mandynotes.com Open in urlscan Pro
172.67.129.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mandynotes.com/
Submission Tags: phishingrod
Submission: On May 16 via api (May 16th 2024, 2:45:43 am UTC) from DE — Scanned from DE

Summary HTTP 98 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 98 HTTP transactions. The main IP is 172.67.129.122, located in United States and belongs to CLOUDFLARENET, US. The main domain is mandynotes.com.
TLS certificate: Issued by E1 on May 15th 2024. Valid for: 3 months.

This is the only time mandynotes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	172.67.129.122 172.67.129.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	104.199.210.210 104.199.210.210	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:c00:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.199.245.202 104.199.245.202	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:7000:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	34.102.239.73 34.102.239.73	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
1	34.111.137.131 34.111.137.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	35.229.142.89 35.229.142.89	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.194.212.25 35.194.212.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
98	19

50 172.67.129.122 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mandynotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.210.210 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 210.210.199.104.bc.googleusercontent.com

vawpro.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c00:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.245.202 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 202.245.199.104.bc.googleusercontent.com

match-hubble-man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7000:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
49758e3e-e40c-4b95-93ac-ee8a8ebab1fe.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.239.73 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 73.239.102.34.bc.googleusercontent.com

t.daexauto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.137.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.137.111.34.bc.googleusercontent.com

vahfront.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

11009166.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10559160.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.229.142.89 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.142.229.35.bc.googleusercontent.com

iptoweather.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.212.25 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.212.194.35.bc.googleusercontent.com

pt0.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	mandynotes.com 1 redirects mandynotes.com	4 MB
22	gstatic.com fonts.gstatic.com	2 MB
7	vm5apis.com vawpro.vm5apis.com — Cisco Umbrella Rank: 439209 man.vm5apis.com — Cisco Umbrella Rank: 433291 match-hubble-man.vm5apis.com — Cisco Umbrella Rank: 445862 vahfront.vm5apis.com — Cisco Umbrella Rank: 497990 iptoweather.vm5apis.com — Cisco Umbrella Rank: 440964 pt0.vm5apis.com — Cisco Umbrella Rank: 438957	19 KB
5	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 68530 49758e3e-e40c-4b95-93ac-ee8a8ebab1fe.t.ssp.hinet.net	4 KB
4	doubleclick.net 2 redirects 11009166.fls.doubleclick.net — Cisco Umbrella Rank: 444056 10559160.fls.doubleclick.net — Cisco Umbrella Rank: 444055	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	250 KB
2	daexauto.com t.daexauto.com — Cisco Umbrella Rank: 287717	1 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2906 pixel.wp.com — Cisco Umbrella Rank: 2883	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	67 KB
1	lndata.com cm.lndata.com — Cisco Umbrella Rank: 154942	470 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	254 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
0	iseeu.tw Failed demo4.iseeu.tw Failed
98	13

	Domain	Requested by
50	mandynotes.com	1 redirects mandynotes.com static.cloudflareinsights.com
22	fonts.gstatic.com	fonts.googleapis.com
4	t.ssp.hinet.net	man.vm5apis.com t.ssp.hinet.net
3	www.googletagmanager.com	mandynotes.com www.googletagmanager.com
2	10559160.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	11009166.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	t.daexauto.com	man.vm5apis.com t.daexauto.com
2	man.vm5apis.com	mandynotes.com man.vm5apis.com
2	fonts.googleapis.com	mandynotes.com
1	pt0.vm5apis.com	man.vm5apis.com
1	49758e3e-e40c-4b95-93ac-ee8a8ebab1fe.t.ssp.hinet.net	mandynotes.com
1	iptoweather.vm5apis.com	man.vm5apis.com
1	vahfront.vm5apis.com	man.vm5apis.com
1	cm.lndata.com	mandynotes.com
1	pixel.wp.com	mandynotes.com
1	region1.google-analytics.com	www.googletagmanager.com
1	match-hubble-man.vm5apis.com	vawpro.vm5apis.com
1	static.cloudflareinsights.com	mandynotes.com
1	stats.wp.com	mandynotes.com
1	vawpro.vm5apis.com	mandynotes.com
0	demo4.iseeu.tw Failed	mandynotes.com
98	21

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
iseeu.tw
www.facebook.com

Subject Issuer	Validity	Valid
mandynotes.com E1	`2024-05-15` - `2024-08-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.vm5apis.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-30` - `2024-11-29`	a year	crt.sh
man.vm5apis.com Amazon RSA 2048 M03	`2023-12-31` - `2025-01-27`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.t.ssp.hinet.net	`2024-03-11` - `2025-03-11`	a year	crt.sh
t.daexauto.com GTS CA 1D4	`2024-03-28` - `2024-06-26`	3 months	crt.sh
*.lndata.com GeoTrust G5 TLS RSA4096 SHA384 2022 CA1	`2023-12-04` - `2024-12-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://mandynotes.com/
Frame ID: 2AF28803F6492AB68659F3714DCF5892
Requests: 94 HTTP requests in this frame

Frame: https://man.vm5apis.com/dist/persistentID.html
Frame ID: 796735A4531480E0D8D278E143A8D108
Requests: 1 HTTP requests in this frame

Frame: https://11009166.fls.doubleclick.net/activityi;dc_pre=CNeOp9aTkYYDFUskBgAdbL4EUQ;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 3B12C03FB6543F1EA1E519B5973F57BF
Requests: 1 HTTP requests in this frame

Frame: https://10559160.fls.doubleclick.net/activityi;dc_pre=CMiCqNaTkYYDFVFuQQIdoUcG9g;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 1FEE120D00F0AE9E484CDAE7010ADB05
Requests: 1 HTTP requests in this frame

Frame: https://t.daexauto.com/main.html?partner=vmfive&member=ceced954-84ff-4e9a-bcd5-cb273539f24e
Frame ID: 9694065997D704A9379DB748EEC602C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

曼娣慢慢遊

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

98
Requests

98 %
HTTPS

39 %
IPv6

13
Domains

21
Subdomains

19
IPs

3
Countries

5539 kB
Transfer

7037 kB
Size

15
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/p/CfZVee7vot2/
Title: #소소한일상_맨디 願你往後的人生如

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CeqPpQVvneQ/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cd7RwolvsyN/
Title: 不能只有我看到😍 原本想說疫情趨緩

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cdycctdvx0g/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tv/CdSdaVQjFsm/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CdMAj_uPx1_/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mandy.twkr/
Title: 在 Instagram 上追蹤

Search URL Search Domain Scan URL

URL: https://iseeu.tw/
Title: 金城事務所

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mandy.twkr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg HTTP 301
https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/

Request Chain 84

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
https://11009166.fls.doubleclick.net/activityi;dc_pre=CNeOp9aTkYYDFUskBgAdbL4EUQ;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F

Request Chain 85

https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
https://10559160.fls.doubleclick.net/activityi;dc_pre=CMiCqNaTkYYDFVFuQQIdoUcG9g;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F

Request Chain 96

https://mandynotes.com/favicon.ico HTTP 302
https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mandynotes.com/ 113 KB
30 KB 1200ms
1143ms Document
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5841fa85272c6427ad5562eaf266f25a545b87de2d6a21c9ad3fa2b1751fcb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8848082bfad1bbb3-FRA
content-encoding: br
content-type: text/html
date: Thu, 16 May 2024 02:45:30 GMT
last-modified: Sat, 11 May 2024 12:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeGsbnVX%2F5oRO%2FgRttX%2FEFW3qm3%2F0G8JhI2eZeZaQ1oU4HnD9melx4XKTMJHo4Sra25PjvoLBv5vcmSNO%2FpOEdaXuL5yEx%2BI8OiqbHxpqyoJX%2FxgS0mrsYsIUBTzR%2BBNmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
x-content-type-options: nosniff

