/main.html?partner=vmfive&member=d2ef8ebc-1c5c-4103-a97a-16c0d4be6731
Frame ID: 2D4C5AE5BA90FC8A975709070125D4A3
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 6F851BB0CAAB9CC3F9FBDC5CBA8B955E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 8E35A388D6525E3F121A6FDF455F83F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

曼娣慢慢遊

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

114
Requests

100 %
HTTPS

50 %
IPv6

15
Domains

24
Subdomains

20
IPs

5
Countries

17402 kB
Transfer

18925 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
  • https://11009166.fls.doubleclick.net/activityi;dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Request Chain 93
  • https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
  • https://10559160.fls.doubleclick.net/activityi;dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mandynotes.com/ 		110 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb840ebb3ee743c57f8f98206856bc331478e9698d3314b9d7ff5e448d2110a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80a8ce0129a94dac-FRA
content-encoding
br
content-type
text/html
date
Fri, 22 Sep 2023 07:23:50 GMT
last-modified
Sun, 17 Sep 2023 15:58:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uz%2FrS0aRkoFFKLpITe7PAs3kpxzU%2F574NKG5i2RALTPV8qcB0N9N4QBMDx3UvU4y%2BPZWLec4wW3uh79UsiZmZrQdR8MPmqVpOhg53QChJtmY5iKgEtIPqPVr%2BODd5XCgEZzCqyKJQP8Sxdvc9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-cache
HIT - WP Cache
x-content-type-options
nosniff
global.css
mandynotes.com/wp-content/uploads/blocksy/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/uploads/blocksy/css/global.css?ver=66285
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a1a2fb9721aa8536db57de85c3152d2b1ba3640c1c8c9ec05719c37400ce1b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 17 Sep 2023 15:58:05 GMT
server
cloudflare
etag
W/"6507220d-3251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZJBVdLi4ZjmbFHDtU69cxrM991CZcxeXleBFA9JQa%2B3M8aTsmjry%2Ft3C7b6mTYSZSY3efjccmhKL%2BPCbb3ECtq1nB0tPBYHRRW6VpQIyLe31kKEsWH0W83mt%2B4Rtu96hXXIb0o0Rd2grI%2FaQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077df54dac-FRA
sbi-styles.min.css
mandynotes.com/wp-content/plugins/instagram-feed/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.1
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 23 Aug 2023 18:28:24 GMT
server
cloudflare
etag
W/"64e64fc8-607e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUINckvlEgniyB6QpuM6P03BFY6R8qqi3E5g7D9Dvt5In9ZXJx1bqYHZWZ7MbHlXxk%2BFrxDqP0ZBt%2Bdde2RA7agZ5fnuN6twbMqL2lhVC4f4QD4M6ZT6LynMdMIeHg%2F20YFJJFrruXhXxDhEjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077df74dac-FRA
style.min.css
mandynotes.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Aug 2023 09:16:57 GMT
server
cloudflare
etag
W/"64d5fc89-19824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF17VrrCJQ%2FWQlwo4glbsIMmjPcTwYPVXbFRG5%2FZFfMVbgfoR7tmGYqM%2BevGMXdltuxBnsa54mstBD1MptnrbBR5BCuy90qUUJTgnt8izW%2F4%2F5jYQTnZUkI8AHaH%2FgYNnRxZfhzMxG7ahj8I9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077df84dac-FRA
view.css
mandynotes.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 		602 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 14:27:54 GMT
server
cloudflare
etag
W/"64e768ea-25a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCvCpETA%2B3uJ%2BgsehXnl7xhFn0FomhrJcqAXdr9dn7s2%2B0jG%2FnjgHk0O6DvjcXsKyJfLdgsuEzUx5IaTAGrzPUx2kusRt6hpttN0BNFOADs%2F%2FiEy9Qu%2FWf43Q3XFuoFmrb5bCu6cSHcaIz5Vxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077dfa4dac-FRA
mediaelementplayer-legacy.min.css
mandynotes.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"5f735862-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HF8SOLuGGGGRBhaR%2FZUR%2Bk%2FJr3BKTLTL9KzSPQd35DPg5KvTI%2B5ZFsAl7KveHLIwbPJpaRj9oL9goPKBP%2BwCNIrk61aTSsAENOTPtgAyrIVcFXYrcuf%2BEsEm7gAwq7niewtMO67%2F9PwJznFHnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077dfc4dac-FRA
alt-svc
h3=":443"; ma=86400
wp-mediaelement.min.css
mandynotes.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.3.1
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
cloudflare
etag
W/"5cfaccce-105a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yRXJ5Uwauna8T4tEj1hzyEoGoXZoCobKbukFYp6ZKro326d88PI1qC45i4K5EFKhV53fL2xepEWs9kjafJ8znQ36aFfQhQB8bP5L3YsDdowYaClSDK8vBayJW5MWI7D5jjsAjHKYhnomFUCgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077dfe4dac-FRA
style.build.css
mandynotes.com/wp-content/plugins/block-options/build/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/block-options/build/style.build.css?ver=new
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 17 Sep 2023 15:57:51 GMT
server
cloudflare
etag
W/"650721ff-4d66"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upscQru22SSa3jPEm%2F0kEgft85y0kY9m0N8yuxLW%2F%2F7CoeN%2BGDlGS%2FFTAqmVQDSYw87uGaZT1h9SqQ7MK7FAao4t2oAkFXnL327V2UIGU%2BhQiPWOz3mYeQ53n49T847Y%2Brif3nqJ27VN%2Fj%2BiGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077e004dac-FRA
screen.min.css
mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.55
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0806ff4935144c0e146860185404e24577e79c60a063bc5b33b493fb14c2d941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 10:24:55 GMT
server
cloudflare
etag
W/"64f701f7-162c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNSWkUesa9MlMtVKgQTn%2BirYJc0%2FHdv%2FECbd1UiejDMA%2FqPKlkwzcAFXiF2GinVGfbtHpGZmruOx39LAyr%2FmQxbYIHfd8uv0egZWU9S%2Bf60V7oz4KFs%2BVs4Crm4qmGv1UAnBBnvyOrqM%2FYN5Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077e024dac-FRA
main.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 		94 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.9.5
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58360fbdd01ee1f74ee8e77805c26719b26dc16204ac1b6f00d89ccd66d8214f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Sep 2023 16:13:42 GMT
server
cloudflare
etag
W/"650482b6-177c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6Wze9Z3ix92TfzbgxR2keYbo%2ByxJmMmq8WP2lpFeq24ZpFsU%2BigtdkAeHpaNouGFTfvc%2Ba4dUoQjME3UdxB6wTZIxUamb4xI1sSZa%2FMHXVWYDX0gfYQq3l7gHsIjMUIxmPMloS%2B0gsS6%2FbeBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077e034dac-FRA
admin-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy/static/bundle/admin-frontend.min.css?ver=1.9.5
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
449baaf9ea45ae040d3a16e74d2a7ecf2579ef0307a6f8ccd591f1f524496c26
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Sep 2023 16:13:42 GMT
server
cloudflare
etag
W/"650482b6-dec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSOcpchMOHdxQQDy6BojG4wS%2F2PutvL0yWzxlhBMMjTkyH26WH8Qk7h6pRFoHbxHIno853Czyl78Zz2ArtUoJW1Bj2WuPviXJcDBsQgbNtmc1dYggb3c8QWPNdcV892H79u98HUWQ4Iwp%2BshFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce077e044dac-FRA
elementor-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 		2 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=1.9.5
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b0795bc99f07d92b6d51d64ec2f3e72a8fb783de07bb432518da9597478580
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Sep 2023 16:13:42 GMT
server
cloudflare
etag
W/"650482b6-746"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osh6AkXLf0DF6zroUyPB4lqKfvJDWibrSjneUunMbC8nTBXAmSpA99gaD%2FjTV8K6Tigssoicapdye9yCj6MhR656HrWAaadzPHVi%2B1Y%2F5Lns5Q9UX1GYIwQ7hIDA5u88auqi7R6DUkaLUDQ58w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e064dac-FRA
sidebar.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy/static/bundle/sidebar.min.css?ver=1.9.5
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b19952cc92c7a36efbd1e2535b2629d538f0860e1a92680e47969d664e65f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Sep 2023 16:13:42 GMT
server
cloudflare
etag
W/"650482b6-c69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y39xPKwMrt0T9lP%2Fy%2BGFog3%2BsVqBWDlEqLFPuKGha3gdLzLAWT0g1Snl%2Fx2W2IXD8AHZ66p9Bm7PvGRshjLT%2FNqKXtI%2BSg8UzsV2gp4G%2F36SEzsQdvpTtttIYALITqP7k0%2BrYECCyd93w64iBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e074dac-FRA
style.css
mandynotes.com/wp-content/themes/blocksy-child/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy-child/style.css?ver=6.3.1
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 13:03:54 GMT
server
cloudflare
etag
W/"6239c93a-59e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkouhjPLWTH072UfCRJwpdOtHg50oIvmxH20055rVqnQFILXKaHjKY%2BGtuugpc8AetifO6YidPv0ZbP%2FKFol0BjwylFSof8Y%2BSLjNhHDoMLlRHU5KNEpBpQCObAgetH6BSnvT9yuswndKq7fmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e084dac-FRA
css2
fonts.googleapis.com/ 		234 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa1889023832f901d621944661afab0300b702d5c66a60402bcd4062951cd9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 07:23:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 07:23:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 07:23:50 GMT
back-to-top.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 		1 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy/static/bundle/back-to-top.min.css?ver=1.9.5
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5987e753df7b968f9ab112f4fc365cc265e2b59090a78ef208067db54a6c6f66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Sep 2023 16:13:42 GMT
server
cloudflare
etag
W/"650482b6-44d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ1J21JooHa2c%2BlceLDJLvKocCzFkSZpiOJJbqgSeUdwGsQ6zhh3lTeYV%2BExFZXOvkct5LpFl%2BOHed1NPTc2QpaoB%2Fqfy33iMEai%2BEiyY%2F4QePANp6wBcbO2I4RByNirV5laDjXBbg5T2T5JHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e094dac-FRA
css
