URL: https://www.mandalastaffsupport.org/
Submission: On September 19 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 59 HTTP transactions. The main IP is 172.67.176.110, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandalastaffsupport.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time www.mandalastaffsupport.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 172.67.176.110 13335 (CLOUDFLAR...)
2 142.250.184.234 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
4 142.250.185.228 15169 (GOOGLE)
7 104.75.88.126 16625 (AKAMAI-AS)
4 142.250.184.227 15169 (GOOGLE)
6 142.250.185.99 15169 (GOOGLE)
2 172.217.16.142 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
59 10
Domain Requested by
31 www.mandalastaffsupport.org www.mandalastaffsupport.org
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.mandalastaffsupport.org
www.gstatic.com
www.google.com
3 api-public.addthis.com s7.addthis.com
3 s7.addthis.com www.mandalastaffsupport.org
s7.addthis.com
2 www.google-analytics.com www.mandalastaffsupport.org
www.google-analytics.com
2 fonts.googleapis.com www.mandalastaffsupport.org
1 m.addthis.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 maxcdn.bootstrapcdn.com www.mandalastaffsupport.org
59 11

This site contains links to these domains. Also see Links.

Domain
www.elegantthemes.com
www.wordpress.org
www.addthis.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-05 -
2022-07-04
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-30 -
2021-11-22
3 months crt.sh
www.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
*.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.mandalastaffsupport.org/
Frame ID: E639E89DD08E9E86C95FC85AE25DC3B2
Requests: 50 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D12097AA4760A84826C5A47CD789521C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 599DF5568BD4917E14C8FFF06AA8283E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Frame ID: 411AB1839F1FBF9A312F643CF95423CB
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Mandala Staff SupportFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

2192 kB
Transfer

5025 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.mandalastaffsupport.org/
47 KB
12 KB
Document
General
Full URL
https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd63cfe0e5e71ec261b4f4ea5ebeffd3b3418a1ebbd6fe4618e6ada7feae5f36

Request headers

:method
GET
:authority
www.mandalastaffsupport.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 05:11:51 GMT
content-type
text/html; charset=UTF-8
x-pingback
https://www.mandalastaffsupport.org/xmlrpc.php
link
<https://www.mandalastaffsupport.org/wp-json/>; rel="https://api.w.org/", <https://www.mandalastaffsupport.org/wp-json/wp/v2/pages/46>; rel="alternate"; type="application/json", <https://www.mandalastaffsupport.org/>; rel=shortlink
x-tec-api-version
v1
x-tec-api-root
https://www.mandalastaffsupport.org/wp-json/tribe/events/v1/
x-tec-api-origin
https://www.mandalastaffsupport.org
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTv5hvpFqaq5LlfFTardcIosnU2MQdeJc6Q%2FVV%2FUc4ptsm2u3k%2Bn7N3k9d2ekjuC5JfKNJ8u3xmYgOU%2BpuEi%2BSELSoPb44k%2BcH8EPSfUD%2FuJHEHQLvGLJ81QGDF3O27EMO6AGfj4Op5BDDeiT0w%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
691050cecf1e65bc-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
www.mandalastaffsupport.org/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:53:35 GMT
server
cloudflare
etag
W/"1344c58-e33b-5c323a94c2a30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctRiA97zAvGE23NPnH9rvNQpYIlSkHu3zW0nn0sFKqp%2FhS65p5tsw%2F3L15cU02uqNyBsYJ5LnlY3G3BLPLH6WEQ5rYYgpicVJ2p9%2FlgtxnnHIXkgYkiiT0WAxqSsM6L9PQIGdKIueBEU7xtXmLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8065bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
recent-episodes.css
www.mandalastaffsupport.org/wp-content/plugins/seriously-simple-podcasting/assets/css/
1 KB
694 B
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-content/plugins/seriously-simple-podcasting/assets/css/recent-episodes.css?ver=2.9.1
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44acc8179f7cc12787ca692b04b8ac38c7c3d180e97b9f2989f11b249cd37e30