GET
H3 200 global.css
mandynotes.com/wp-content/uploads/blocksy/css/ 16 KB
3 KB 2065ms
2064ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/uploads/blocksy/css/global.css?ver=30638

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e66987e84ebc8ad696bb03c441676460c75747f6de9087f6a6f5b91aa40f552

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 May 2024 12:30:38 GMT
server: cloudflare
etag: W/"663f64ee-4154"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzJTXmZ5nHeB%2FzS%2FpNBFU1t6bGdNUblDk5mQ8FHYqFqtB0swnXMeVBe6Du4WCcJup7FChsFSPQuBvtQV%2FQw0AFlIViM4Z004Zz27hBV1DY0G8xYWjJEby6xaAaW96Glrig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f25bbb3-FRA
priority: u=0,i=?0

GET
H3 200 sbi-styles.min.css
mandynotes.com/wp-content/plugins/instagram-feed/css/ 45 KB
10 KB 2393ms
2392ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.3.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 27 Apr 2024 03:14:25 GMT
server: cloudflare
etag: W/"662c6d91-b5db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVgd6aI8Ru%2BV4lI%2B7zhkCUPpqCifVq6t1bhqz1101YAyi62dw7miQQ4jIJKvxA8frI0sydmuwNq7aS6X8Wl%2Fx133rbg423zLtc4JnV7C77aNx45zHQ0Gam5l%2BZYyzk291g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f28bbb3-FRA
priority: u=0,i=?0

GET
H3 200 style.min.css
mandynotes.com/wp-includes/css/dist/block-library/ 111 KB
17 KB 767ms
765ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 01:18:22 GMT
server: cloudflare
etag: W/"660dffde-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzqoa9HfNZFOP%2BE0tanau5JQkw1L9BvzokbV7V2lxpMdX7Y8mJJtsQX0L8C4V9bHPRt5num1G9%2BXP7ZtgjJ%2B5wHBwKrUfdrvaPa04WrmFUzVK3Oo7s41pH3ujUCwtovTpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f29bbb3-FRA
priority: u=0,i=?0

GET
H3 200 mediaelementplayer-legacy.min.css
mandynotes.com/wp-includes/js/mediaelement/ 11 KB
3 KB 1241ms
1239ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: cloudflare
etag: W/"5f735862-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8wt06NVDIONO3pfcvkjRuPTPIQyIDj06pwWUdMFGi3MW%2FW2G%2BUJUYQ%2BariCVoZu7NNSeoOqA50xrjYJuQlODHgsVRBhizPI6hvE%2BzA9yy9bmKaC5sOvjrVgx%2FUXuNtxGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f2bbbb3-FRA
priority: u=0,i=?0

GET
H3 200 wp-mediaelement.min.css
mandynotes.com/wp-includes/js/mediaelement/ 4 KB
2 KB 2419ms
2416ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.3

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: cloudflare
etag: W/"5cfaccce-105a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zksxwi9pSw9V4N2txHUeuHWc1kjA2q7bnG1VO285ov9CgGy3ufpTfXJ%2BbHvP2%2B4fqOtNAeRxkeyyAZpbwzFK%2FQDZbtDcwwPuWUqs85vLXzpHxAB8yGinBJ1tp83BnSUzXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f2cbbb3-FRA
priority: u=0,i=?0

GET
H3 200 style.build.css
mandynotes.com/wp-content/plugins/block-options/build/ 19 KB
4 KB 1237ms
1235ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/block-options/build/style.build.css?ver=new

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 04:58:11 GMT
server: cloudflare
etag: W/"65fbbe63-4d66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOqQ5%2B1h55Aesylhkyup%2BDWqPRyRHGEC80B0C4dtrniAlWGhQuSIz15s7AbBGnB4hCbDNIypTmPD7cThIywHkq1%2F%2B98HuFK7X7xXv6bLDZpMIYDQBCV5yVaNA5Li95YcZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f2ebbb3-FRA
priority: u=0,i=?0

GET
H3 200 screen.min.css
mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/ 6 KB
2 KB 2393ms
2391ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.65

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37ba86536f9a12d450390901292af30f4393d4fe3e06b907d351ef876264301

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Apr 2024 03:56:29 GMT
server: cloudflare
etag: W/"66175f6d-165f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsZTPo%2FybneSQuGFNNtrNxJxbmtPrHDtDxfl45mjFT7LFhw1tH%2FXeEuM8Eh5yztKvAvgR%2FJCmc9%2FtmzEolrStVT740ojMQSJMlGaAXeCzWUH3p%2BfwN%2FSFXUQKGFElVd8mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f30bbb3-FRA
priority: u=0,i=?0

GET
H3 200 main.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 99 KB
20 KB 1277ms
1275ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.47

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae558fa45df7e4f206ebb842624d393a69aa0d5aba7aa04000592c2c83732f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 May 2024 12:30:29 GMT
server: cloudflare
etag: W/"663f64e5-18de3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPwm6iKh70HtbZ2zsbaWpnNQoOtqp4dungZCDUWoqDoK0VJG7Nr6bGeztYTVchZRRY7JfQq%2BxtphjCePCbF82rj1BIaoNfjwejuRfxrTJqIAqqRmDJA9Ur%2F6n%2Fm%2F49aAxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f31bbb3-FRA
priority: u=0,i=?0

GET
H3 200 admin-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 4 KB
2 KB 1609ms
1607ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/admin-frontend.min.css?ver=2.0.47

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ea07d95b1aa9838c74582199385ff06912479f98fe96952c1c3d56fafec0e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 May 2024 12:30:29 GMT
server: cloudflare
etag: W/"663f64e5-f17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6aaJOvBraoYKYYNduY3MsFQcIxVJm3mytZThAAnA2MsXW7TCzBJDa7t5A9C03AWAWoNU%2BQ6yRibaN%2FwKuPqjmcuYwjcnS3NGiLukAH7PDjMieVLs%2FG2oUCneSs907kjyiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f32bbb3-FRA
priority: u=0,i=?0

GET
H3 200 elementor-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 1 KB
928 B 1235ms
1233ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=2.0.47

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4a584febc734009548e91f8b2893134067670373bf5b3254922d48c58388f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 May 2024 12:30:29 GMT
server: cloudflare
etag: W/"663f64e5-5ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=olcPwkXx7fVQ2VUfiq1KLF2A53KO8PDUmFX7vPAXETMCQSlobJQJ1TsGXwPuxu6VfpBKTdv6gr%2B%2FSXUPpuMBz3XPIKEvCFNIQdx5WVlGiMIPmsQr9G84tccC77o3LsJjgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f33bbb3-FRA
priority: u=0,i=?0

GET
H3 200 sidebar.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 3 KB
1 KB 2391ms
2389ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/sidebar.min.css?ver=2.0.47

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d11699672028c7d917de56adadb077c11e3bb4e14580a242870c4ed31c2e50d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 May 2024 12:30:29 GMT
server: cloudflare
etag: W/"663f64e5-cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3W83oQUGpudrV57qPre7XayI0UkEW3QvaMSn9JncC1h%2FXQ7FtcMTJdZJhhNUGIkrl%2BwocndTuonfOt1Ihe7s4HqrVabh5KxGlZtlj%2FFd3fMRsULMjbf4dDaZHQKuUOFQcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f34bbb3-FRA
priority: u=0,i=?0

GET
H3 200 style.css
mandynotes.com/wp-content/themes/blocksy-child/ 1 KB
1 KB 1238ms
1236ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy-child/style.css?ver=6.5.3

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 13:03:54 GMT
server: cloudflare
etag: W/"6239c93a-59e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8wBTg%2FBe5dTIE97mVTE6lpITMluVtkkfgAieELLqrWoqyZv3%2BUnCjPqskCRl1buAGX6tYoji3Ltbvz24wGLPFsSNB5UR2a7Qw%2B1KMhobvYH0cp6%2F5O2%2BaNtK0Uz7mlgag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f35bbb3-FRA
priority: u=0,i=?0