fonts.googleapis.com/ 		4 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.4
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a7bcbb5506f763ad54a0432554627831d592ad24f13539d49688c5a757b2b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 07:23:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 07:08:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 07:23:50 GMT
font-awesome.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.4
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c105768761cb669a357d067af75d15e023cefbfc34f4fd40f86ef091dcbe50
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-d3cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBH6YhAhbIH46CHEDzEwSYNKoL%2FKGHL%2BE5wumB9wnnDpf2Jnfn53LVgp4hxJfT%2BeCbpA4MY2a%2FPe73obesFTG%2B1Y1lUto3R0oNVywrfd2vQKoozyA%2FXdVikQdG96IPDGIgBj8sMJ7d3vr%2F4dGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e0b4dac-FRA
mystickyelements-front.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 		196 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/mystickyelements-front.min.css?ver=2.1.4
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df20959483c98fd02a13f00d2c35ff898bbddaae844be9eb8235ea803eb51c55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-311c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8vXDhmLuz1OXABMvP5YGqn4w7aKWrExRYuzbfnFLESqjSFNVwep7wR%2FOUb753qHGjD2Sf1APOKY%2BFbjrBttwGh%2FGUateSxA4HQiew6wWObxCgZ2AyqUcrPa0Y%2B09jJF6FozmtwhhLVMKlG3Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e0c4dac-FRA
intlTelInput.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/ 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/intlTelInput.css?ver=2.1.4
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-6659"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PMpbUQdnPVPTofdZxIERFE4K%2Ba1e1pw6O5uhBYTeANZpk8jtk6cr%2FN3NtIdLEFCH5WkCXINSy%2F9k1WPBPlOqI9%2FEC9dOBhC%2Ft5PB4KJdofv%2ByQvPdqXF3y0iLhBi9JCDtKJk98wKveLhR%2Bwwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e0e4dac-FRA
jetpack.css
mandynotes.com/wp-content/plugins/jetpack/css/ 		98 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.5
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 14:27:54 GMT
server
cloudflare
etag
W/"64e768ea-1862e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmF%2BQcIPNuJH4xThk4BidF5wUqhpqMDPu1c%2Fus%2BfUwYnXmZb8b0wBokjVSzZ2WGTYzCD527e%2F13n2%2BiWe57gPVN8GvuaOSG9VFPaU0t6vxao5SljFSYNsIiK03eQ0%2F44ocu8TrdDx%2FNVxM92mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80a8ce078e0f4dac-FRA
jquery.min.js
mandynotes.com/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Aug 2023 09:16:57 GMT
server
cloudflare
etag
W/"64d5fc89-155ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o%2Bf29q1ssZeeTCFMgMXBCfQZ41m3qRRswyLkNqYpEBGNmhTHS2F5KxWUQCUfQVCuqOegtd4eHEeo3iFAyrQIkPNAT7NhNSLlePOIa9Cq2uF2xqkfE5%2FA%2Fo3liMoCzi0V6KY4FFc25eIFvfE6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce078e104dac-FRA
jquery-migrate.min.js
mandynotes.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Aug 2023 09:16:57 GMT
server
cloudflare
etag
W/"64d5fc89-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5TQ4VN8lZQu1dqUlCcJGgYLAHOEyn19lMND6oWnWKx0ErMdj7ZkWDqLBhyCi0xGBOa%2BN8wAL3l1WNYFuWkSHv3MxiTicFkqm2lk%2BNB3D7lv%2F28rkYaLFdfU%2BZIUYRSIbieSOGx8KVNTMSX3hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce078e114dac-FRA
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fe369be9e803addba9e1c8cd527db2dbec3303f9cbcdc0b9dfae5e53b229c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92583
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Sep 2023 07:23:51 GMT
pexels-2.jpg
demo4.iseeu.tw/wp-content/uploads/2022/02/ 		449 KB
450 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74452d16233bbe951724b6e2e791850d236db237efa32742708a2b53b0bb2dc7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 15 Jun 2022 04:10:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62a95b9e-702f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uL2RocDY%2B4xBCozNao4GI0KaywGNM0iAu5AfEM%2BrskYtWbj2BOdlf2mwtdJBD86Qrv8RvZEg6Ca5Io2neoKiy02Xi5jYohZ8nYfQKmgRgmc2XSIMS97DhuyWbGVn4g7fzjZPBYUJ0SQryLXorA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0eeb592c1a-FRA
content-length
459511
DaiDaiSpa-768x576.jpg
mandynotes.com/wp-content/uploads/2023/03/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2023/03/DaiDaiSpa-768x576.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b52de1f8d15357fff402e65d6ba725dc5212e3a93e2b991f8876ed18fd045d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
content-length
75278
last-modified
Tue, 09 May 2023 04:12:33 GMT
server
cloudflare
etag
"6459c831-1260e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F48Xs%2BwYjC2BIkCO5%2B%2Bq%2FQ9KV%2B6qr1XW5m4bhVVU0hL17w4CVUkNw2lzNlYIbhQ7nh91RC%2FBv5CJLC%2FKjbs0SwVlY%2Behj6qe4oeYtQGErV%2BG7JljrQwIUfzKJLRsRtGp7IGUoz0qbs988pNytg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce078e124dac-FRA
IMG_6926.jpg
mandynotes.com/wp-content/uploads/2022/04/ 		365 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2022/04/IMG_6926.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
373783
last-modified
Mon, 11 Jul 2022 13:45:39 GMT
server
cloudflare
etag
"62cc2983-5b417"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8fRmQJ%2FJVzWE35xEPRVhSAKkHnV7%2FPi%2F8o00TqiT%2BdbUoug0hMXrtH9V7iv5pQ463tnVzLtA6so1FTFJH0SfLd5iVDAqzL4%2F5bmOfjKZ11sGqkXTMuwfWAoaKzEfbcU7KUHAH%2BbrSngO0sADA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0e8e55bb89-FRA
priority
u=3,i
IMG_5639.jpg
mandynotes.com/wp-content/uploads/2022/03/ 		295 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2022/03/IMG_5639.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
content-length
302535
last-modified
Tue, 29 Mar 2022 09:15:57 GMT
server
cloudflare
etag
"6242ce4d-49dc7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTK3XIwPZcmGnwXMrU9AC3CqvDt4qaSuWe01bH3LNSC8bbGnvnBHSHGzOEBishjr%2BUgfs31Xes0OLzmTiekgF2r%2BzNh54p4AkZ9Pv04GV3w4D03l9%2FVEgfslNrVO1OuzyV8Mb0%2FDdCd5VX9zOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0e8e56bb89-FRA
priority
u=3,i
placeholder.png
mandynotes.com/wp-content/plugins/instagram-feed/img/ 		176 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
content-length
176
last-modified
Wed, 23 Aug 2023 18:28:24 GMT
server
cloudflare
etag
"64e64fc8-b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DdbO31B6460MCFEaz5OgGqkbL93qyPB%2FnE7NsBW5s2UMW2uYKOH7mMX2ckdDnSjyYwTjuCfKPGLhYU%2B7uSvQdqlySF7dL%2FsqvCViXpQ9Qb87XnUpeI2MkYJ8Y%2BHzHbHzFTnlroX1L5Gg1nmmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0e8e58bb89-FRA
priority
u=3,i
man.js
vawpro.vm5apis.com/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vawpro.vm5apis.com/man.js
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.199.210.210 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
210.210.199.104.bc.googleusercontent.com
Software
nginx/1.19.5 /
Resource Hash
7c6f5c580db020f4ca2a2058c8d1ed5c1e38ec11ab43f57cbeed6e88b08ee4cb
Security Headers
Name Value
Strict-Transport-Security max-age=15638400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 07:23:51 GMT
Strict-Transport-Security
max-age=15638400
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
nginx/1.19.5
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-Control
private, max-age=3600
Connection
keep-alive
VPT_mandynotes.js
man.vm5apis.com/dist/iseeu/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:da00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f4573bd6563cf503873202f746771fd4e9ec2509503f126ab1ce284b4e1cf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
content-encoding
br
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Mon, 14 Aug 2023 08:35:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
W/"238ae3b27f8008f6197185fb6709c0f9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
fW3_bZ77LjoQXnDqKnpqvRWuzWC-QJii2Gx3sGZ1lzprJoLiRfXEYQ==
main.js
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.9.5
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7185435bfc89307d186511dea98f15543f1a3269ef3dbd57353afaf61228132f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Sep 2023 16:13:42 GMT
server
cloudflare
etag
W/"650482b6-231e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE11%2FOzNIriln1msomrBltCSY9qyZCMcqookL5jikutpBCyXGtlk6Xc2A5Ed%2Fge7dmaUAaGR9TKNa8vWuPEGh7cR7jP3IcqTuSLTH81s6i3K3yhjrr72uLLFeAdR9dRc0BlIGNkQQWDu6KXJ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce0e8e4fbb89-FRA
priority
u=2,i=?0
e-202337.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202337.js
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Fri, 22 Sep 2023 07:23:51 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684461103136.7104
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 09 Sep 2024 06:52:50 GMT
intlTelInput.js
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/intlTelInput.js?ver=2.1.4
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-19d8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYex%2BWRtdL1KgBpT66752U7tg5CNvGdQv6YsvH%2FDEFP0k3I%2FUzhS%2FjC2PSDC4egGm1zSdLmsE4WeGUF9%2FJ5HbAN1%2FppNLPBcnMSEo6l8gVuIkb62kE3XK3mlEUEWSQ5KBiUTzTJ5J9TLj0KzZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce0e8e59bb89-FRA
priority
u=3,i=?0
jquery.cookie.js
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/jquery.cookie.js?ver=2.1.4
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-597"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3yqd8k02b%2FoShXw2KoKSjcw%2Blh4p5l1F%2F8XilP5lVGV%2FGGamZ%2B4%2FU6H3rIm581mZt6xoFPw3hbHKYyoDFsu3pjA3Hi9yN2zxpj8oZ8F3bSBmN36Jy%2FkI99E3RvPH5yhjVbKJwADfr%2BAArYVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce0e8e5abb89-FRA