Request headers

:path
/wp-content/plugins/seriously-simple-podcasting/assets/css/recent-episodes.css?ver=2.9.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Sep 2021 18:57:21 GMT
server
cloudflare
etag
W/"12c044d-543-5cbf926c63748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cS53ALIygQLwmwi4M85zk1h0AYQgEQNp45LvnVMfTpqiXdvDMb4psNjFWf5vSEwBWKQin%2B8EQT2YTZNx3m2SEcTizEO6NVf%2BeqtNXcri6HYjAktrNaphr%2F6XE48rFYHamcwcLffImvj1fXK8A8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8165bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/
22 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
bea42db5db863288ac32fe5495c3afedb3dadddd8e84e659af52cd3ee97d248a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 03:19:44 GMT
server
ESF
date
Sun, 19 Sep 2021 05:11:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Sep 2021 05:11:51 GMT
style.css
www.mandalastaffsupport.org/wp-content/themes/Divi/
775 KB
80 KB
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-content/themes/Divi/style.css?ver=4.5.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6049610dda46d6231730d5207e0740c18b8c368367ca17e48567dad7877e8e

Request headers

:path
/wp-content/themes/Divi/style.css?ver=4.5.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:58:25 GMT
server
cloudflare
etag
W/"12c1d02-c1beb-5c323ba9cb4a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obuDqh3T2ONoD23AzQqCXT8lPnZHq9dBOWo5f8l%2BpOWxKPooRLHcy481mpXpDlEBGYYE%2B7BejcpZf7noo2aXw1Xztt4%2B2rdKFeiTGcxOQ5ri%2F%2BQa%2BhJS1V46SkdWTbokUEtEOcV6astm7DCkr%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8265bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cff-style.css
www.mandalastaffsupport.org/wp-content/plugins/custom-facebook-feed/assets/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.css?ver=4.0
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d00b4b9b7830289e7d240abdcbdb3b11c607bba3bcf88b55bd6448411c7506b

Request headers

:path
/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.css?ver=4.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Aug 2021 06:59:55 GMT
server
cloudflare
etag
W/"12c023a-58f3-5c9a7bf9f9f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B%2B%2FZY6%2FVh4dxNYeV5NkawQWCUiW6ElGZ97sQYe2ehkd6qXMCR6cBk8Eh1AWc2zNOe%2BZcv1jsqB4VHlY52hLJ%2F2UyGKuUUk7taaZHP1HsJPkHDwuOVHvyMRV6NNSY9P8JmVwjdsVqjN1Cs40ZU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8365bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
856054
cdn-cachedat
2021-07-24 08:09:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
34ac4989a171df63c3baf2870dcc032b
cf-ray
691050d50d85c4db-DUS
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
22 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=cyrillic%2Cgreek%2Cvietnamese%2Clatin%2Cgreek-ext%2Clatin-ext%2Ccyrillic-ext&display=swap&ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
bea42db5db863288ac32fe5495c3afedb3dadddd8e84e659af52cd3ee97d248a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 05:11:51 GMT
server
ESF
date
Sun, 19 Sep 2021 05:11:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Sep 2021 05:11:51 GMT
style.css
www.mandalastaffsupport.org/wp-content/plugins/easy-table/themes/default/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-content/plugins/easy-table/themes/default/style.css?ver=1.8
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28beb0cd39bf68e3fe5772eb87aed8038fe0faa288225b4099ca3668740006d5

Request headers

:path
/wp-content/plugins/easy-table/themes/default/style.css?ver=1.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Nov 2018 00:42:29 GMT
server
cloudflare
etag
W/"12c2285-c32-57b4a421443f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KH2J0pkX6mTja%2F1NFWucvsb5OdLDnDugGjEEhgK1Vu%2BJjxi9UoAxqo0FwzIbo7asKoFlbh8gGdKevHDhRvlJ0kN%2FlrRhewbZKewO6ITqsEisAAIHf%2FYyKA0a2lRbDVOXH5%2B2LF7n%2Fwdhf01LUwE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8465bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
addthis_wordpress_public.min.css
www.mandalastaffsupport.org/wp-content/plugins/addthis/frontend/build/
587 B
610 B
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