GET
H2 200 css2
fonts.googleapis.com/ 237 KB
66 KB 145ms
53ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e114cba3ed55edf0a89420d34245dd057b50080a6be49b3bae86f7399b5eb96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 02:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 02:45:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 02:45:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
855 B 140ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 02:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 01:58:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 02:45:30 GMT

GET
H3 200 font-awesome.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 53 KB
13 KB 386ms
385ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d474b00ed0fe9653738bd11c834b13efa13c59a76ad4be016e8b3f5a68173d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-d43c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXPl7KEbi%2F%2F5CSCHaUBiVZKQh8Xn1tPE8o2i69xauBp4BCgM%2BbH4KGqilarw4981ANagvCg61XgPgV1EXcdJGsAF5tGr8KgheiOCaUrQXc35L%2Bg2a9%2BEzyqi3XCEexfIDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f36bbb3-FRA
priority: u=0,i=?0

GET
H3 200 mystickyelements-front.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 197 KB
17 KB 1268ms
1267ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/mystickyelements-front.min.css?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3253052f515950819228de250155ebb75741ac7aa6e9d14792415b01279fb87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-312ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7oITVxH41hb%2BkPwdx4eOpHHuPUHc5aeLg2FfUx7HibfcGW2XP1sWYcxDWXDxDNNPBURKalePy04cWu%2FgsMWTnFeF9aN5o5w684a07AAQkfRd6YVBQ3gY86mui1tqZ%2BHBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f37bbb3-FRA
priority: u=0,i=?0

GET
H3 200 intlTelInput.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/ 26 KB
4 KB 1246ms
1244ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/intlTelInput.css?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-6659"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYJXH3c9%2BAwYlxArVc6sILtjoHW%2F%2FDPSlSuql%2F4ieyAeGu%2B9ClOONn%2BtB0JO4DjhAh2a9spCgJnX7guWM1TUpJ1xBbSfFy7%2FiY5erkmVD5MvYDFeT%2BSQe9avWyIbJIRXow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 884808332f38bbb3-FRA
priority: u=0,i=?0

GET
H3 200 jquery.min.js Show response
mandynotes.com/wp-includes/js/jquery/ 86 KB
31 KB 1300ms
1298ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 14:19:26 GMT
server: cloudflare
etag: W/"654cea6e-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTL1QrfDfOoHSbfkHK7DwgAHhymbyc2B3FyK34tGg6c29GXXXMeJVXeEYL4NPAlqPJZ7NxMehcOXfcuj6lltrDT91HgGCn%2BTE32zmFgF%2FHQgbbcrlY8mtNNMwIg%2F%2BjKvPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 884808332f3abbb3-FRA
priority: u=1,i=?0

GET
H3 200 jquery-migrate.min.js Show response
mandynotes.com/wp-includes/js/jquery/ 13 KB
5 KB 1238ms
1237ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 11 Aug 2023 09:16:57 GMT
server: cloudflare
etag: W/"64d5fc89-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZZrN8Jb4XguLw7qyAOAkSCYqGEbCYWHOO3kxb4Y9IVfNKY%2F%2B7uDgoR%2FiQFvhzdt9cypTQ673HAdEcQN568lbBe402CwWUTbU39Q3TBlz6cW0sGjpV57htIgJXk20XVtPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 884808332f3cbbb3-FRA
priority: u=1,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
100 KB 147ms
57ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a5d21e0cb2ecaf9ca8041116c38b0f0dd0d2fe2e21d23880accd41c3fa0b8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102287
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 May 2024 02:45:33 GMT

GET

/
demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/
Redirect Chain

https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg
https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/

0
0

GET
H3 200 placeholder.png
mandynotes.com/wp-content/plugins/instagram-feed/img/ 176 B
689 B 1234ms
1234ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/img/placeholder.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 176
last-modified: Sat, 27 Apr 2024 03:14:25 GMT
server: cloudflare
etag: "662c6d91-b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXFa5gP5EbMS6HUTG6LabHtHM7I8nynaFvbTnM5eMv96C9oy8x3n9p1dcUI0WneUoqrcTnl69fs6uZ%2BGbanH1a%2F4uZrJsw8BoUD32MG9roS0f%2FQLdkVzzlWOCGxUz4sOFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808336f65bbb3-FRA
priority: u=2,i

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ 2 KB
2 KB 844ms
278ms Script
application/javascript 104.199.210.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

78715aefd3a4f658af4daf91d9193894c3115bf4c76d25cb1e499600ea84b446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 16 May 2024 02:45:32 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.19.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=3600
Connection: keep-alive

GET
H2 200 VPT_mandynotes.js Show response
man.vm5apis.com/dist/iseeu/ 53 KB
16 KB 1479ms
1128ms Script
application/javascript 2600:9000:206f:c00:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 275eff8894dcaa23fab335ce6ace71a79d918e689c4d5013c605bb0643fc4435

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:35 GMT
content-encoding: br
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Fri, 22 Sep 2023 07:27:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: W/"5cbf4f5c4c7cb8dcf0ce5cc1504f6a4a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: AbruARY-HBOr4hOEPNM_tqadhwuXv5aBEqOAjEXEWZnDcuDz_Kfc_w==

GET
H3 200 main.js Show response
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 30 KB
9 KB 2644ms
2643ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.47

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e24c49aaaa105a1db1cba309d2efe30a6074b73a3e3d1c11e93d59c61576f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 8778
last-modified: Sat, 11 May 2024 12:30:29 GMT
server: cloudflare
etag: "663f64e5-224a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24yzyus7hGI%2BfjnP46SxZEX8zxOGQL2czj%2FEhYD%2F%2B4BRj%2FfhTpNbicHkPrzhxIqlShShexy9zzymc63RXqeP66tHgJ5Orutp7L1aPkuXFMX5RT137vzUIm9q3aivkjMWow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808425927bbb3-FRA
priority: u=2,i=?0

GET
H2 200 e-202419.js Show response
stats.wp.com/ 7 KB
3 KB 113ms
36ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202419.js
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Thu, 16 May 2024 02:45:33 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356563.6672
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 May 2025 22:00:26 GMT

GET
H3 200 intlTelInput.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/ 103 KB
23 KB 402ms
401ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/intlTelInput.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-19d8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFD166uWKTOYuZ4qvwYgNk6D0RbCMJw%2FGHcW9BMgbVQ3b2XxTwl0wjkz%2F2rCQHpbq1kGtb71tJx755j%2FqjLh6PR%2F6HYXBjiSzrnaZyZYGIr1heBGvIGCNM1RyUHVGZQc%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 884808425929bbb3-FRA
priority: u=3,i=?0

GET
H3 200 jquery.cookie.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 1 KB
1 KB 1609ms
1608ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/jquery.cookie.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-597"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpX3NQyqlhfyqcykpmzP6ycmH7eqP%2Bw5tS7O3lbXQCBuAnLVL8uC78yiiuLa5Opi2vwXQo72GUPk7XI2KDlH0iKWAmIopY93TDSGYE%2BWH8Za5S7yQQwLAd9vsgEp9mKjEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88480842592abbb3-FRA
priority: u=3,i=?0

GET
H3 200 mailcheck.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 11 KB
4 KB 1248ms
1247ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/mailcheck.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c9f123ebd16997f50d81cbc2a40c8e1553487704bc67f501853d87e4ee1a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-2c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxL%2F4icr7JZPXugmmx5TZDLbx5tSoJd6gsIkaho4NCgFy%2Fe8QQ0e9kQx9%2FKQSTG3qNPrIyldkaaki5M%2B2Sw7kdIqLEsQ5dfwylsLnKiN%2FpDNP0ry0vT5LViW1Ip6iufbFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88480842592bbbb3-FRA
priority: u=3,i=?0

GET
H3 200 jquery.email-autocomplete.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 6 KB
3 KB 2278ms
2277ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/jquery.email-autocomplete.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

