mandala.mn Open in urlscan Pro
128.199.196.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mandala.mn/update/bros.exe
Effective URL:
https://mandala.mn/update/bros.exe
Submission Tags: falconsandbox
Submission: On October 13 via api (October 13th 2020, 11:01:54 am UTC) from US

Summary HTTP 36 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 36 HTTP transactions. The main IP is 128.199.196.98, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is mandala.mn.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 21st 2020. Valid for: 3 months.

This is the only time mandala.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 29	128.199.196.98 128.199.196.98		14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:81b::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2003		15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003		15169 (GOOGLE) (GOOGLE)
36	4

29 128.199.196.98 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 346072.cloudwaysapps.com

mandala.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	mandala.mn 1 redirects mandala.mn	714 KB
7	gstatic.com fonts.gstatic.com	73 KB
1	googleapis.com fonts.googleapis.com	825 B
36	3

	Domain	Requested by
29	mandala.mn	1 redirects mandala.mn
7	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	mandala.mn
36	3

This site contains links to these domains. Also see Links.

Domain
url
irede.mn

Subject Issuer	Validity	Valid
mandala.mn Let's Encrypt Authority X3	`2020-08-21` - `2020-11-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mandala.mn/update/bros.exe
Frame ID: 335DB4B5599AC9BE404C591AA7E51AEC
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mandala.mn/update/bros.exe HTTP 301
https://mandala.mn/update/bros.exe Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
script /\/revslider\/[/\w-]+\/js/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
script /\/revslider\/[/\w-]+\/js/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
script /\/revslider\/[/\w-]+\/js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /\/revslider\/[/\w-]+\/js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

36
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

787 kB
Transfer

2002 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://url/

Search URL Search Domain Scan URL

URL: https://irede.mn/
Title: irede

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mandala.mn/update/bros.exe HTTP 301
https://mandala.mn/update/bros.exe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request bros.exe Show response
mandala.mn/update/
Redirect Chain

http://mandala.mn/update/bros.exe
https://mandala.mn/update/bros.exe

36 KB
10 KB

908ms
515ms

Document
text/html

128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 55de0efcb5f0f24a8a4a576caaab1cc15e664e92cdc3acdf62c177f439218785

Request headers

:method: GET
:authority: mandala.mn
:scheme: https
:path: /update/bros.exe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
server: nginx
date: Tue, 13 Oct 2020 11:01:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-transform, no-cache, no-store, must-revalidate
link: <https://mandala.mn/rest/>; rel="https://api.w.org/"
age: 0
x-cache: MISS
content-encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 13 Oct 2020 11:01:35 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://mandala.mn/update/bros.exe

GET
H2 200 formidableforms.css
mandala.mn/ext/formidable/css/ 78 KB
11 KB 399ms
397ms Stylesheet
text/css 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/formidable/css/formidableforms.css
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 4b5b6ccea44a796af8ad958145c84c7dbbf6e0d7e9d06dfff9187717397ac0ce

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Fri, 05 Jun 2020 11:42:43 GMT
server: nginx
age: 8424
etag: "13689-5a754c25db748-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10664
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 style.css
mandala.mn/ext/woocommerce/packages/woocommerce-blocks/build/ 30 KB
4 KB 208ms
206ms Stylesheet
text/css 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/woocommerce/packages/woocommerce-blocks/build/style.css
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: e64100e08c53608c5bb9b424b788a4376a09706ad0bbce0d8fb75622952a5960

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 12:45:27 GMT
server: nginx
age: 8424
etag: "76e8-59a0def86d242-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4290
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 rs6.css
mandala.mn/ext/revslider/public/assets/css/ 56 KB
12 KB 211ms
209ms Stylesheet
text/css 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/revslider/public/assets/css/rs6.css
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: c5d20b6efa1fc2e955ba990456327b0568e2b1b1ace175dcdb90c84b7a221390

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 07:37:34 GMT
server: nginx
age: 8424
etag: "e1a2-59a09a2742c0c-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12039
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 fl-icons.css
mandala.mn/skin_main/assets/css/ 328 B
414 B 203ms
202ms Stylesheet
text/css 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/skin_main/assets/css/fl-icons.css
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 06:53:53 GMT
server: nginx
age: 8424
etag: "148-59a090635157a-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 161
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 flatsome.css
mandala.mn/skin_main/assets/css/ 134 KB
27 KB 557ms
556ms Stylesheet
text/css 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/skin_main/assets/css/flatsome.css
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 1860dbd68d844185a47e9fdc6adf68bb18155482e961d280be13bf2b64931681