priority
u=3,i=?0
mystickyelements-fronted.min.js
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/mystickyelements-fronted.min.js?ver=2.1.4
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccc71082ff9aa5c044b2a4e0def113f2dfc603b15d1a9caa765e9cf6c586224
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-8541"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnFXbSscATq1yKrO%2F3M3HZGu00bjOnNFhumWiigzxoQElYgZZAEtp5Ehbi5aiQtl1AQ7oU8u379wpTX%2BelsjNCp4yQ%2BS5YBcmFflbyiP1hE9goZ5FhijKOburfrvhMrYS0SB9aZy2%2FDzEpWilA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce0e8e5cbb89-FRA
priority
u=3,i=?0
sbi-scripts.min.js
mandynotes.com/wp-content/plugins/instagram-feed/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.2.1
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 23 Aug 2023 18:28:24 GMT
server
cloudflare
etag
W/"64e64fc8-6bbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SD9AXEFdkl8Nv1wL%2F090J7jdGt8e9vJf%2Brjh3TyKqAe%2Frd1CK3SLnf5vfLrD7KAkiVDpuIw5g2dBNDvior84kjC2P30INbulvvMPNNjw9SHuh%2FzQlKA4dYe6iAqb8%2BWzx8GGqYUqEuCbIJcuSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce0e8e54bb89-FRA
priority
u=2,i=?0
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://mandynotes.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
80a8ce0eaf47372f-FRA
placeholder.png
mandynotes.com/wp-content/plugins/instagram-feed/img/ 		176 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
content-length
176
last-modified
Wed, 23 Aug 2023 18:28:24 GMT
server
cloudflare
etag
"64e64fc8-b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub3n4LtDKXPbUIW%2B9bikWGNLKXOd1IUigfXfInAu%2FkZfxJ89yn2t3ze1ZUTWdprUmIB3lwbh7O8DthSDBIPzB623tzt034gu3ykpANj92Vqv6b%2BVTmq5klFTBSe%2BNoZA8GQWLYaRjfw9LHXmsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0e8e5ebb89-FRA
priority
u=3,i
XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cf14dd765f4e984deed8d571b1615ecfc6fc8d287758ba1423a25f3c10c218c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 19:03:11 GMT
x-content-type-options
nosniff
age
303640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80252
x-xss-protection
0
last-modified
Mon, 09 May 2022 20:07:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2024 19:03:11 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5d02048d625e6fdaba8063decd1e9edcd57829147090ce1d64358e54d34f4bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 03:15:03 GMT
x-content-type-options
nosniff
age
446928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34276
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Sep 2024 03:15:03 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d261b03fea6392d5cf6220a7a9925497d1c3bd760990e24668542fc8bfa4c256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 14:39:24 GMT
x-content-type-options
nosniff
age
578667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64196
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:36:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 14:39:24 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a94797fbbdf249e0b86cfce84f76e05f18a3be22864c7157bf4f47281d7b5d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 10:08:58 GMT
x-content-type-options
nosniff
age
508493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77004
x-xss-protection
0
last-modified
Mon, 09 May 2022 20:07:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 10:08:58 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.75.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.75.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b89ffd81c7420d6c0fb81ddbe609f8ded303ac53c200bf00508f5434ae48cf1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31532
x-xss-protection
0
last-modified
Mon, 09 May 2022 20:02:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 07:23:51 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
896adb75b41f312934d2c084c31df6af7a461567ab9b45cc76f5124d24cc3752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 07:36:39 GMT
x-content-type-options
nosniff
age
517632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63168
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:30:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 07:36:39 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e613ed4308f865da260455901af0b7b2e0cc0bfe2c8dfa7aa4cc0aa3dcb974b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:12:17 GMT
x-content-type-options
nosniff
age
220294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68788
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 18:12:17 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf4f096f9d656631111cdf91411fc73f3e68f3ddb8b8b3ea12a149554ac93cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:29:40 GMT
x-content-type-options
nosniff
age
129251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76120
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:29:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Sep 2024 19:29:40 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8057d8ef047c6a1bf9cc0230f7657dead23fb56ea2e934c030e228ab379b39d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 21:11:31 GMT
x-content-type-options
nosniff
age
295940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77352
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2024 21:11:31 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79a6b0e86550cc7ebcb8f7da27e33335c85e61ad6531d2fc1d8f31c02cb36df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 23:28:58 GMT
x-content-type-options
nosniff
age
460493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74520
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 23:28:58 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.100.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.100.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b57b7b16306305c0ffc2968853da6025fe04d4a3be1b7d5bfa4593e04c375e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:26:16 GMT
x-content-type-options
nosniff
age
503855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65064
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 11:26:16 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
466669ce0a393852b5a765c513d0b5502f0ea35a9f56847718af5aa86dcfd018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 03:06:16 GMT
x-content-type-options
nosniff
age
533855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74384
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:29:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 03:06:16 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c4916fc37af5dec08ebd1bc5138a4317fadd5b854bfc4137983b7ecfd38cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 10:08:58 GMT
x-content-type-options
nosniff
age
508493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75244
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:30:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 10:08:58 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d34b810c3f6cbf7f98005d4624988efc4accace19779d24ed580b0f1be4f955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 07:43:52 GMT
x-content-type-options
nosniff
age
517199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78460
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 07:43:52 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e568dc1579169ae8f0b159abd5d348f6dc7f345eb84c45868930464bc08825e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 12:10:32 GMT
x-content-type-options
nosniff
age
501199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75312
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 12:10:32 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
903e9ce7f8aeac0f07036d6324176111886c5efe6a3b1ace4c6a2228aab36118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 22:21:58 GMT
x-content-type-options
nosniff
age
464513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80748
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 22:21:58 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.105.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef50c6727cb0074307974e8ea6f3b2a7036b7f9dac38edb763ca5b412ee06c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 00:48:39 GMT
x-content-type-options
nosniff
age
455712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68228
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Sep 2024 00:48:39 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.111.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09f8bc8291f64f495aa2c1b1a95c2fcf541a72e077dc90807270ff104e2800c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 08:14:12 GMT
x-content-type-options
nosniff
age
601779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68400
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 08:14:12 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.19.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.19.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc75e5b34d94fef79e1ebb5bdae05cb944a17193382827fe666a724bd9eec69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 20:36:49 GMT
x-content-type-options
nosniff
age
125222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36880
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:38:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Sep 2024 20:36:49 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fd3a5fa32c9d8aa4a7a29a3d375ba06735f0582534873c5043f480ab53637b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:49:08 GMT