761094d3031de6fc0d32291fc06e2d5c7b63f8a82a017e7ade0811cc002092aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-1907"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=foL0WfVTcjUCx8DlwnWQFdRQ2dVTbZVFoDptfNSMu6xSMJ8bpHdBzGq5OEnGj1A9X1WQin36q7Dk62Qs60EgiWytl28TSPPnqGFE9%2Fbm82nT%2BU5%2BMzTIpxpZ6ZmzNILklQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88480842592dbbb3-FRA
priority: u=3,i=?0

GET
H3 200 mystickyelements-fronted.min.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 33 KB
7 KB 2657ms
2656ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/mystickyelements-fronted.min.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad33bc128653bc0425653188dde91a4e5154fd67ba5de0398c89a99d8a4dc39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-858b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BeFv229p9piZunVEebOuP3rtMnhJHmR%2Fe%2BY2oQjERd0QxryIUca692gJWoebzM%2F35IZf%2FdddvlVYRJfMQWB2KBmIUKMPPTIVpjwp5B7k8IMKULT5eg8h4aap%2FjqYWOF7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88480842592ebbb3-FRA
priority: u=3,i=?0

GET
H3 200 sbi-scripts.min.js Show response
mandynotes.com/wp-content/plugins/instagram-feed/js/ 24 KB
7 KB 353ms
351ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.3.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6da90c7c676b9c3ea80dae9a2e589a653bd258f26506e37fd212df20643036

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 27 Apr 2024 03:14:25 GMT
server: cloudflare
etag: W/"662c6d91-6020"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fpMV3gT7f6i6dy5OUIxJ9WTvzY1rL5wqA1esjGHZhmneZte%2BiRE9xHlZDf8Ugq5EVMdCaB3WEHzYZJBmq5xjF69j%2BfbTiZI%2Fc8XkSbGiKUZ7Ux5Iy8NEZYiXMtzHx8Tw9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 884808425928bbb3-FRA
priority: u=2,i=?0

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 155ms
70ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 88480842dc9371bb-FRA

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ 0
192 B 1221ms
283ms XHR
application/octet-stream 104.199.245.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=ceced954-84ff-4e9a-bcd5-cb273539f24e
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 May 2024 02:45:34 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 97 KB
97 KB 335ms
248ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0af6d036d8a3d23fba830e01be2ab4417f46a1310a89ed51fd467990f6784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:41:01 GMT
x-content-type-options: nosniff
age: 11072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99184
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 23:41:01 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 46 KB
46 KB 327ms
241ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1260bad6a0367f33b2842651681b6ae1be4d39238f4aa225ddf4e84ea591b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:21:56 GMT
x-content-type-options: nosniff
age: 134617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46604
x-xss-protection: 0
last-modified: Mon, 13 May 2024 21:59:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:21:56 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BtnAOSA.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 32 KB
32 KB 242ms
155ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BtnAOSA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73c55149045e2877d3b9b3d2ca9f95bd89c12d63cb0e5268aead3ee556e604aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:21:56 GMT
x-content-type-options: nosniff
age: 134617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33140
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:21:56 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 79 KB
79 KB 324ms
238ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8060fe3f342afa9bf5ee21944bf5b6001f411a56abf1437e375829733298b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80880
x-xss-protection: 0
last-modified: Mon, 13 May 2024 21:59:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 93 KB
93 KB 259ms
173ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd46aa80e742b7d2217d9833eff576b36ecb655e36779e2cee719037bcb3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:21:56 GMT
x-content-type-options: nosniff
age: 134617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95412
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:21:56 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.75.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 45 KB
45 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.75.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0022da996fdaa7b79bccaf6990949826a6d62673b17958af739c6169fdb45134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 19:34:48 GMT
x-content-type-options: nosniff
age: 112245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45724
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:04:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 19:34:48 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 83 KB
83 KB 267ms
181ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

032840274c039cffcd7475916a14612cafc3caf54346a53263555c8fa2527c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:33:08 GMT
x-content-type-options: nosniff
age: 119545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85100
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 17:33:08 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 95 KB
95 KB 227ms
141ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb871acb2b4ed7a3457553c7fb35913f7518f21beafd9def816b7517039b7597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97040
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 95 KB
95 KB 329ms
243ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64b4e92b63be67ecb73bc8ebb98b2b625f2988185e96f31e8f4088bc59c433c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:21:56 GMT
x-content-type-options: nosniff
age: 134617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97084
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:04:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:21:56 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 93 KB
93 KB 308ms
223ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23e6c57561965841f2711b31c6b4c12b9e0d21cb4005b0a37835f8828e1dc63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95252
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 94 KB
94 KB 311ms
226ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8c5bc6aa8c2caca210a91ecb39d7fa9d7800ff4004e5b16e3fd11425af7627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96020
x-xss-protection: 0
last-modified: Mon, 13 May 2024 21:59:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.100.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 83 KB
83 KB 201ms
116ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.100.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2caa976bb925e8e1386b738ef7a8d427fcf1b1277e85f6c17b4b7e04f2736593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85332
x-xss-protection: 0
last-modified: Mon, 13 May 2024 21:59:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 113 KB
113 KB 176ms
91ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d91a60215242cd03796d14a8305b1d236cfb597f7a507ca68e525abf8cc83ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115784
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 94 KB
94 KB 319ms
235ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c051a70982d38a72b2f9da10d2b8abbd289e380de9b8426029912e6638e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96240
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 102 KB
102 KB 313ms
229ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9434642cf3899fea380a75d6a90c9f140b46331133497fba7d0338c74c44988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104304
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:02:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 86 KB
86 KB 303ms
219ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed53b44e95cac27ed87dd1c42ac52946be4e19c058ca7ea5e452ede5f76f9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:21:56 GMT
x-content-type-options: nosniff
age: 134617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87916
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:21:56 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.19.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 42 KB
42 KB 316ms
232ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.19.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c673304b9fb19cfa2187506d47af727bb3e0d2ff53a57b76c08defdd49bab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 19:03:58 GMT
x-content-type-options: nosniff
age: 114095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42904
x-xss-protection: 0
last-modified: Mon, 13 May 2024 21:59:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 19:03:58 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 89 KB
89 KB 249ms
165ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291233f564b5ee2404883da8e9e404e2e671026348ac3772775fb12e9eeab257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 01:25:16 GMT
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90812
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 01:25:16 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.69.woff2
fonts.gstatic.com/s/notoseriftc/v30/ 57 KB
57 KB 329ms
245ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v30/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.69.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1e74e10895a180f1757647f529dfeba8163ac4cb6a8fe33dbd900de95cdc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:52:18 GMT
x-content-type-options: nosniff
age: 118395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58376
x-xss-protection: 0
last-modified: Mon, 13 May 2024 21:59:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 17:52:18 GMT

GET
H3 404 DaiDaiSpa-768x576.jpg
mandynotes.com/wp-content/uploads/2023/03/ 64 KB
64 KB 626ms
625ms Image
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2023/03/DaiDaiSpa-768x576.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c4d30f147a080dcef50307dd71f923d7cfee8e6d39bf9475a5a435f26323a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5V0Nh0YLx8biUfLN690ztbRAb9TC%2BLZ8uY3nL7Zd4cgRSY%2BMTrVOUM1nPxpYOPq16etzqYSfFQtnYxAO0y4pVhpc45r%2FU2T%2BOFiTsieHdmfNh3mdw5da0xjOC%2Fmz0h6Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 884808429958bbb3-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=3,i
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 IMG_6926.jpg
mandynotes.com/wp-content/uploads/2022/04/ 365 KB
366 KB 2759ms
2757ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/04/IMG_6926.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 373783
last-modified: Mon, 11 Jul 2022 13:45:39 GMT
server: cloudflare
etag: "62cc2983-5b417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxdOmMDq%2BrnQfiazCKaEtJM3RuU9BOyWxe0mw2KlcEd7bDqXNjHyOAi%2BJM6O44F%2FahSAthaHF7Ippk3fDOl%2FBJ3W%2FvZLgPgooRoIyiMGrqpFIkNFeKh66jx4%2FTzEg2HO4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808429959bbb3-FRA
priority: u=3,i