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 06:53:53 GMT
server: nginx
age: 8424
etag: "216d4-59a090634d6fa-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27740
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 flatsome-shop.css
mandala.mn/skin_main/assets/css/ 22 KB
5 KB 207ms
205ms Stylesheet
text/css 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/skin_main/assets/css/flatsome-shop.css
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: b331d8cfdf7d80600c17408ce244f8c32026cb8636d36fb112ec6bd392fa5b33

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 06:53:53 GMT
server: nginx
age: 8424
etag: "56de-59a090634b7b9-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5374
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
825 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Requested by

Host: mandala.mn
URL: https://mandala.mn/update/bros.exe

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5dd70e5fbbf061c09f4637e8494a9965ce64fdaa8c00c0f6e3165f6ab354aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Oct 2020 11:01:36 GMT
server: ESF
date: Tue, 13 Oct 2020 11:01:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Oct 2020 11:01:36 GMT

GET
H2 200 jquery.js Show response
mandala.mn/other/js/jquery/ 95 KB
33 KB 381ms
380ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/other/js/jquery/jquery.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:56:01 GMT
server: nginx
age: 8424
etag: "17a69-5995ab5dfc240-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33776
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
mandala.mn/other/js/jquery/ 10 KB
4 KB 402ms
401ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/other/js/jquery/jquery-migrate.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:56:01 GMT
server: nginx
age: 8424
etag: "2748-5995ab5dfc240-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4014
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 revolution.tools.min.js Show response
mandala.mn/ext/revslider/public/assets/js/ 147 KB
51 KB 557ms
556ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/revslider/public/assets/js/revolution.tools.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 0a79ae4b9e359eb359db5e9c4ee6abd91a0cd514eabdeac0c44b2f1c2bac1c40

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 07:37:34 GMT
server: nginx
age: 8424
etag: "24ca1-59a09a2745aed-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 51572
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 rs6.min.js Show response
mandala.mn/ext/revslider/public/assets/js/ 270 KB
69 KB 554ms
553ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/revslider/public/assets/js/rs6.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 31a95672d187364df635a94aa331ce84f8b2f8a18f7f1547aca21b1b34277b21

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 07:37:34 GMT
server: nginx
age: 8424
etag: "43767-59a09a2743bac-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 70174
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 Mandala-logo-2.png
mandala.mn/file/2020/02/ 18 KB
18 KB 216ms
214ms Image
image/png 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandala.mn/file/2020/02/Mandala-logo-2.png
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 0bf69bd60f9b274f7b6edee55fa5d1a291ae62633eecbca689e381f158eb9496

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
last-modified: Wed, 05 Feb 2020 09:56:57 GMT
server: nginx
age: 11321
etag: "4803-59dd12d4dfc6b"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18435
expires: Wed, 13 Oct 2021 07:52:56 GMT

GET
H2 200 jquery.blockUI.min.js Show response
mandala.mn/ext/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 197ms
197ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 12:45:27 GMT
server: nginx
age: 8425
etag: "255e-59a0def891466-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3533
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 add-to-cart.min.js Show response
mandala.mn/ext/woocommerce/assets/js/frontend/ 3 KB
1 KB 200ms
200ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/woocommerce/assets/js/frontend/add-to-cart.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 12:45:27 GMT
server: nginx
etag: "abe-59a0def8887c5-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1017
expires: Thu, 12 Nov 2020 11:01:37 GMT

GET
H2 200 js.cookie.min.js Show response
mandala.mn/ext/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 202ms
198ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/woocommerce/assets/js/js-cookie/js.cookie.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 12:45:27 GMT
server: nginx
age: 8425
etag: "736-59a0def88f525-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 981
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 woocommerce.min.js Show response
mandala.mn/ext/woocommerce/assets/js/frontend/ 1 KB
882 B 206ms
202ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/woocommerce/assets/js/frontend/woocommerce.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 12:45:27 GMT
server: nginx
age: 8425
etag: "5c0-59a0def8887c5-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 619
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 cart-fragments.min.js Show response
mandala.mn/ext/woocommerce/assets/js/frontend/ 3 KB
1 KB 217ms
213ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/woocommerce/assets/js/frontend/cart-fragments.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 12:45:27 GMT
server: nginx
etag: "b7c-59a0def8887c5-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1042
expires: Thu, 12 Nov 2020 11:01:37 GMT