:path
/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:54:51 GMT
server
cloudflare
etag
W/"12c05cb-24b-5c323addbe798"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFFHRkX9AV6quP14l6P7TLqMdlLlrl8I1%2B6PcEvwzdvCgFw9JD5%2BP2I%2BOM5dqIAGbLrmn1deWNSiS9kAF18%2F4S1iXryAv2lmMzTPOcwbu9%2FVg7FtasPMgrB9sAdGSMJuhvoXF%2B3YfpdVR8UUmBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8565bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dashicons.min.css
www.mandalastaffsupport.org/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-includes/css/dashicons.min.css?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:53:35 GMT
server
cloudflare
etag
W/"13453f9-e688-5c323a94be3e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8LpYZxk7vWlJsVfFAzq5NMuiCa1nFmCDwgSOalbuKeQsIYMpTWT5g2HxvCHgYtT4%2FkFvkzNyJOr0Lnb5JO84baX3jvUeZ9tp8Rx4T3QgPG7PhNHxBjliCd6d0VpMClYr1ZgpQKz7UI0eVkpAK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8665bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
www.mandalastaffsupport.org/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:53:34 GMT
server
cloudflare
etag
W/"134310c-15d98-5c323a948fdb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1nNwpdZkyAzrZys0u0j9GzfR5Uc0ExmYjR1evzMPMByxROY7qu9acvVAYDKwPle6XZryGb6VXZGkKu%2FwPlbEzH1sRhySwqh29uk7kEg%2BOVZKQh9Jhber2fKx5kobnU0Lv0RdcCWr9jDwPCSKKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8765bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
www.mandalastaffsupport.org/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:53:34 GMT
server
cloudflare
etag
W/"13454e7-2bd8-5c323a948f9c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Oqmir%2FTQyvCztycZ53AjpwV7v%2Fap4tvS1%2BexkaR7u%2B3QS41KboLdf0xqURfffnLqB5qjPpM3H7s0HSzLqaNnUro7d9y5KW4vBRqENl3fCqkoL2zFX7ogsL%2BQ9KDv3Ry14T8fSHz3hXlmBafDlE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8965bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
api.js
www.google.com/recaptcha/
884 B
1018 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
73ddab2828934ca7ad67c54e087fe444d435ec776ac823d1b487ae9a845c433d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Sun, 19 Sep 2021 05:11:51 GMT
es6-promise.auto.min.js
www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/js/
7 KB
3 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b3a7e4265228a39bea0d22ac1aedb86219a7b521a831827f7f4579ca5ae4156

Request headers

:path
/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:58:25 GMT
server
cloudflare
etag
W/"12c1c93-1aa1-5c323ba9c2420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GJCHMjbSbHb69P67n9d9kFc6gnQghMPRQsWGnw59roPnr5O9KkBT4ZjKzFzf%2BDfixKbhvbrCA0hDf%2BdZv7zXAsraILeI1ytmRDqbWX4CbgYaw5lYlcGsnADqpXAkMg0dX3w%2BCHy0mPgSarIDr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d4eb8a65bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
recaptcha.js
www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/js/
2 KB
1 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f

Request headers

:path
/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:58:25 GMT
server
cloudflare
etag
W/"12c1c94-6a0-5c323ba9c2420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryR1SvcGI9iTCBSTuB%2B9sjA78Ny55%2F47H%2FQKnxz0cZBV0iSyUq9GOWmiHchOkwajGjiFUKLuFU19tUmbcgr11TlwcIB6Bsg0Rs1vzaMETzcmAmSzghDsx4QGAGpYVrOvnVWDLVF0KSknnKDaC74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d50b9e65bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-emoji-release.min.js
www.mandalastaffsupport.org/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:53:34 GMT
server
cloudflare
etag
W/"13454c8-3795-5c323a946ee58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSb3J1hxDt4T7YBedXFIb2ngiWgTj8O%2BqsmM4e5vs95MsGUcoMathR5e25JPiUE2K2DLhA6bXAoV4IGlRTrbkBS16FV7%2Fi1pUErYoOCVeeugQhvsMhBUC6gSzkH4FkFp1a5nQPWIYsCxPpII%2FJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050da2b04543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Sun, 19 Sep 2021 05:11:52 GMT
x-host
s7.addthis.com
content-length
116325
et-divi-customizer-global-16305581034036.min.css
www.mandalastaffsupport.org/wp-content/et-cache/global/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-content/et-cache/global/et-divi-customizer-global-16305581034036.min.css
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94140fa1b2b924b5b0dbe179468228685fc23eb6362b10a2603397695ae518c2