GET
H3 200 IMG_5639.jpg
mandynotes.com/wp-content/uploads/2022/03/ 295 KB
296 KB 653ms
650ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/03/IMG_5639.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 302535
last-modified: Tue, 29 Mar 2022 09:15:57 GMT
server: cloudflare
etag: "6242ce4d-49dc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XkPrgdEOvlgR6m9%2FsI%2BtZGkkrMPzBZbo%2F1%2BRc5r72a8N26IRJz8H%2FKF%2FHnlCrQKCXx65vRMHqm9ith4WBZiUcTWjrwg0VJfxw0tFAIUAqwFHBCweJMTRInx5Fu2w8B5epw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88480842a95ebbb3-FRA
priority: u=3,i

GET
H3 200 %E5%B0%81%E9%9D%A2.jpg
mandynotes.com/wp-content/uploads/2022/02/ 256 KB
257 KB 1443ms
1440ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/02/%E5%B0%81%E9%9D%A2.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 262326
last-modified: Tue, 29 Mar 2022 09:15:54 GMT
server: cloudflare
etag: "6242ce4a-400b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdWYmyPKL9cDwB7JTZUeqRUbG8I8dLX88NKkZyqyo4w%2FlR4AJglV%2B5R5f9Bfs1WhkPpvFdWLWrzsXFqyxYOLeUXDC3pev6UK9bRgOsvsvD%2FeNwtlKZgdGmK1OTbPPKzwCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88480842a960bbb3-FRA
priority: u=3,i

GET
H3 404 IMG_2405-scaled.jpg
mandynotes.com/wp-content/uploads/2021/12/ 14 KB
14 KB 1432ms
1428ms Image
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/IMG_2405-scaled.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b6c19389a0e38962d00cebbf89a7435cebe15bab97c5042c0503fa9c3e9c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEQlaO9e%2FCdNxsUBnloMa5gO6yxUHpR4X0dpeIL4LsidP8k9UCBxwf3%2BUFwHsz5dZij637b3OwqxevIiWp4RCYlHbIwnimPBF4Ax42vRVR40DZEBEsffWPSbCB4j1mdgyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 88480842a961bbb3-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=3,i
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 83C0059A-5613-44A9-890B-A0D8E8CCCB45.png
mandynotes.com/wp-content/uploads/2021/12/ 508 KB
509 KB 1589ms
1585ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/83C0059A-5613-44A9-890B-A0D8E8CCCB45.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ea3b70f36817a4b4e683731d6ea45b6059980db3a64d732c900e4a751441c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 520626
last-modified: Mon, 25 Dec 2023 21:17:35 GMT
server: cloudflare
etag: "6589f16f-7f1b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7i8oGiF%2FPIvqw%2B78kmbLevmWnRI46PtqYX2BGbdyZu79gwOW0j38hUUHlIhNzwsDA0ii00KP8kOAKjJ55lFnV0g7oovtP%2FeGPeqiVuZ0v9V%2FJDPvFKkDiblL%2BuLNQGFLGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88480842a964bbb3-FRA
priority: u=3,i

GET
H3 200 1A9FCD83-52A6-4076-9234-799118FC6059.png
mandynotes.com/wp-content/uploads/2021/12/ 1 MB
1 MB 369ms
365ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/1A9FCD83-52A6-4076-9234-799118FC6059.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c522f4416a22e9b3e4e5c725facc757ee73ecd65e907aad67043c05fda7c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 1365194
last-modified: Mon, 25 Dec 2023 21:17:35 GMT
server: cloudflare
etag: "6589f16f-14d4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PL50SZondw4aMnwXzwupwCgIDRPMgqxCwiU3KLYEphupEp7AKIzsIkcUIEVFPhqemjyYm%2FZfEA38RHkRJim%2FCC4f%2BAhYr9A%2F5vxMHnA4OaEJbU1%2BwQ2pSmUhbqKa3gX7Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88480842a965bbb3-FRA
priority: u=3,i

GET
H3 200 VIXX.jpg
mandynotes.com/wp-content/uploads/2021/06/ 127 KB
127 KB 1564ms
1561ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/06/VIXX.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 129711
last-modified: Wed, 25 Aug 2021 06:59:23 GMT
server: cloudflare
etag: "6125ea4b-1faaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aD0toOLpuiGait7sYfj%2FviTn2tLV3aQxT1lliZCa461snzEjNgQTEzzfeyok97xpq1qNPN9GHYJvXOP8OX6LCN9d0v3n%2BE5POpVxsEMD%2BstCeYzl8H9lOublLH5JpSdRhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88480842a966bbb3-FRA
priority: u=3,i

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 140ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KNSMQ888FP&gtm=45je45f0v9116217875za200&_p=1715827533156&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1100741685.1715827533&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715827533&sct=1&seg=0&dl=https%3A%2F%2Fmandynotes.com%2F&dt=%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3902
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 02:45:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
178 B 36ms
36ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=193817632&post=0&tz=8&srv=mandynotes.com&j=1%3A13.4.1&host=mandynotes.com&ref=&fcp=3692&rand=0.8195381750831154
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 16 May 2024 02:45:35 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:30:05 GMT
x-content-type-options: nosniff
age: 130530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:30:05 GMT

GET
H3 200 fa-regular-400.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 24 KB
24 KB 2370ms
2370ms Font
font/woff2 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-regular-400.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 24488
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: "6596c049-5fa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRkJ76ygwJexQPuTtrQj1FYrPIKCHk2zPD5zM%2Fooc%2B1q%2BM3%2FrfkfXHq%2B0D6qh1sSkTxgkJ%2FVt7kVpWLOt00n3Gnhz6l%2BMC6myPpuIAhXy8vVzcnkZ6JnOYP%2Bphhqxciztg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808530cc6bbb3-FRA
priority: u=0,i=?0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 12:00:17 GMT
x-content-type-options: nosniff
age: 53118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 12:00:17 GMT

GET
H3 200 fa-solid-900.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 147 KB
147 KB 2688ms
2688ms Font
font/woff2 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-solid-900.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: "6596c049-24a04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmvCcJ69BnjKo81Jpsc%2FH91r6vl3wgN%2BPOpXJ4m8lTnA9sa1U9lHclS7skWqFVELE5fzVxIV%2FqFSWo93s8rOboMF9LHFXm8QXDHSnTrVcnRQKvLYsUECRPN9MDvJrUilZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808530cc8bbb3-FRA
priority: u=0,i=?0

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 10:39:40 GMT
x-content-type-options: nosniff
age: 57955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 10:39:40 GMT

GET
H3 200 fa-brands-400.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 107 KB
108 KB 618ms
618ms Font
font/woff2 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-brands-400.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 109808
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: "6596c049-1acf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Qe%2F05Yh5xQpqHyUr%2BBOwHqCa%2FpXI299UcEqXrfNxSJ2G2%2B1a5yJOTb2397VopTTjd4y3WHd0G00Bx6f%2B2z1MnnKTcQ8msrnha26PslCvmC3S%2ByvZuONAOps2bKnfajivg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808530cc9bbb3-FRA
priority: u=0,i=?0

GET
H2 200 persistentID.html
man.vm5apis.com/dist/ Frame 7967 0
0 176ms
41ms Document
text/html 2600:9000:206f:7000:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/persistentID.html
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7000:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 72149
content-encoding: gzip
content-type: text/html
date: Wed, 15 May 2024 08:07:36 GMT
etag: W/"76ad014071673508950b9f0395151cf8"
last-modified: Tue, 07 Feb 2023 10:42:21 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
x-amz-cf-id: kW_r1r8gKkSqHFCcoYobbhzihJs_ahqVUtbEmJRE-AOtOcV5JxQVFA==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 118ms
116ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0847247b8ded2050567005fa6bb02f9274f09f3aa04ad0e41268f69db7ff5e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76580
x-xss-protection: 0
last-modified: Thu, 16 May 2024 00:08:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 02:45:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 118ms
117ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9278a7f97715f10a83841c073a5cb4ce51f87c9017c92a0d8ce22088f188bcb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76831
x-xss-protection: 0
last-modified: Thu, 16 May 2024 00:08:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 02:45:35 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1001ms
301ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 06:51:38 GMT
server: nginx
etag: W/"65e6c0fa-15e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 16 May 2024 02:55:36 GMT