GET
H2 200 flatsome-live-search.js Show response
mandala.mn/skin_main/inc/extensions/flatsome-live-search/ 16 KB
5 KB 209ms
206ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/skin_main/inc/extensions/flatsome-live-search/flatsome-live-search.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 06:53:53 GMT
server: nginx
age: 8425
etag: "3e04-59a090637d49f-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5106
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 hoverIntent.min.js Show response
mandala.mn/other/js/ 1 KB
719 B 206ms
203ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/other/js/hoverIntent.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:56:01 GMT
server: nginx
age: 8425
etag: "447-5995ab5dfc240-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 456
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 flatsome.js Show response
mandala.mn/skin_main/assets/js/ 167 KB
49 KB 210ms
207ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/skin_main/assets/js/flatsome.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 781fc24f9f38eb379326a33a232463e33d9ce0f4f4d22ca4906e04a819d6f4df

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 06:53:53 GMT
server: nginx
age: 8425
etag: "29a49-59a090635445a-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49618
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 woocommerce.js Show response
mandala.mn/skin_main/assets/js/ 14 KB
5 KB 209ms
207ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/skin_main/assets/js/woocommerce.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 8ad87d622ea0817487dea2435dea7426391a986bcf94901aa38df6562da28a36

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 06:53:53 GMT
server: nginx
age: 8425
etag: "394c-59a090635733b-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4782
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 embed.min.js Show response
mandala.mn/other/js/ 1 KB
1003 B 213ms
211ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/other/js/embed.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:56:01 GMT
server: nginx
age: 8425
etag: "577-5995ab5dfc240-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 740
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 zxcvbn-async.min.js Show response
mandala.mn/other/js/ 318 B
495 B 214ms
212ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/other/js/zxcvbn-async.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 00289747a2226be149b8094330ccb739ae7ec8edd090127ca809df7ca75bc653

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:56:01 GMT
server: nginx
age: 8425
etag: "13e-5995ab5dfc240-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 232
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 password-strength-meter.min.js Show response
mandala.mn/wp-admin/js/ 731 B
645 B 213ms
211ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/wp-admin/js/password-strength-meter.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: f7dc66a8ff71c7f96c5fb62f4153f69f5348c64df9cfd083684d7cb317c4f986

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:56:02 GMT
server: nginx
etag: W/"5defb202-2db"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 12 Nov 2020 11:01:37 GMT

GET
H2 200 password-strength-meter.min.js Show response
mandala.mn/ext/woocommerce/assets/js/frontend/ 2 KB
1 KB 215ms
213ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/ext/woocommerce/assets/js/frontend/password-strength-meter.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/update/bros.exe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 980033b7b56674d053655bdcfca7b5db49f6305b5fd5654ed9fd18eb324ad81e

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 12:45:27 GMT
server: nginx
age: 8425
etag: "7f2-59a0def8887c5-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 769
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mandala.mn
Referer: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 93372
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:25 GMT

GET
H2 200 fl-icons.woff2
mandala.mn/skin_main/assets/css/icons/ 6 KB
6 KB 209ms
208ms Font
application/octet-stream 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/skin_main/assets/css/icons/fl-icons.woff2
Requested by: Host: mandala.mn
URL: https://mandala.mn/skin_main/assets/css/fl-icons.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da

Request headers

Origin: https://mandala.mn
Referer: https://mandala.mn/skin_main/assets/css/fl-icons.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
last-modified: Thu, 19 Dec 2019 06:53:53 GMT
server: nginx
age: 8425
etag: "17f0-59a090635157a"
x-cache: HIT
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6128
expires: Thu, 12 Nov 2020 08:41:12 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mandala.mn
Referer: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 93372
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:25 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mandala.mn
Referer: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:29:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:59 GMT
server: sffe
age: 91941
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:29:16 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gfD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gfD_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfbd1ad70b74114845499f31bf8741d5f6591121218594683aa9e743a8c308f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mandala.mn
Referer: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:04:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:18 GMT
server: sffe
age: 352603
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11564
x-xss-protection: 0
expires: Sat, 09 Oct 2021 09:04:54 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3g3D_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3g3D_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2807363e414bd864292a9555556ce345e6046bb2c9eb090586c96848dc200a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mandala.mn
Referer: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 05:37:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:52 GMT
server: sffe
age: 365060
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7984
x-xss-protection: 0
expires: Sat, 09 Oct 2021 05:37:17 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gTD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gTD_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70dfca4a399134b35240c827468d5c5f701865e04104f7cf209e3f9572ab1f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mandala.mn
Referer: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:54:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:59 GMT
server: sffe
age: 576436
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9252
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:54:21 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WRhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WRhyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43c64881a0b9eb5f2069c474af58c46a6bacb1058aad311de7117f36c07b4c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mandala.mn
Referer: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C600italic%2Cregular%2C600%2Cregular&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 15:10:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:09 GMT
server: sffe
age: 330668
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9280
x-xss-protection: 0
expires: Sat, 09 Oct 2021 15:10:29 GMT