Request headers

:path
/wp-content/et-cache/global/et-divi-customizer-global-16305581034036.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Sep 2021 04:48:24 GMT
server
cloudflare
etag
W/"12c000c-29cc-5cafbe4954880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFIByJgb3tvRfT1CSkq6chnvPq0QGiJm35F8N6ZXAfbR5LJ8NYA%2FN54yvGypi%2BJugckfbZLnUng0NqwWoyKzWnt0iqjzCtqGu1pttWum7BWGVHHlDPDSXGIGASgy%2B4Az%2B3TXLgqfxQpzrB26DJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d578aa543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Logo_no-square-outline_not-bold_65.png
www.mandalastaffsupport.org/wp-content/uploads/2017/05/
11 KB
11 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2017/05/Logo_no-square-outline_not-bold_65.png
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c6257536c33a89685c658061e36c9c9b58eadb2cfb4cb0706f636f2bfdf516

Request headers

:path
/wp-content/uploads/2017/05/Logo_no-square-outline_not-bold_65.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
cf-cache-status
MISS
last-modified
Thu, 18 May 2017 11:29:43 GMT
server
cloudflare
etag
"1345350-2ace-54fcab89f77c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGiE0%2F6nfl32KUuVZcDqpweGth%2B%2FFDDmYft%2F2SMoVrPH2fcGhLNkfkZdANHcGvtLBH3F6X2%2BVWXr30ocpkwjUjoXxlmR%2BsZyJ%2FHEbyOMluMAPpGFpSnobtVSm8hjivEQAYx2%2FEUfFapxxgyvlT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050da2b05543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10958
beach-394503_640.jpg
www.mandalastaffsupport.org/wp-content/uploads/2015/10/
49 KB
50 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2015/10/beach-394503_640.jpg
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1828679dd90ba20573c57425d5fd327c233c9c465fbe49024aaaca61c17f41

Request headers

:path
/wp-content/uploads/2015/10/beach-394503_640.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
cf-cache-status
MISS
last-modified
Sun, 14 May 2017 05:32:25 GMT
server
cloudflare
etag
"13451a3-c3cf-54f7543740c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38M9%2F1RjpChkL8S9CO8CAWwhXM0zb35vVgKxfwHVRHRo%2F7%2FpqbqqnDOzsLMLNd2bkf7JqfmR1Zyi6Ge7F7tZEaZUzjnk1xz3G9Nr9KQOnXgfIm1GURfOR3MbDq5fYItkKbRvI5ued8XkrXVB5r4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050da2b06543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50127
startup-594090_640.jpg
www.mandalastaffsupport.org/wp-content/uploads/2015/11/
64 KB
65 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2015/11/startup-594090_640.jpg
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2728b89406fa84aa991ca9b49ad7e6c4c3370e4e82852b373ff6de144755a52c

Request headers

:path
/wp-content/uploads/2015/11/startup-594090_640.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4598
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65797
last-modified
Thu, 18 May 2017 05:41:54 GMT
server
cloudflare
etag
"13452de-10105-54fc5dcbbcc80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgNj4DJXLM3x28SMuFGhJzDivAI2dPF8NQvQBQvc%2B5OWJrzebcZp%2FOKOqza%2Br5kF4SOAvEJ2lZnyZXTc7Foh5wqXn2q6JgA3ouKuAv%2FSTLa9dB5AEY5blKHrm6BovRPIWGc2tZTdtRmTOXD4AWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
691050da2b07543a-LHR
technology-1095751_524.jpg
www.mandalastaffsupport.org/wp-content/uploads/2015/10/
44 KB
45 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2015/10/technology-1095751_524.jpg
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670bc18d702b6810b3eb3415cd910de14dd13eca75c18e96a9e088d680c95838