GET
H2 200 cm.js Show response
t.daexauto.com/ 2 KB
1 KB 197ms
39ms Script
application/javascript 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/cm.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:46:30 GMT
content-encoding: gzip
age: 3546
x-guploader-uploadid: ABPtcPpLaCp9_iWjsJtrqZ6tIDtEyCIlcdKot7h27UtN-HEIPRFHihf7QO7O55-ZYra9NOD3HLQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 605
last-modified: Tue, 20 Sep 2022 03:01:56 GMT
server: UploadServer
etag: "5cc302c71332a6e8596d563d8e1d4412"
x-goog-generation: 1663642916783214
x-goog-hash: crc32c=fEiJzw==, md5=XMMCxxMypuhZbVY9jh1EEg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 605
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 16 May 2025 01:46:30 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ 35 B
470 B 1717ms
338ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4027&uid=ceced954-84ff-4e9a-bcd5-cb273539f24e
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Date: Thu, 16 May 2024 02:45:37 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

POST
H2 400 connect Show response
vahfront.vm5apis.com/lite/ 88 B
523 B 466ms
301ms XHR
application/json 34.111.137.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vahfront.vm5apis.com/lite/connect
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.137.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.137.111.34.bc.googleusercontent.com
Software: /
Resource Hash: c887d5125c1ffec7752cfa76d7f2db16d1a6a69f57e8f330dd0445a61580d18b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 May 2024 02:45:36 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin: https://mandynotes.com
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 88
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 921.ea5565c86a4be1f7d88d.js Show response
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 352ms
351ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/921.ea5565c86a4be1f7d88d.js

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.47

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 1969
last-modified: Sat, 11 May 2024 12:30:29 GMT
server: cloudflare
etag: "663f64e5-7b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEk2l1LQaaqxi8tKi3s3Y4M%2FcpjwGcMH9DnH%2BkQWfKVuVUTzfz7NqMuW6R9rERiCEw7sQsbkVHUzDn9qo3NW5HfkYR1Yp6Wwh4A3FFShFibOGvrZy1wz9768PPSWzlEj7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808531cccbbb3-FRA
priority: u=3,i=?0

GET
H3 200 290707657_574852714160241_4486527713873087896_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 12 KB
12 KB 1725ms
1725ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 11931
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-2e9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRN1VAdOyq5%2B4AJANs4z1Woymtu0mq525OHXv15mI80DeIk2tsoyM0mCGTFclCReWUErskgxRtLINJQGl4Q2Vn%2BY0aMuIeDR3TtrQ9gx8VXaWfEAkU%2FkqTy%2Bl062iZXmLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808539d11bbb3-FRA
priority: u=3,i

GET
H3 200 287217568_160686366461413_7366712871875368301_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 14 KB
14 KB 1317ms
1316ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 14218
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-378a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUqD9JNj%2BV7J8UAmjZ3PsqJySk7W3AH1qI3YuAatuJW923RPrrNmcs%2Bzf5zJOLRHVk14t6sYxM4pWynaTFPYkRSCVYvQ9Ico0RP0BRB0kZf5yrG0jHdoeu1JVmfIFTJmMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808539d12bbb3-FRA
priority: u=3,i

GET
H3 200 283765183_2561605660637417_6847878822727222019_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 17 KB
17 KB 1326ms
1325ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/283765183_2561605660637417_6847878822727222019_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 17241
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-4359"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5cOCV7Doab0HjCnmvT800fT2Tf%2BgiqTXEfj0ZmzdK6B%2BbIMrHhPnPWj9QWUuFwx%2Bjz7a%2FsxuLBT%2FbolENXrjSXXyKiOVrDh0%2BPNpEbjVBjzD9nWYvUUx6wSFcbgXc4RVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808539d13bbb3-FRA
priority: u=3,i

GET
H3 200 281884683_396541252361589_8956761148631846597_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 12 KB
13 KB 1321ms
1320ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/281884683_396541252361589_8956761148631846597_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 12288
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-3000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBmJSBuGXs6RZMg1%2BUReOMRFSp%2Br24Uljz31ImfwlqMVEI92QMd3wKEpe6vQdRkHju0JZPNvsCiZ13STktj54TN%2Fw0A9AXElrL2%2Bg5Tnwg99MsRbrWqtECL2PYxA3sjj7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808539d14bbb3-FRA
priority: u=3,i

GET
H3 200 280139623_283474380549111_8818302409236210254_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 26 KB
26 KB 1727ms
1727ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/280139623_283474380549111_8818302409236210254_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 26225
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-6671"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2BGwi7ctPpd%2F6OAY92Zk3d3z331fzPxEB4no7%2FTBv7n9kMyv4fPct22%2FeHr3OU3k%2BD9JlKiQ80yQAih6XE1nfY%2BcDxJx7j20XEExwzfI0bpK2RdNEdFgQmpVl39Z4ynM9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808539d15bbb3-FRA
priority: u=3,i

GET
H3 200 279844487_3159380181047996_2449311943832026812_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 13 KB
13 KB 1324ms
1324ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/279844487_3159380181047996_2449311943832026812_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 12826
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-321a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oT883VlQGL3SZEOKeIXf6Sg%2FsA%2FEJQQG4acLW1fvQ3KChGpTq33rZh9HgiY6cY%2BIDndunZeWEUSSgGf5SgwBHh%2Bv9lMPXIAXVIxdKPJpXlLfA%2BAM%2B0K0FH1DOJdEAGWdBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808539d16bbb3-FRA
priority: u=3,i

GET
H3 200 sticky.js Show response
mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/ 15 KB
4 KB 1298ms
1297ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js?ver=2.0.47

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.47

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96f071e438795b8d647e5b5beba0a42df5d9a1b72ab9820436ea26f45ce56af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 May 2024 14:33:43 GMT
server: cloudflare
etag: W/"663f81c7-3a8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hck3%2FVJYIdjRbBT30XZmXWDhPR%2FpNsBrzw7ZCxOmiIq6aZQQtqCunLR%2F6wWACwjPDaPdfULGimAqsGdaPsbQX4TuR3rpmXZlNx4t4b6Ch5EmPMDLGCuflPvD5mKYLdsJ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 884808539d17bbb3-FRA
priority: u=3,i=?0

GET
H2

200

activityi;dc_pre=CNeOp9aTkYYDFUskBgAdbL4EUQ;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=htt...
11009166.fls.doubleclick.net/ Frame 3B12
Redirect Chain

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=...
https://11009166.fls.doubleclick.net/activityi;dc_pre=CNeOp9aTkYYDFUskBgAdbL4EUQ;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b45...

0
0

52ms
51ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11009166.fls.doubleclick.net/activityi;dc_pre=CNeOp9aTkYYDFUskBgAdbL4EUQ;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 02:45:36 GMT
expires: Thu, 16 May 2024 02:45:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 02:45:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11009166.fls.doubleclick.net/activityi;dc_pre=CNeOp9aTkYYDFUskBgAdbL4EUQ;src=11009166;type=invmedia;cat=websd0;ord=7410573381598;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CMiCqNaTkYYDFVFuQQIdoUcG9g;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=htt...
10559160.fls.doubleclick.net/ Frame 1FEE
Redirect Chain

https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=...
https://10559160.fls.doubleclick.net/activityi;dc_pre=CMiCqNaTkYYDFVFuQQIdoUcG9g;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b45...