x-content-type-options
nosniff
age
502483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67584
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:53:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 11:49:08 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.69.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.69.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
988b57582cd352f2c71b5fcfa8649a1b06384aa5b0f37d6b0627c6b29d39b9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 01:48:01 GMT
x-content-type-options
nosniff
age
20150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41044
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:46:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 01:48:01 GMT
%E5%B0%81%E9%9D%A2.jpg
mandynotes.com/wp-content/uploads/2022/02/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2022/02/%E5%B0%81%E9%9D%A2.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
content-length
262326
last-modified
Tue, 29 Mar 2022 09:15:54 GMT
server
cloudflare
etag
"6242ce4a-400b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9k62a1AYvohjq2cuyeHroYD4rWEEHoWqt48%2Beo4fldkEqi3uIN2OG4jQLFMxv1atxQsj8vhPpx1wN3FrvBTPDORBu8V0k%2BBqpCwgrhL9eqGz18IoNDazMCp9EaoONZUbUBmjMPKJtNSTAjfNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0f4f37bb89-FRA
priority
u=3,i
IMG_2405-scaled.jpg
mandynotes.com/wp-content/uploads/2021/12/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2021/12/IMG_2405-scaled.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f071133db8861aeb7c39f952c366f56ad403a2f5e2f3f9612045450f8d5ebc7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
156903
last-modified
Sat, 29 Jan 2022 13:48:46 GMT
server
cloudflare
etag
"61f545be-264e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q34UvWHocTuM850odlhPdT8ajvyFxpN%2BuUCMR4D8U0HTP9K8OHf5EyFVlNwbSFxXKk0%2Blvx95uCv%2FvH6ejHteNW9%2Bxc2iFiZhaXO4lqVe81cmhw1LzpsOpIZFsU04Gt%2F9ZJGt91x6sLH1lG6SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0f5f3abb89-FRA
priority
u=3,i
83C0059A-5613-44A9-890B-A0D8E8CCCB45.png
mandynotes.com/wp-content/uploads/2021/12/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2021/12/83C0059A-5613-44A9-890B-A0D8E8CCCB45.png
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2515bb11e3d50808818b8ed29336e529d8b966d96dbbaf245e48aec336d7a292
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
content-length
3406690
last-modified
Sat, 04 Dec 2021 14:14:33 GMT
server
cloudflare
etag
"61ab77c9-33fb62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcQQWHU969KtMQfH1FJOppGeCFKVUnfUJDcwu27q83p17No4mIoqjryoSK%2F0MzGJSPiC2nDSYx9OmbJheiQDOlrQYhgRR%2BRxTgWJvw7tEFXeNUYqcDBGAPjKSCc07opV4xl6tQNQt5dJbrtBCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0f5f3bbb89-FRA
priority
u=3,i
1A9FCD83-52A6-4076-9234-799118FC6059.png
mandynotes.com/wp-content/uploads/2021/12/ 		8 MB
8 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2021/12/1A9FCD83-52A6-4076-9234-799118FC6059.png
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b788332fa6773a9403a25c38ac5592c9a7151735df8743799494d40ff17f7db4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7974319
last-modified
Sat, 04 Dec 2021 15:36:45 GMT
server
cloudflare
etag
"61ab8b0d-79adaf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07jJLxTh3haJxGcW5x3DZl66kWAIu1ZUsZl8lDAeuO5RqP3HGdOJnI2H4dHBxrD75Kh%2FINDyAzcfxXPJ%2FbrFy%2FWE41zjtVmuaI2VXZs7%2FoTEo654Q9MB9l8YUZz%2FUqw4W6ZZqRMdsEvNR4mlRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0f5f3cbb89-FRA
priority
u=3,i
VIXX.jpg
mandynotes.com/wp-content/uploads/2021/06/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2021/06/VIXX.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
129711
last-modified
Wed, 25 Aug 2021 06:59:23 GMT
server
cloudflare
etag
"6125ea4b-1faaf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nwWi6xSNG0vfHopOlyBCNpEQU%2FzqeR7dCgGiYU7BVE25ED%2Bimi5ZQ8qIqkQwLWyPgLw1pJsYXY7LxdzY0r8oZ4y739Zh71V6osu1Jym5xf3GyY2sLdJBH1unWZt9ZfEMDyN8s3r4lKciFAleA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0f5f3dbb89-FRA
priority
u=3,i
%E9%9F%93%E5%9C%8B%E4%BB%A3%E8%B3%BC-%E9%9F%93%E5%9C%8B%E9%81%B8%E5%93%81.png
mandynotes.com/wp-content/uploads/2020/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2020/11/%E9%9F%93%E5%9C%8B%E4%BB%A3%E8%B3%BC-%E9%9F%93%E5%9C%8B%E9%81%B8%E5%93%81.png
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2db30da1ef8f05de30d49b15ee843df8cfc62a10fb98ccef66602b1121fb0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1264729
last-modified
Sat, 29 May 2021 11:26:20 GMT
server
cloudflare
etag
"60b224dc-134c59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vQRzZIU1tEcEZOrgQt2yzKEtI3Ssaxl3kJ6UH8PhzcW8mBsibBcJX%2B0yOYTClXM66JRzAr9ZpidW1n2so6WrosCyECeFiYyF1dI4LNngu7fxvkflgAJeQ4JzU66cpc3TDbtGI%2BNqFhdEXJCSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0f5f3ebb89-FRA
priority
u=3,i
%E9%9F%93%E5%9C%8B%E4%BB%A3%E8%B3%BC-%E9%9F%93%E5%9C%8B%E9%81%B8%E5%93%81.png
mandynotes.com/wp-content/uploads/2020/10/ 		993 KB
994 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/2020/10/%E9%9F%93%E5%9C%8B%E4%BB%A3%E8%B3%BC-%E9%9F%93%E5%9C%8B%E9%81%B8%E5%93%81.png
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c88e7884dd0e31121ef925991a772cdc7cb76d61863eef23f821bd94775dd9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1016887
last-modified
Sat, 29 May 2021 11:25:55 GMT
server
cloudflare
etag
"60b224c3-f8437"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2iuummxOTBqLbseIZk2BXhGXKltNnp0PDs4sfve4ABfCDz47oOsLSD4FkAjmUr0oeBKsVI3qywC16N%2BJYs%2FuObMDOshYtMixpHNR%2FPWrba81xQzVavCIhEV1y1sXBwn%2FxA%2FWk%2BwfijcQOMhgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce0f5f40bb89-FRA
priority
u=3,i
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KNSMQ888FP&gtm=45je39k0&_p=44484469&cid=656257969.1695367432&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695367431&sct=1&seg=0&dl=https%3A%2F%2Fmandynotes.com%2F&dt=%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 07:23:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mandynotes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ip
match-hubble-man.vm5apis.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match-hubble-man.vm5apis.com/ip?webBrowserid=f15def4e-44a7-404d-adee-dfaaa4c44217
Requested by
Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.199.245.202 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
202.245.199.104.bc.googleusercontent.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 22 Sep 2023 07:23:52 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=193817632&post=0&tz=8&srv=mandynotes.com&j=1%3A12.5&host=mandynotes.com&ref=&fcp=2325&rand=0.46517911385164923
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Sep 2023 07:23:52 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:45:30 GMT
x-content-type-options
nosniff
age
257902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 07:45:30 GMT
fa-regular-400.woff
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-regular-400.woff
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885c67d77dd567a4e27d6e63bfe3834c37e2363c605cdbf585c12ac588aa8fc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.4
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-3f94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHp93MwixVfFssZHF82%2BtlyQMO9jlNPOuh4Bm5hYh2KE6Wdtmu9S924FEG2bwPJy4JBfoLmVMZaZXQqKcWmhfmXdvIgcXlo0LPVQfw6J54YjXeppcWE%2FabCsWaFU3VfvQqHn1F2iVp%2FBLSRVKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
80a8ce151d0ebb89-FRA
priority
u=0,i=?0
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 07:15:26 GMT
x-content-type-options
nosniff
age
518906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 07:15:26 GMT
fa-solid-900.woff
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 		99 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-solid-900.woff
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c95af5277e77da5473984e2519a9da7290d7422f5065547d8fa9df604150e542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.4
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-18d14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2KpDrmQofC7oUgvDBX6B%2FFe091PVs4valnxTeSzmrVm1QtVRgqEGrSAHIFQ0oomUGpf0YNCUsFeAlUgNyxCSu%2BO55fyN6gDtvFXnCXZG1XTuIFR7P%2Bm2xHDHAYeW%2BiIXCLWMi3vQkahkNMVyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
80a8ce151d11bb89-FRA
priority
u=0,i=?0
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:35:17 GMT
x-content-type-options
nosniff
age
604115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 07:35:17 GMT
fa-brands-400.woff
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-brands-400.woff
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bbff24dee1b2ffa70e60a06a202d789b3fe9248200e3f89afa239f850eb5097
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.4
Origin
https://mandynotes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 18:28:05 GMT
server
cloudflare
etag
W/"64f77335-15fcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpUAfScFjR8RGMJyUaeucBmBU4TLxdzw%2F0vFNRKbVIs9cHPNSCG0j8N9bZDDu2eVahtBoPF2IWgFKwP7M8My%2FZArai%2FE6sdFp0HpKcwVo7XJJHJr7p5CeCo2b8butHsT7kVOSOby%2FdECWpH2tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
80a8ce151d13bb89-FRA
priority
u=0,i=?0
persistentID.html
man.vm5apis.com/dist/ Frame 50A8 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://man.vm5apis.com/dist/persistentID.html
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:da00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3a9dccde007203effef205b831e4d12dbccde7ec61a0d1ae336251ab101d80a