Request headers

:path
/wp-content/uploads/2015/10/technology-1095751_524.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
cf-cache-status
MISS
last-modified
Sun, 14 May 2017 06:58:22 GMT
server
cloudflare
etag
"13451c3-b09f-54f7676d59f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFO50CMmsZZ%2BoslIoDIE%2Fwx1jV%2FN2LsLV1zTcf0%2Fg0r8jMQuDbGdOus4KLXZ2E%2F%2FCeRHJjCxOY3aYbdk4q%2BRPF8oE5vTV0VUKSPBexQrXz00RjtpsSyaYZ4WjVcNgw%2Ffcbo%2FZ633fgg76TM5wnM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050da2b08543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45215
comment-reply.min.js
www.mandalastaffsupport.org/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-includes/js/comment-reply.min.js?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:53:34 GMT
server
cloudflare
etag
W/"1345485-ba8-5c323a9481350"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaDJ2V0RUuBYlanZmwC9Ydi3X2HE2tdT0ucqjBm84hypFro4EuyaOoStaOMzcpYBWC5fqJAPatQkm%2B0MDj%2B5RnKMKALimVjo7g3OSX7B0IOw8zxkcB4j%2BHPlTW%2B5xB87eP1uwHnW58pnP4XqpAU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d89a49543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
custom.unified.js
www.mandalastaffsupport.org/wp-content/themes/Divi/js/
395 KB
110 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-content/themes/Divi/js/custom.unified.js?ver=4.5.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
affb14c326a97c6b408e73eb8566d9a3ec706bd987a0a91ce19aa2e6cedf1f29

Request headers

:path
/wp-content/themes/Divi/js/custom.unified.js?ver=4.5.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:58:25 GMT
server
cloudflare
etag
W/"12c1d0b-62c48-5c323ba9cc448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCf77VrmTAl1A8cF2OJ1cH0pLFVHi27rys2IrqYQ6ZyVZLCG3xM%2BIIt%2F1mEhgve6WS7YMYz1eufI0kkpHhWPDiZN1eic9Hqk3asS2kjeYmvSKeqkalwNFaSCd4baKm%2FQvlgIWmntyC%2B3LtbW8PM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d9faeb543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cff-scripts.js
www.mandalastaffsupport.org/wp-content/plugins/custom-facebook-feed/assets/js/
53 KB
16 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.js?ver=4.0
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc228832932cd731235f3f4324b367a2cbbca769fb565dc638e4128002e16d8

Request headers

:path
/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.js?ver=4.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Aug 2021 06:59:55 GMT
server
cloudflare
etag
W/"12c022e-d497-5c9a7bf9f7488"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDzFZ03mudR7a%2BHoT3jRSIR2TkrbzTysowHbwWuMPjvPFC4%2BWCA0na4n%2BkY%2BtQoNk761s9NtT6n4K5HdgAsfK3pwYpR%2FqibXPZVfWWXI5QStVAANEqJ4G60a5GfOpmAPMMYCvAiwk1dzcaAobXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050da2b00543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
common.js
www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/js/
1 KB
1 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.5.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

:path
/wp-content/themes/Divi/core/admin/js/common.js?ver=4.5.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:58:25 GMT
server
cloudflare
etag
W/"12c1c95-550-5c323ba9c2420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHIcqyfPD%2Bz%2Bwj3mPieNlxTm8i1KinLb00iuvR6EKhN6VDAY2GwDpM6hL4nc8djDBpXA2B522oaAkuq0Dxy60RZW4V8OfS4Mz5QeLbtdcvSCl%2FOLby0hQPIzgl%2F6jUr7ZNrkJbDmmZb%2FGeeYSTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050da2b02543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
www.mandalastaffsupport.org/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://www.mandalastaffsupport.org/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:53:34 GMT
server
cloudflare
etag
W/"13454c5-592-5c323a94803b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nL3kHx%2BqrpgR0fg3ALBjPpefS4gr1iKcc0rduceubeMjrwO39PmgCfq9Grf3zT6YX%2BrKrcl80BkG8XBUXS5NtrroF9AwT6PaV6XpwE9%2B0VVw3J5eQ5AERs%2FjMcVE7Aaf%2B5DgsWeKjMf7hQS0qfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050da2b03543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
easy-table.css
www.mandalastaffsupport.org/wp-content/plugins/easy-table/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.mandalastaffsupport.org/wp-content/plugins/easy-table/css/easy-table.css
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/wp-content/plugins/easy-table/themes/default/style.css?ver=1.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d36cb1f367b1cba12226e24dc567fd9344bd4ead11593206474123317a5afba