0
0

52ms
52ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10559160.fls.doubleclick.net/activityi;dc_pre=CMiCqNaTkYYDFVFuQQIdoUcG9g;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 02:45:36 GMT
expires: Thu, 16 May 2024 02:45:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 02:45:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10559160.fls.doubleclick.net/activityi;dc_pre=CMiCqNaTkYYDFVFuQQIdoUcG9g;src=10559160;type=invmedia;cat=websd0;ord=2635264392261;npa=1;auiddc=309972699.1715827536;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.html
t.daexauto.com/ Frame 9694 0
0 232ms
155ms Document
text/html 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/main.html?partner=vmfive&member=ceced954-84ff-4e9a-bcd5-cb273539f24e
Requested by: Host: t.daexauto.com
URL: https://t.daexauto.com/cm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-length: 13194
content-type: text/html
date: Thu, 16 May 2024 02:45:36 GMT
etag: "eaab32de7850de7dd79c63e84f311fa1"
expires: Fri, 16 May 2025 02:45:36 GMT
last-modified: Tue, 20 Sep 2022 03:03:06 GMT
server: UploadServer
x-goog-generation: 1663642986084651
x-goog-hash: crc32c=ixrhRQ== md5=6qsy3nhQ3n3XnGPoTzEfoQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13194
x-guploader-uploadid: ABPtcPqM2UlVPuSykW_Tq6CLB-rBw1_SNP8yA2x9D_TLhNZX_NitNsRmeABrm9h22xfeFuiB7ts

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
407 B 304ms
304ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0afe0d6883e87de1f74519ff3dcf528e7f389e1625d362f43d2fd6ef98c6eb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 addr.json Show response
iptoweather.vm5apis.com/ 23 B
114 B 829ms
272ms Fetch
application/json 35.229.142.89
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iptoweather.vm5apis.com/addr.json
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.229.142.89 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 89.142.229.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0666b8e52e5d2f0912a8003ee44f83029633f88ee08c5b055f5953ea7e452073

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 16 May 2024 02:45:37 GMT
server: nginx
content-length: 23
content-type: application/json

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
276 B 303ms
303ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=49758e3e-e40c-4b95-93ac-ee8a8ebab1fe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 287217568_160686366461413_7366712871875368301_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 33 KB
34 KB 1298ms
1297ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nfull.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 34078
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-851e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU5d9Q53iQbd20dFFjHCq0EPKM0CHzpa20sqw0HyVMCVYZs70zSA%2FdLM9tx9zbcDExgs5DbvDm7Nw0sDFlwFKhCUIz8IcteUxRdIoPux5MWATJhCVcvlD6FHn1%2F6c91U%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8848085b7a37bbb3-FRA
priority: u=3,i

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
192 B 304ms
304ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=8f86e5&cid=ceced954-84ff-4e9a-bcd5-cb273539f24e&mp=49758e3e-e40c-4b95-93ac-ee8a8ebab1fe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:37 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
49758e3e-e40c-4b95-93ac-ee8a8ebab1fe.t.ssp.hinet.net/ 0
80 B 877ms
301ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49758e3e-e40c-4b95-93ac-ee8a8ebab1fe.t.ssp.hinet.net/pixel?bd=49758e3e-e40c-4b95-93ac-ee8a8ebab1fe&t=8f86e5&referrer=https%3A%2F%2Fmandynotes.com%2F

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:38 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H3 200 290707657_574852714160241_4486527713873087896_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 39 KB
39 KB 2368ms
2367ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nfull.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 02:45:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 39788
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-9b6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVJAfDLY36Q%2FjUukXyTGbrprGzGjboDtvIBBai0smBbZ%2B4VWGi3DLqGC3tGAC4GcQOEnKdnbcv6FbSp7VOxBx5YtKPsZiXULjIz8VhH7tSZaaynUN77%2FcuL1XeuuUQLCTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8848085dfbc8bbb3-FRA
priority: u=3,i

GET
H/1.1 200
OK pixel
pt0.vm5apis.com/api/v2/ 35 B
0 893ms
312ms Fetch
image/gif 35.194.212.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel?event=id_sync&provider=-&webBrowserId=fae568e2-90bd-41b8-bcf1-29ad21482887&eventDetails=%7B%22browser_id%22%3A%22fae568e2-90bd-41b8-bcf1-29ad21482887%22%2C%22browser_id_shared%22%3A%22fae568e2-90bd-41b8-bcf1-29ad21482887%22%2C%22browser_id_timestamp_shared%22%3A1715827536835%2C%22browser_id_cookie_shared%22%3A%22fae568e2-90bd-41b8-bcf1-29ad21482887%22%2C%22browser_id_cookie_timestamp_shared%22%3A1715827536835%2C%22browser_id_local%22%3A%22fae568e2-90bd-41b8-bcf1-29ad21482887%22%2C%22browser_id_timestamp_local%22%3A%221715827536835%22%2C%22browser_id_cookie_local%22%3A%22fae568e2-90bd-41b8-bcf1-29ad21482887%22%2C%22browser_id_cookie_timestamp_local%22%3A%221715827536835%22%2C%22referrer%22%3A%22%22%2C%22request_source%22%3A%22https%3A%2F%2Fmandynotes.com%2F%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36%22%2C%22platform%22%3A%22Win32%22%2C%22language%22%3A%22de-DE%22%2C%22ip%22%3A%2280.255.7.124%22%7D

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 16 May 2024 02:45:38 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://mandynotes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

POST
H3 204 rum Show response
mandynotes.com/cdn-cgi/ 0
141 B 51ms
49ms XHR
text/plain 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 16 May 2024 02:45:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://mandynotes.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8848086cdd72bbb3-FRA

GET
H3

200

w-logo-blue-white-bg.png
mandynotes.com/wp-includes/images/
Redirect Chain

https://mandynotes.com/favicon.ico
https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

4 KB
5 KB

356ms
355ms

Other
image/png

172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

Protocol

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 16 May 2024 02:45:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 4119
last-modified: Thu, 21 May 2020 09:10:12 GMT
server: cloudflare
etag: "5ec64574-1017"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1n5TLtcFZ%2F88E9ddk%2FdpdHUdY0EYIIUXB6V5Sq%2FYHC0u6NPwnQ%2FKBq5kdxBewYEPj3n2SybBaah7AMuAJktUKCn4UtcoyAw%2Bucol8s3DWg57f%2FLJxKkcVj2XFwy3CvvR7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884808700f3fbbb3-FRA
priority: u=1,i

Redirect headers

date: Thu, 16 May 2024 02:45:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evgr%2FK%2FI5hkMb8WvWHAiwiTGOt%2FkCANeOOFQaFV%2BXJ4oJzhyQ%2B74vzI4KNrpzCWVBXP%2BUTkKlyYpUQxD8bdG1lNFHW61w4DlTRV14ZIFGXuXFQL%2FFK%2BHaMtAJs7G2NSv9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png
cf-ray: 8848086cfd80bbb3-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=1,i
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: demo4.iseeu.tw
URL: https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
man.vm5apis.com/dist	1970-01-21 06:13:07	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1715827536835
man.vm5apis.com/dist	1970-01-21 06:13:07	Name: VM5AD_BROWSER_ID_COOKIE Value: fae568e2-90bd-41b8-bcf1-29ad21482887
.mandynotes.com/	1970-01-21 06:13:07	Name: _ga_KNSMQ888FP Value: GS1.1.1715827533.1.0.1715827533.0.0.0
.mandynotes.com/	1970-01-21 06:13:07	Name: _ga Value: GA1.1.1100741685.1715827533
mandynotes.com/	1970-01-20 21:20:19	Name: MSE_HTTP_REFERER Value: https%3A%2F%2Fmandynotes.com%2F
.mandynotes.com/	1970-01-20 22:46:43	Name: _gcl_au Value: 1.1.309972699.1715827536
.doubleclick.net/	1970-01-20 20:37:08	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:56:19	Name: receive-cookie-deprecation Value: 1
mandynotes.com/	1970-01-21 06:13:07	Name: VM5AD_BROWSER_ID_COOKIE Value: fae568e2-90bd-41b8-bcf1-29ad21482887
mandynotes.com/	1970-01-21 06:13:07	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1715827536835
.hinet.net/	1970-01-21 06:13:07	Name: uuid Value: 49758e3e-e40c-4b95-93ac-ee8a8ebab1fe
.mandynotes.com/	1970-01-21 05:22:43	Name: __htid Value: 49758e3e-e40c-4b95-93ac-ee8a8ebab1fe
.mandynotes.com/	1970-01-20 20:37:11	Name: _ht_em Value: 1
.mandynotes.com/	1970-01-20 20:38:33	Name: _ht_8f86e5 Value: 1
.lndata.com/	1970-01-21 05:23:12	Name: admckid Value: 2405161045371213475