Request headers

Referer
https://mandynotes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84448
content-encoding
gzip
content-type
text/html
date
Thu, 21 Sep 2023 07:56:43 GMT
etag
W/"76ad014071673508950b9f0395151cf8"
last-modified
Tue, 07 Feb 2023 10:42:21 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-id
TWnbM4z_690kfnhFZqIr57ut0ghK2k1McO0EvLiRK4zOqjx_1Tf1tA==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
js
www.googletagmanager.com/gtag/ 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e3abfed4159b4ecdd6779b08e9c14a8474de1cf0cc5cb7dd4979cb17d1c4fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67227
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Sep 2023 07:23:52 GMT
js
www.googletagmanager.com/gtag/ 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74e19522e0b67090b85e42b8b2f90aea2d8d8a31755959ec998cbc2db9e56926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67226
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Sep 2023 07:23:52 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 22 Sep 2023 07:33:53 GMT
cm.js
t.daexauto.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.daexauto.com/cm.js
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.239.73 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
73.239.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:01:42 GMT
content-encoding
gzip
age
1330
x-guploader-uploadid
ADPycdvXOMtTrKj-jXem9E2M6lcc4GwheJF45kceFzksCe6_3szBgJt38lJdEChof0zXbtfnYpNRqpzpfv-w0KojtYeIrg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
605
last-modified
Tue, 20 Sep 2022 03:01:56 GMT
server
UploadServer
etag
"5cc302c71332a6e8596d563d8e1d4412"
x-goog-generation
1663642916783214
x-goog-hash
crc32c=fEiJzw==, md5=XMMCxxMypuhZbVY9jh1EEg==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-transform
x-goog-stored-content-length
605
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 21 Sep 2024 07:01:42 GMT
/
cm.lndata.com/ 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4027&uid=f15def4e-44a7-404d-adee-dfaaa4c44217
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 22 Sep 2023 07:23:53 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
connect
vahfront.vm5apis.com/lite/ 		88 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vahfront.vm5apis.com/lite/connect
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.137.131 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
131.137.111.34.bc.googleusercontent.com
Software
/
Resource Hash
c887d5125c1ffec7752cfa76d7f2db16d1a6a69f57e8f330dd0445a61580d18b