Request headers

:path
/wp-content/plugins/easy-table/css/easy-table.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/wp-content/plugins/easy-table/themes/default/style.css?ver=1.8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/wp-content/plugins/easy-table/themes/default/style.css?ver=1.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Nov 2018 00:42:29 GMT
server
cloudflare
etag
W/"12c2292-988-57b4a42146330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuGTSQIlnMtQcYCJsYKbbaAYbXu%2BMkI7Dao7cxxMfqta5B5tUgCQzRo%2BvxZchIuKaolRUUfKojIV2ZzyiB4u2AAdAVLvy51BFPSisHh2K5C%2BiFtQnPQjS2AKVkXTsl3XrQgN5PeVxaXV2x4o4ZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050d69946543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/
342 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&ver=5.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandalastaffsupport.org/
Origin
https://www.mandalastaffsupport.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Mon, 19 Sep 2022 04:26:03 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mandalastaffsupport.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:26:58 GMT
x-content-type-options
nosniff
age
521094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:26:58 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mandalastaffsupport.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:10:42 GMT
x-content-type-options
nosniff
age
435670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:10:42 GMT
modules.ttf
www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/fonts/
90 KB
38 KB
Font
General
Full URL
https://www.mandalastaffsupport.org/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/wp-content/themes/Divi/style.css?ver=4.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

:path
/wp-content/themes/Divi/core/admin/fonts/modules.ttf
pragma
no-cache
origin
https://www.mandalastaffsupport.org
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/wp-content/themes/Divi/style.css?ver=4.5.3
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mandalastaffsupport.org/wp-content/themes/Divi/style.css?ver=4.5.3
Origin
https://www.mandalastaffsupport.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:58:25 GMT
server
cloudflare
etag
W/"12c1ca5-168f0-5c323ba9c33c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDZ4VDNmRyVAOjroiR%2BRDkb2%2BnPYha0FAj6rejIIUczAsTY0cNtbVnT77hy2leHTWbXdBcPw105%2BpjQiSLoCTe47CMetK8lFp8r9X%2BrmcXhuQJLaGE6Zfma2ypGMaOKyGXOpXLWuhJP52zcY%2Frg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691050da3b12543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mandalastaffsupport.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 17:43:29 GMT
x-content-type-options
nosniff
age
300503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 17:43:29 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mandalastaffsupport.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 05:03:27 GMT
x-content-type-options
nosniff
age
173305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Sep 2022 05:03:27 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1192
date
Sun, 19 Sep 2021 04:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 19 Sep 2021 06:52:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:52 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=51609
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1655539286&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandalastaffsupport.org%2F&ul=en-us&de=UTF-8&dt=Mandala%20Staff%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1345287570&gjid=387354443&cid=982377454.1632028313&tid=UA-71160106-1&_gid=1931164367.1632028313&_r=1&_slc=1&z=795945377
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandalastaffsupport.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 05:11:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mandalastaffsupport.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
300lo.json
m.addthis.com/live/red_lojson/
89 B
249 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6146c69850277bad&bkl=0&bl=1&pdt=1162&sid=6146c69850277bad&pub=wp-5180f85ae3ec4af3a0078f5deb327e32&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=www.mandalastaffsupport.org&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1632028313416&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-5180f85ae3ec4af3a0078f5deb327e32%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=6146c698a197b3d0000&skipb=1&callback=addthis.cbs.jsonp__37506853700039830
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46d0edd56c2160dbe9a168f63e03d252a533166887ba5ba82a96013ee21a5736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 05:11:53 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D120
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 599D
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mandalastaffsupport.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Sun, 19 Sep 2021 05:11:53 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
US-Sailors-and-Marines-deliver-food-aid-to-the-village-of-Jabouin-Haiti-Med-Large.jpg
www.mandalastaffsupport.org/wp-content/uploads/2015/10/
457 KB
458 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2015/10/US-Sailors-and-Marines-deliver-food-aid-to-the-village-of-Jabouin-Haiti-Med-Large.jpg
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
288eca39170023b1768cdd1440c5ef3cf2f74114f1322dbb9fbde8a839c715bd