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mandynotes.com/wp-content/uploads/2023/03/DaiDaiSpa-768x576.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mandynotes.com/wp-content/uploads/2021/12/IMG_2405-scaled.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vahfront.vm5apis.com/lite/connect Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10559160.fls.doubleclick.net
11009166.fls.doubleclick.net
49758e3e-e40c-4b95-93ac-ee8a8ebab1fe.t.ssp.hinet.net
cm.lndata.com
demo4.iseeu.tw
fonts.googleapis.com
fonts.gstatic.com
iptoweather.vm5apis.com
man.vm5apis.com
mandynotes.com
match-hubble-man.vm5apis.com
pixel.wp.com
pt0.vm5apis.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.wp.com
t.daexauto.com
t.ssp.hinet.net
vahfront.vm5apis.com
vawpro.vm5apis.com
www.googletagmanager.com
demo4.iseeu.tw
104.199.210.210
104.199.245.202
116.50.36.71
142.250.184.198
172.67.129.122
192.0.76.3
2001:4860:4802:34::36
203.75.214.136
2600:9000:206f:7000:15:a9a7:4a80:93a1
2600:9000:206f:c00:15:a9a7:4a80:93a1
2606:4700::6810:4f49
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82f::2008
34.102.239.73
34.111.137.131
35.194.212.25
35.229.142.89
0022da996fdaa7b79bccaf6990949826a6d62673b17958af739c6169fdb45134
032840274c039cffcd7475916a14612cafc3caf54346a53263555c8fa2527c96
046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2
0666b8e52e5d2f0912a8003ee44f83029633f88ee08c5b055f5953ea7e452073
0847247b8ded2050567005fa6bb02f9274f09f3aa04ad0e41268f69db7ff5e16
0a5d21e0cb2ecaf9ca8041116c38b0f0dd0d2fe2e21d23880accd41c3fa0b8c4
0afe0d6883e87de1f74519ff3dcf528e7f389e1625d362f43d2fd6ef98c6eb1d
0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1
12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d
1e66987e84ebc8ad696bb03c441676460c75747f6de9087f6a6f5b91aa40f552
1ed53b44e95cac27ed87dd1c42ac52946be4e19c058ca7ea5e452ede5f76f9cd
1f6e24c49aaaa105a1db1cba309d2efe30a6074b73a3e3d1c11e93d59c61576f
23e6c57561965841f2711b31c6b4c12b9e0d21cb4005b0a37835f8828e1dc63f
25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3
275eff8894dcaa23fab335ce6ace71a79d918e689c4d5013c605bb0643fc4435
291233f564b5ee2404883da8e9e404e2e671026348ac3772775fb12e9eeab257
29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754
2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194
2c4d30f147a080dcef50307dd71f923d7cfee8e6d39bf9475a5a435f26323a7a
2caa976bb925e8e1386b738ef7a8d427fcf1b1277e85f6c17b4b7e04f2736593
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
31bd46aa80e742b7d2217d9833eff576b36ecb655e36779e2cee719037bcb3af
34c051a70982d38a72b2f9da10d2b8abbd289e380de9b8426029912e6638e081
35b6c19389a0e38962d00cebbf89a7435cebe15bab97c5042c0503fa9c3e9c88
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee
4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57c673304b9fb19cfa2187506d47af727bb3e0d2ff53a57b76c08defdd49bab0
5841fa85272c6427ad5562eaf266f25a545b87de2d6a21c9ad3fa2b1751fcb86
64b4e92b63be67ecb73bc8ebb98b2b625f2988185e96f31e8f4088bc59c433c6
684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
73c522f4416a22e9b3e4e5c725facc757ee73ecd65e907aad67043c05fda7c40
73c55149045e2877d3b9b3d2ca9f95bd89c12d63cb0e5268aead3ee556e604aa
761094d3031de6fc0d32291fc06e2d5c7b63f8a82a017e7ade0811cc002092aa
78715aefd3a4f658af4daf91d9193894c3115bf4c76d25cb1e499600ea84b446
7d91a60215242cd03796d14a8305b1d236cfb597f7a507ca68e525abf8cc83ce
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ea07d95b1aa9838c74582199385ff06912479f98fe96952c1c3d56fafec0e4e
7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
9278a7f97715f10a83841c073a5cb4ce51f87c9017c92a0d8ce22088f188bcb3
95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d
9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73
96f071e438795b8d647e5b5beba0a42df5d9a1b72ab9820436ea26f45ce56af0
98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a5ea3b70f36817a4b4e683731d6ea45b6059980db3a64d732c900e4a751441c8
ad33bc128653bc0425653188dde91a4e5154fd67ba5de0398c89a99d8a4dc39e
ad6da90c7c676b9c3ea80dae9a2e589a653bd258f26506e37fd212df20643036
ae0af6d036d8a3d23fba830e01be2ab4417f46a1310a89ed51fd467990f6784b
ae558fa45df7e4f206ebb842624d393a69aa0d5aba7aa04000592c2c83732f7c
b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23
b5c9f123ebd16997f50d81cbc2a40c8e1553487704bc67f501853d87e4ee1a90
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9434642cf3899fea380a75d6a90c9f140b46331133497fba7d0338c74c44988
bb1260bad6a0367f33b2842651681b6ae1be4d39238f4aa225ddf4e84ea591b2
bb4a584febc734009548e91f8b2893134067670373bf5b3254922d48c58388f7
c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02
c887d5125c1ffec7752cfa76d7f2db16d1a6a69f57e8f330dd0445a61580d18b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d11699672028c7d917de56adadb077c11e3bb4e14580a242870c4ed31c2e50d3
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d3253052f515950819228de250155ebb75741ac7aa6e9d14792415b01279fb87
d474b00ed0fe9653738bd11c834b13efa13c59a76ad4be016e8b3f5a68173d6e
d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2
d8060fe3f342afa9bf5ee21944bf5b6001f411a56abf1437e375829733298b94
db1e74e10895a180f1757647f529dfeba8163ac4cb6a8fe33dbd900de95cdc5a
e114cba3ed55edf0a89420d34245dd057b50080a6be49b3bae86f7399b5eb96c
e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f
e37ba86536f9a12d450390901292af30f4393d4fe3e06b907d351ef876264301
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca
ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d
fb871acb2b4ed7a3457553c7fb35913f7518f21beafd9def816b7517039b7597
fb8c5bc6aa8c2caca210a91ecb39d7fa9d7800ff4004e5b16e3fd11425af7627

mandynotes.com Open in urlscan Pro 172.67.129.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

98 %HTTPS

39 %IPv6

13 Domains

21 Subdomains

19 IPs

3 Countries

5539 kBTransfer

7037 kBSize

15 Cookies

9 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mandynotes.com Open in urlscan Pro
172.67.129.122 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

98 %
HTTPS

39 %
IPv6

13
Domains

21
Subdomains

19
IPs

3
Countries

5539 kB
Transfer

7037 kB
Size

15
Cookies

98 HTTP transactions
0 data transactions