Request headers

Referer
https://mandynotes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
via
1.1 google
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
https://mandynotes.com
access-control-expose-headers
Content-Length
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
88
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
142.e0c0e2296e5a94af9d7f.js
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/themes/blocksy/static/bundle/142.e0c0e2296e5a94af9d7f.js
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.9.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e0046b99ea390cf12c7a6075ed26b99bcdf483dec6d6b11b94a3cce1394b15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Sep 2023 16:13:42 GMT
server
cloudflare
etag
W/"650482b6-6d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPCjg%2BcqUR3yhx4K0FU851E4QyH8vE9kI8aTi%2B886NHFJpGjjC4qaDOj67EfY9UjAM7vFfKTmzlj50yCmH7Ya%2Fipt6tHMyjkQ%2Bm2Zf7Xme7ILZA5z87uLJtHpMjmfzSQlMgcNL%2BzAJvEkmcEHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce156d6abb89-FRA
priority
u=3,i=?0
290707657_574852714160241_4486527713873087896_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nlow.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11931
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-2e9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ns9I53ONIv0XAcsW8jql6%2BEJxYov12CZcyA1xdvYWE6UnWmZWcL7mazuX558OHpgSp1aMnEhLp%2Bg3NTE1mPxEdC7yp1hGKJOGBcK1fCQht1F7fHi0ELMGVuiVkpy%2BIan4hnzy6MeHvm%2FaQRDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce159d8fbb89-FRA
priority
u=3,i
287217568_160686366461413_7366712871875368301_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nlow.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14218
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-378a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz0u0k0x6Oi7J9UviIKMqsmf6CWHRjJHQf%2FVJdWOnFp%2F%2BZNSe456C2IPj6z%2FfF0dMenkJxirZ077BB9JEJ7%2B0%2BbnG5KgpIIrYYDt8VIO7giEElUdNbV%2BpHw%2BSQ4ntcZ71LCqjZByQngQdJULKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce159d96bb89-FRA
priority
u=3,i
283765183_2561605660637417_6847878822727222019_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/283765183_2561605660637417_6847878822727222019_nlow.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17241
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-4359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f03EmfRszchMB4zZt5UkUuXMN5eR4%2FhtSExDIkQonFwHTFge8b%2BXccGMgKDVAKgjzUmmsrWFzH8yxlrMVaYLc5TdCJIbbHyENDRybRA4fFir1Oq5jtZ%2BP9MY3G2%2FwGf9GEssWmOoe6EYvhByiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce159d99bb89-FRA
priority
u=3,i
281884683_396541252361589_8956761148631846597_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/281884683_396541252361589_8956761148631846597_nlow.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12288
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-3000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FwXHf5rDMFeZCLdb6NsvSn%2FOXGL5rDVdy4%2Ft5csdynP4fvp0XUPZvA%2F3Rc9mdH9Ohp9%2Btb9gXmmfXFzlZFKiwSSektRR3PVWDeylGJymruh5xms8kOMEpZmxvTfknyQcQTjclgdAAlDhiCPNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce159d9abb89-FRA
priority
u=3,i
280139623_283474380549111_8818302409236210254_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/280139623_283474380549111_8818302409236210254_nlow.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
26225
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-6671"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04dzNq2%2FoR04DtJF6NO3A5gdUlOxNPutFm7LhjBi3kOCjftg0HlxDYB5wZ8L46xUlgHQrMSHlX3qT8G820Dw0fYhd6GXcsWi%2F5FGxgmoAnfff1pUJvL5%2FhvEYXCfAgUsjwKriXYL0D33TEibtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce159d9bbb89-FRA
priority
u=3,i
279844487_3159380181047996_2449311943832026812_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/279844487_3159380181047996_2449311943832026812_nlow.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12826
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-321a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93sgWsU%2BWdMU5zbOvoS8Zx75JlXGs1fdXkrpkHHR%2BZYUnUIGmSoem7dUG5A%2BVjTMuyx2KmQQYAccF%2FtoW1J4IY6pB7YKuwIzynilevADGlKTfFt88AkQUzThY2vMT09L7H6R12THnGjbGP%2FNzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce159d9dbb89-FRA
priority
u=3,i
sticky.js
mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.9.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c867652959b4b45b392a8beacc737fa2e95e72b715742519306484c67944c97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT - WP Cache
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 17 Sep 2023 15:58:04 GMT
server
cloudflare
etag
W/"6507220c-3a11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omwqadG1UMkTOpZdi9lmdnCn3KuJcj09Dzy3SpccR1cDGuNn8NV9K%2BKC4VkJpaFH2XJmmX%2BCCYCZ2vumh6OgTLFZFXInAhwgS90bTJDJlGPs6P1zu8zNWYNxwEejFqeBWfh5hiZxXFKnBDmqHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80a8ce15cdc1bb89-FRA
priority
u=3,i=?0
man.js
vawpro.vm5apis.com/ Frame 50A8 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vawpro.vm5apis.com/man.js
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.199.210.210 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
210.210.199.104.bc.googleusercontent.com
Software
nginx/1.19.5 /
Resource Hash
f8b070b474f5251a92dd635f04ef14ebfff742f36d4c865c3ccb7400cf9f97d3
Security Headers
Name Value
Strict-Transport-Security max-age=15638400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://man.vm5apis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 07:23:52 GMT
Strict-Transport-Security
max-age=15638400
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
nginx/1.19.5
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-Control
private, max-age=3600
Connection
keep-alive
main.html
t.daexauto.com/ Frame 542E 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.daexauto.com/main.html?partner=vmfive&member=f15def4e-44a7-404d-adee-dfaaa4c44217
Requested by
Host: t.daexauto.com
URL: https://t.daexauto.com/cm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.239.73 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
73.239.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d62bec0ab5bd64a839531c99dc00e11790d51dda21ab62d2a1fa3b81b8175b26

Request headers

Referer
https://mandynotes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-transform
content-encoding
gzip
content-length
13194
content-type
text/html
date
Fri, 22 Sep 2023 07:23:52 GMT
etag
"eaab32de7850de7dd79c63e84f311fa1"
expires
Sat, 21 Sep 2024 07:23:52 GMT
last-modified
Tue, 20 Sep 2022 03:03:06 GMT
server
UploadServer
x-goog-generation
1663642986084651
x-goog-hash
crc32c=ixrhRQ== md5=6qsy3nhQ3n3XnGPoTzEfoQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
13194
x-guploader-uploadid
ADPycdtjtwz8A0tVINmpQ-qD_VdgFilhv-YfUKP-0H0YkgxiRp78aFdaxIlvkYy1_Bloft5_nA3a17-tpZ8zGrQ6sX4_aktbUJmh
activityi;dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A...
11009166.fls.doubleclick.net/ Frame 9903
Redirect Chain
  • https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https...
  • https://11009166.fls.doubleclick.net/activityi;dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=...
635 B
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11009166.fls.doubleclick.net/activityi;dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
add6526a33205d39ca34dd19b9a94203d6c7cd12da417361d2f0e55a374cb76f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandynotes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
352
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11009166.fls.doubleclick.net/activityi;dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A...
10559160.fls.doubleclick.net/ Frame B621
Redirect Chain
  • https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https...
  • https://10559160.fls.doubleclick.net/activityi;dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=...
635 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10559160.fls.doubleclick.net/activityi;dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
255f62171a2a0e1bf283d5ee787eef64c431b83d419a6a1ec50ee5c53c3a7cc0
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandynotes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
351
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10559160.fls.doubleclick.net/activityi;dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ip
match-hubble-man.vm5apis.com/ Frame 50A8 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match-hubble-man.vm5apis.com/ip?webBrowserid=d2ef8ebc-1c5c-4103-a97a-16c0d4be6731
Requested by
Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.199.245.202 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
202.245.199.104.bc.googleusercontent.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://man.vm5apis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 22 Sep 2023 07:23:52 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
cm.php
cm.daexauto.com/ Frame 542E 		0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.daexauto.com/cm.php?daex_id=201cb32de53d0102e4aae78fab56ae19&partner=vmfive&partner_id=f15def4e-44a7-404d-adee-dfaaa4c44217&z=113165548
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.daexauto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZeKdzTSUnYSsAoGxju7gBVKp7hyGH2WiQ%2FYPXzDJPPwrA6zJkQHf1P6LSjj0WjwAO0D%2BmQqSwogoNlKPmMp6JuUJiv8EpfDky%2FQ0fPT%2BV9T2wQwZM5UlVmTKZpLECRE5lQ4nxPxH8xzt2siHGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80a8ce17d81e5242-MXP
alt-svc
h3=":443"; ma=86400
cm.js
t.daexauto.com/ Frame 50A8 		2 KB
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.daexauto.com/cm.js
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.239.73 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
73.239.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://man.vm5apis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:01:42 GMT
content-encoding
gzip
age
1330
x-guploader-uploadid
ADPycdvXOMtTrKj-jXem9E2M6lcc4GwheJF45kceFzksCe6_3szBgJt38lJdEChof0zXbtfnYpNRqpzpfv-w0KojtYeIrg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
605
last-modified
Tue, 20 Sep 2022 03:01:56 GMT
server
UploadServer
etag
"5cc302c71332a6e8596d563d8e1d4412"
x-goog-generation
1663642916783214
x-goog-hash
crc32c=fEiJzw==, md5=XMMCxxMypuhZbVY9jh1EEg==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-transform
x-goog-stored-content-length
605
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 21 Sep 2024 07:01:42 GMT
/
cm.lndata.com/ Frame 50A8 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4027&uid=d2ef8ebc-1c5c-4103-a97a-16c0d4be6731
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://man.vm5apis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 22 Sep 2023 07:23:53 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
addr.json
iptoweather.vm5apis.com/ 		25 B
115 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptoweather.vm5apis.com/addr.json
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.229.142.89 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.142.229.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
11eb91246e150e920986b240db08e3ddfd8b28f6a8da2ad34d8e99162ec8a899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Sep 2023 07:23:53 GMT
server
nginx
content-length
25
content-type
application/json
287217568_160686366461413_7366712871875368301_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nfull.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
34078
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-851e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FTkxJBonhDZdoYmNawW9EwXxNRF3X%2FlqxcoAVlsZF7vyKPxLRx9xzMomR35ef0KbyJ6jqvtiU0WFt6eTiGj5ogIAATSxgxXX1Lk%2BnrLxU0Tvj4inpwqUyYCv%2FXniG5mK1vcXC8O0FAcPbN7AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce17afadbb89-FRA
priority
u=3,i
dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmand...
adservice.google.com/ddm/fls/i/ Frame 7262 		634 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Requested by
Host: 11009166.fls.doubleclick.net
URL: https://11009166.fls.doubleclick.net/activityi;dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
679cf6a188ff47b274b294b04db54b18a95558464841bccd76f78984ca5520fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11009166.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmand...
adservice.google.com/ddm/fls/i/ Frame B04B 		634 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Requested by
Host: 10559160.fls.doubleclick.net
URL: https://10559160.fls.doubleclick.net/activityi;dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e0e57c68c51f5c24bb4f6cbb5a1c3fae78df7531385df195e179e9a61d65e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10559160.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
352
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
main.html
t.daexauto.com/ Frame 2D4C 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.daexauto.com/main.html?partner=vmfive&member=d2ef8ebc-1c5c-4103-a97a-16c0d4be6731
Requested by
Host: t.daexauto.com
URL: https://t.daexauto.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.239.73 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
73.239.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d62bec0ab5bd64a839531c99dc00e11790d51dda21ab62d2a1fa3b81b8175b26