POST
H2 200 / Show response
mandala.mn/ 590 B
601 B 387ms
387ms XHR
application/json 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mandala.mn/?wc-ajax=get_refreshed_fragments

Requested by

Host: mandala.mn
URL: https://mandala.mn/other/js/jquery/jquery.js

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

346072.cloudwaysapps.com

Software

nginx /

Resource Hash

d0f0d8a7dd574aa4a56bbd553faf7ebff90d38249275195e5abe5e9b02cfdf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://mandala.mn/update/bros.exe
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://mandala.mn
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 zxcvbn.min.js Show response
mandala.mn/other/js/ 803 KB
391 KB 198ms
197ms Script
application/javascript 128.199.196.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mandala.mn/other/js/zxcvbn.min.js
Requested by: Host: mandala.mn
URL: https://mandala.mn/other/js/zxcvbn-async.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.199.196.98 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 346072.cloudwaysapps.com
Software: nginx /
Resource Hash: 15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728

Request headers

Referer: https://mandala.mn/update/bros.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 11:01:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 14:56:01 GMT
server: nginx
age: 8424
etag: "c8bba-5995ab5dfc240-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 399635
expires: Thu, 12 Nov 2020 08:41:13 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| _nsl undefined| $ function| jQuery undefined| RS_CacheGS undefined| RS_CacheGS_queue undefined| RS_Cache_define object| punchgs object| _gsScope undefined| GreenSockGlobals undefined| _gsQueue undefined| _gsDefine function| setREVStartSize string| c object| wc_add_to_cart_params function| Cookies object| woocommerce_params object| wc_cart_fragments_params object| flatsomeVars function| StickySidebar function| Waypoint object| __core-js_shared__ object| Flatsome string| waypointContextKey object| jQuery112407735168059838706 function| objectFitImages function| cookie object| wp object| _zxcvbnSettings object| pwsL10n function| passwordStrength object| wc_password_strength_meter_params function| zxcvbn

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mandala.mn/other/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mandala.mn
128.199.196.98
2a00:1450:4001:80b::2003
2a00:1450:4001:816::2003
2a00:1450:4001:81b::200a
00289747a2226be149b8094330ccb739ae7ec8edd090127ca809df7ca75bc653
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0a79ae4b9e359eb359db5e9c4ee6abd91a0cd514eabdeac0c44b2f1c2bac1c40
0bf69bd60f9b274f7b6edee55fa5d1a291ae62633eecbca689e381f158eb9496
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
1860dbd68d844185a47e9fdc6adf68bb18155482e961d280be13bf2b64931681
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
31a95672d187364df635a94aa331ce84f8b2f8a18f7f1547aca21b1b34277b21
43c64881a0b9eb5f2069c474af58c46a6bacb1058aad311de7117f36c07b4c0d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6ccea44a796af8ad958145c84c7dbbf6e0d7e9d06dfff9187717397ac0ce
4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da
55de0efcb5f0f24a8a4a576caaab1cc15e664e92cdc3acdf62c177f439218785
70dfca4a399134b35240c827468d5c5f701865e04104f7cf209e3f9572ab1f85
781fc24f9f38eb379326a33a232463e33d9ce0f4f4d22ca4906e04a819d6f4df
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98
8ad87d622ea0817487dea2435dea7426391a986bcf94901aa38df6562da28a36
980033b7b56674d053655bdcfca7b5db49f6305b5fd5654ed9fd18eb324ad81e
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
b331d8cfdf7d80600c17408ce244f8c32026cb8636d36fb112ec6bd392fa5b33
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
bfbd1ad70b74114845499f31bf8741d5f6591121218594683aa9e743a8c308f8
c5d20b6efa1fc2e955ba990456327b0568e2b1b1ace175dcdb90c84b7a221390
d0f0d8a7dd574aa4a56bbd553faf7ebff90d38249275195e5abe5e9b02cfdf20
e64100e08c53608c5bb9b424b788a4376a09706ad0bbce0d8fb75622952a5960
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
f2807363e414bd864292a9555556ce345e6046bb2c9eb090586c96848dc200a5
f5dd70e5fbbf061c09f4637e8494a9965ce64fdaa8c00c0f6e3165f6ab354aa9
f7dc66a8ff71c7f96c5fb62f4153f69f5348c64df9cfd083684d7cb317c4f986