Request headers

Referer
https://man.vm5apis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-transform
content-encoding
gzip
content-length
13194
content-type
text/html
date
Fri, 22 Sep 2023 07:23:52 GMT
etag
"eaab32de7850de7dd79c63e84f311fa1"
expires
Sat, 21 Sep 2024 07:23:52 GMT
last-modified
Tue, 20 Sep 2022 03:03:06 GMT
server
UploadServer
x-goog-generation
1663642986084651
x-goog-hash
crc32c=ixrhRQ== md5=6qsy3nhQ3n3XnGPoTzEfoQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
13194
x-guploader-uploadid
ADPycdsZYIxEPDnkhtFDJsR7wvagvLcMeAu7KlMLliqX67433fvqpZ0UNiFq0hgEsfw9FD2mKejnlGh_qg8rnjuhCq--QWl2cSQc
dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmand...
adservice.google.de/ddm/fls/i/ Frame 6F85 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPWu4ezXvYEDFf3XOwId2RwHGA;src=11009166;type=invmedia;cat=websd0;ord=9460050389991;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:53 GMT
expires
Fri, 22 Sep 2023 07:23:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmand...
adservice.google.de/ddm/fls/i/ Frame 8E35 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIrh4ezXvYEDFdHXOwIdNS0M2A;src=10559160;type=invmedia;cat=websd0;ord=6067182603773;auiddc=1886454548.1695367433;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;gtm=45fe39k0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 07:23:53 GMT
expires
Fri, 22 Sep 2023 07:23:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cm.php
cm.daexauto.com/ Frame 2D4C 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.daexauto.com/cm.php?daex_id=3ced02bbfa54884d803382ed9c503c87&partner=vmfive&partner_id=d2ef8ebc-1c5c-4103-a97a-16c0d4be6731&z=85826751
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.daexauto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtuU6YDl0Fp1DWFhwZ4IV8m%2B74xBCJYgbNGxNRzfoxj3hG4q3dtNRdDTsOov%2BTze4MjwDG35zeANcaRQ%2FX%2F9NsJ%2FFme59noTFhGt6zx8k5TXFZafkZFLnY3jHsJ%2Fk4%2FyGlFZeAYzXPZbVEcMd%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80a8ce18d90b5242-MXP
alt-svc
h3=":443"; ma=86400
pixel
pt0.vm5apis.com/api/v2/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pt0.vm5apis.com/api/v2/pixel?event=id_sync&provider=-&webBrowserId=d2ef8ebc-1c5c-4103-a97a-16c0d4be6731&eventDetails=%7B%22browser_id%22%3A%22d2ef8ebc-1c5c-4103-a97a-16c0d4be6731%22%2C%22browser_id_shared%22%3A%22d2ef8ebc-1c5c-4103-a97a-16c0d4be6731%22%2C%22browser_id_timestamp_shared%22%3A1695367432870%2C%22browser_id_cookie_shared%22%3A%22d2ef8ebc-1c5c-4103-a97a-16c0d4be6731%22%2C%22browser_id_cookie_timestamp_shared%22%3A1695367432870%2C%22browser_id_local%22%3A%22d2ef8ebc-1c5c-4103-a97a-16c0d4be6731%22%2C%22browser_id_timestamp_local%22%3A%221695367432870%22%2C%22browser_id_cookie_local%22%3A%22d2ef8ebc-1c5c-4103-a97a-16c0d4be6731%22%2C%22browser_id_cookie_timestamp_local%22%3A%221695367432870%22%2C%22referrer%22%3A%22%22%2C%22request_source%22%3A%22https%3A%2F%2Fmandynotes.com%2F%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.92%20Safari%2F537.36%22%2C%22platform%22%3A%22Win32%22%2C%22language%22%3A%22en-US%22%2C%22ip%22%3A%22138.199.38.132%22%7D
Requested by
Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.194.212.25 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.212.194.35.bc.googleusercontent.com
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15638400
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 07:23:54 GMT
Strict-Transport-Security
max-age=15638400
X-Content-Type-Options
nosniff
Server
nginx/1.19.5
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://mandynotes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
290707657_574852714160241_4486527713873087896_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nfull.jpg
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
39788
last-modified
Mon, 11 Jul 2022 13:45:14 GMT
server
cloudflare
etag
"62cc296a-9b6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZP4n8ei2mzS9oyDc2jd%2FpeToysQvMb2MW2i7PkWyhvtnw%2B39YxMmeKJBUxvLXaVGd4JdiBd4suvyX8l3krtfd7T6pb8f%2Fh38jjTjR4FkL4csshRzItDSx1UUzOeqg%2Fs1bSBsMIjmBz27vE%2BSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a8ce1c2c67bb89-FRA
priority
u=3,i
/
t.ssp.hinet.net/ 		37 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
29f9373135143bc6f868aee3d1c83bb4f64ab7ac7fddcbe5bcfcde032f2b15cc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mandynotes.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ 		30 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=ccea9a06-9a0b-48fd-9af8-a6e8f7558053
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:54 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://mandynotes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cm
t.ssp.hinet.net/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=8f86e5&cid=f15def4e-44a7-404d-adee-dfaaa4c44217&mp=ccea9a06-9a0b-48fd-9af8-a6e8f7558053
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:54 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://mandynotes.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
ccea9a06-9a0b-48fd-9af8-a6e8f7558053.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccea9a06-9a0b-48fd-9af8-a6e8f7558053.t.ssp.hinet.net/pixel?bd=ccea9a06-9a0b-48fd-9af8-a6e8f7558053&t=8f86e5&referrer=https%3A%2F%2Fmandynotes.com%2F
Requested by
Host: mandynotes.com
URL: https://mandynotes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mandynotes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:23:55 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
rum
mandynotes.com/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mandynotes.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mandynotes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
content-type
application/json

Response headers

date
Fri, 22 Sep 2023 07:23:55 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mandynotes.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
80a8ce262e8cbb89-FRA

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture undefined| $ function| jQuery function| gtag object| dataLayer string| sbiajaxurl object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| VM5AD_BROWSER_ID object| VM5AD_BLACK_LIST object| VM5AD_WHITE_LIST function| onVM5AdLiteReady object| VM5AdLite object| ct_localizations object| blocksyJsonP object| ctEvents object| ctFrontend object| _stq object| mystickyelement_obj object| mystickyelements object| sb_instagram_js_options boolean| sbi_js_exists function| sbi_init function| st_go function| linktracker_init object| wpcom object| intlTelInputGlobals function| intlTelInput function| launch_mystickyelements function| close_mystickyelements function| hide_mystickyelements function| show_mystickyelements function| checkMSECookieExpired function| checkForMSECookieString function| MSEGetCookie function| saveMSECookieString function| MSESetCookie object| __cfBeacon object| blocksyResponsiveMenuCache object| sbi number| sbiWindowWidth number| sbi_photo_width_manual object| daexCookieMapping function| daexcm object| iframe object| hitag object| __hitagCmdQueue

13 Cookies

Domain/Path Name / Value
man.vm5apis.com/dist Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP
Value: 1695367432870
man.vm5apis.com/dist Name: VM5AD_BROWSER_ID_COOKIE
Value: d2ef8ebc-1c5c-4103-a97a-16c0d4be6731
.mandynotes.com/ Name: _ga_KNSMQ888FP
Value: GS1.1.1695367431.1.0.1695367431.0.0.0
.mandynotes.com/ Name: _ga
Value: GA1.1.656257969.1695367432
.mandynotes.com/ Name: _gcl_au
Value: 1.1.1886454548.1695367433
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
mandynotes.com/ Name: VM5AD_BROWSER_ID_COOKIE
Value: d2ef8ebc-1c5c-4103-a97a-16c0d4be6731
mandynotes.com/ Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP
Value: 1695367432870
.lndata.com/ Name: admckid
Value: 2309221523531493864
.hinet.net/ Name: uuid
Value: ccea9a06-9a0b-48fd-9af8-a6e8f7558053
.mandynotes.com/ Name: __htid
Value: ccea9a06-9a0b-48fd-9af8-a6e8f7558053
.mandynotes.com/ Name: _ht_em
Value: 1
.mandynotes.com/ Name: _ht_8f86e5
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://vahfront.vm5apis.com/lite/connect
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10559160.fls.doubleclick.net
11009166.fls.doubleclick.net
adservice.google.com
adservice.google.de
ccea9a06-9a0b-48fd-9af8-a6e8f7558053.t.ssp.hinet.net
cm.daexauto.com
cm.lndata.com
demo4.iseeu.tw
fonts.googleapis.com
fonts.gstatic.com
iptoweather.vm5apis.com
man.vm5apis.com
mandynotes.com
match-hubble-man.vm5apis.com
pixel.wp.com
pt0.vm5apis.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.wp.com
t.daexauto.com
t.ssp.hinet.net
vahfront.vm5apis.com
vawpro.vm5apis.com
www.googletagmanager.com
104.199.210.210
104.199.245.202
116.50.36.71
142.250.186.134
192.0.76.3
2001:4860:4802:32::36
203.75.214.136
2600:9000:206f:da00:15:a9a7:4a80:93a1
2606:4700:3034::6815:2aa
2606:4700::6810:3865
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:829::2002
2a00:1450:4001:831::2003
2a06:98c1:3121::3
34.102.239.73
34.111.137.131
35.194.212.25
35.229.142.89
046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0806ff4935144c0e146860185404e24577e79c60a063bc5b33b493fb14c2d941
09f8bc8291f64f495aa2c1b1a95c2fcf541a72e077dc90807270ff104e2800c6
0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1
11eb91246e150e920986b240db08e3ddfd8b28f6a8da2ad34d8e99162ec8a899
12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d
23b19952cc92c7a36efbd1e2535b2629d538f0860e1a92680e47969d664e65f7
2515bb11e3d50808818b8ed29336e529d8b966d96dbbaf245e48aec336d7a292
255f62171a2a0e1bf283d5ee787eef64c431b83d419a6a1ec50ee5c53c3a7cc0
29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754
29f9373135143bc6f868aee3d1c83bb4f64ab7ac7fddcbe5bcfcde032f2b15cc
2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194
2a7bcbb5506f763ad54a0432554627831d592ad24f13539d49688c5a757b2b21
2cf14dd765f4e984deed8d571b1615ecfc6fc8d287758ba1423a25f3c10c218c
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fd3a5fa32c9d8aa4a7a29a3d375ba06735f0582534873c5043f480ab53637b5
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee
3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f
3f071133db8861aeb7c39f952c366f56ad403a2f5e2f3f9612045450f8d5ebc7
3f4573bd6563cf503873202f746771fd4e9ec2509503f126ab1ce284b4e1cf9f
449baaf9ea45ae040d3a16e74d2a7ecf2579ef0307a6f8ccd591f1f524496c26
466669ce0a393852b5a765c513d0b5502f0ea35a9f56847718af5aa86dcfd018
4a1a2fb9721aa8536db57de85c3152d2b1ba3640c1c8c9ec05719c37400ce1b8
4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58360fbdd01ee1f74ee8e77805c26719b26dc16204ac1b6f00d89ccd66d8214f
5987e753df7b968f9ab112f4fc365cc265e2b59090a78ef208067db54a6c6f66
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ccc71082ff9aa5c044b2a4e0def113f2dfc603b15d1a9caa765e9cf6c586224
5e568dc1579169ae8f0b159abd5d348f6dc7f345eb84c45868930464bc08825e
5fe369be9e803addba9e1c8cd527db2dbec3303f9cbcdc0b9dfae5e53b229c61
62b0795bc99f07d92b6d51d64ec2f3e72a8fb783de07bb432518da9597478580
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
679cf6a188ff47b274b294b04db54b18a95558464841bccd76f78984ca5520fb
6e0e57c68c51f5c24bb4f6cbb5a1c3fae78df7531385df195e179e9a61d65e1b
6e3abfed4159b4ecdd6779b08e9c14a8474de1cf0cc5cb7dd4979cb17d1c4fb3
7185435bfc89307d186511dea98f15543f1a3269ef3dbd57353afaf61228132f
74452d16233bbe951724b6e2e791850d236db237efa32742708a2b53b0bb2dc7
74e19522e0b67090b85e42b8b2f90aea2d8d8a31755959ec998cbc2db9e56926
7bbff24dee1b2ffa70e60a06a202d789b3fe9248200e3f89afa239f850eb5097
7c6f5c580db020f4ca2a2058c8d1ed5c1e38ec11ab43f57cbeed6e88b08ee4cb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d
8057d8ef047c6a1bf9cc0230f7657dead23fb56ea2e934c030e228ab379b39d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb
885c67d77dd567a4e27d6e63bfe3834c37e2363c605cdbf585c12ac588aa8fc1
896adb75b41f312934d2c084c31df6af7a461567ab9b45cc76f5124d24cc3752
8c88e7884dd0e31121ef925991a772cdc7cb76d61863eef23f821bd94775dd9e
8f2db30da1ef8f05de30d49b15ee843df8cfc62a10fb98ccef66602b1121fb0e
903e9ce7f8aeac0f07036d6324176111886c5efe6a3b1ace4c6a2228aab36118
95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d
9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73
98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb
988b57582cd352f2c71b5fcfa8649a1b06384aa5b0f37d6b0627c6b29d39b9b3
9c867652959b4b45b392a8beacc737fa2e95e72b715742519306484c67944c97
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d34b810c3f6cbf7f98005d4624988efc4accace19779d24ed580b0f1be4f955
9eb840ebb3ee743c57f8f98206856bc331478e9698d3314b9d7ff5e448d2110a
a94797fbbdf249e0b86cfce84f76e05f18a3be22864c7157bf4f47281d7b5d26
add6526a33205d39ca34dd19b9a94203d6c7cd12da417361d2f0e55a374cb76f
b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23
b57b7b16306305c0ffc2968853da6025fe04d4a3be1b7d5bfa4593e04c375e09
b788332fa6773a9403a25c38ac5592c9a7151735df8743799494d40ff17f7db4
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2
b89ffd81c7420d6c0fb81ddbe609f8ded303ac53c200bf00508f5434ae48cf1f
bc75e5b34d94fef79e1ebb5bdae05cb944a17193382827fe666a724bd9eec69a
bf4f096f9d656631111cdf91411fc73f3e68f3ddb8b8b3ea12a149554ac93cf2
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c3a9dccde007203effef205b831e4d12dbccde7ec61a0d1ae336251ab101d80a
c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02
c887d5125c1ffec7752cfa76d7f2db16d1a6a69f57e8f330dd0445a61580d18b
c95af5277e77da5473984e2519a9da7290d7422f5065547d8fa9df604150e542
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d261b03fea6392d5cf6220a7a9925497d1c3bd760990e24668542fc8bfa4c256
d5d02048d625e6fdaba8063decd1e9edcd57829147090ce1d64358e54d34f4bc
d62bec0ab5bd64a839531c99dc00e11790d51dda21ab62d2a1fa3b81b8175b26
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
d79a6b0e86550cc7ebcb8f7da27e33335c85e61ad6531d2fc1d8f31c02cb36df
d9c105768761cb669a357d067af75d15e023cefbfc34f4fd40f86ef091dcbe50
df20959483c98fd02a13f00d2c35ff898bbddaae844be9eb8235ea803eb51c55
e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca
e613ed4308f865da260455901af0b7b2e0cc0bfe2c8dfa7aa4cc0aa3dcb974b8
ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07
ef50c6727cb0074307974e8ea6f3b2a7036b7f9dac38edb763ca5b412ee06c2b
ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65
f1c4916fc37af5dec08ebd1bc5138a4317fadd5b854bfc4137983b7ecfd38cf5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b52de1f8d15357fff402e65d6ba725dc5212e3a93e2b991f8876ed18fd045d
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f6e0046b99ea390cf12c7a6075ed26b99bcdf483dec6d6b11b94a3cce1394b15
f8b070b474f5251a92dd635f04ef14ebfff742f36d4c865c3ccb7400cf9f97d3
fa1889023832f901d621944661afab0300b702d5c66a60402bcd4062951cd9ae
fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d