Request headers

:path
/wp-content/uploads/2015/10/US-Sailors-and-Marines-deliver-food-aid-to-the-village-of-Jabouin-Haiti-Med-Large.jpg
pragma
no-cache
cookie
_ga=GA1.2.982377454.1632028313; _gid=GA1.2.1931164367.1632028313; _gat=1; __atuvc=1%7C38; __atuvs=6146c698a197b3d0000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
cf-cache-status
MISS
last-modified
Sun, 30 Apr 2017 06:43:14 GMT
server
cloudflare
etag
"134519c-725a5-54e5c9eef6480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpD8Kb7LEszFrVEdsY70wFHfqhr56D%2FY6eQOGazkrvryDzUCwrI8rK1x13UMQlwXNRY9Tn4GF50exLXSwqa1u%2BrgvRI73nrD%2FmAPsadDwngVxIPzaHrbRV94tDlG1I0HIkMh5wszjNWQzwrXTV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050defd9a543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
468389
anchor
www.google.com/recaptcha/api2/ Frame 411A
39 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
d7ea432791bab2f43cce4e0bfb457e9472b411460ab9d8c14d7f766f59aa9fd0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J0qWpg07mJNQ3g+VkQVbjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mandalastaffsupport.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 19 Sep 2021 05:11:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-J0qWpg07mJNQ3g+VkQVbjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20102
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
boy-60659_1280.jpg
www.mandalastaffsupport.org/wp-content/uploads/2015/10/
256 KB
256 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2015/10/boy-60659_1280.jpg
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1aa14be1e48ded3d14476d51ed3691e701b2d1a210ab159a1d2eb0f38dfd89

Request headers

:path
/wp-content/uploads/2015/10/boy-60659_1280.jpg
pragma
no-cache
cookie
_ga=GA1.2.982377454.1632028313; _gid=GA1.2.1931164367.1632028313; _gat=1; __atuvc=1%7C38; __atuvs=6146c698a197b3d0000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
cf-cache-status
MISS
last-modified
Sun, 14 May 2017 05:11:02 GMT
server
cloudflare
etag
"13451ae-3fec6-54f74f6fb0580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koJVzcBjuEjAj36QgFJfz75XOqOUb5yDk1yJbs15Pg2X5QS5LBD96EQ32cNa5O9sX2jaw2Q9fKYhg9TZfUicRfNn4dIOD87Ko3%2FZKXKSVvSPeNpLgWxvXFs4ukc7CpWUs2CEKM3qeeoYdlZkHHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050df1db1543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
261830
Kutupalong_Refugee_Camp_John_Owens-VOA.jpg
www.mandalastaffsupport.org/wp-content/uploads/2017/12/
265 KB
266 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2017/12/Kutupalong_Refugee_Camp_John_Owens-VOA.jpg
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e8aa61cc34beef7fea419fa3402172e223f355c1c89bddb49a506d2be3b084d

Request headers

:path
/wp-content/uploads/2017/12/Kutupalong_Refugee_Camp_John_Owens-VOA.jpg
pragma
no-cache
cookie
_ga=GA1.2.982377454.1632028313; _gid=GA1.2.1931164367.1632028313; _gat=1; __atuvc=1%7C38; __atuvs=6146c698a197b3d0000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2017 01:59:31 GMT
server
cloudflare
etag
"134161a-4253c-56093b3861080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4ceURpvJfZ39ITeuJz%2F%2FqmCBNmWwq%2BTwuH6Uz4zSqGlIHTPETgClkMmEfNXthyEHwHhETd6O1HvflqAVXdrMpjBNlwquQo6oGLk8%2BPzWtBH3elY5rJ8Gs%2FCXnwhvpYTngSug6QewYwQVeGUdmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050df1db2543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
271676
styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 411A
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 14:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 17 Sep 2022 14:03:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 411A
342 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Mon, 19 Sep 2022 04:26:03 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 411A
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 10:54:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
497868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 20 Sep 2021 10:54:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 411A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
417846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 09:07:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 411A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 12:19:54 GMT
x-content-type-options
nosniff
age
147119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Sep 2022 12:19:54 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 411A
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 19 Sep 2021 05:11:53 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Sun, 19 Sep 2021 05:11:53 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
reload
www.google.com/recaptcha/api2/ Frame 411A
29 KB
16 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
3dd5c912fea93a7d74e19a2d00d66466ed4580dc7d56494d7f1758b4293a948a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetOO0aAAAAAG5SWy0K9ufIgu8uNDRkyUx1C8yX&co=aHR0cHM6Ly93d3cubWFuZGFsYXN0YWZmc3VwcG9ydC5vcmc6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=qwaq71e93ses
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16403
x-xss-protection
1; mode=block
expires
Sun, 19 Sep 2021 05:11:53 GMT
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
shares-post.json
api-public.addthis.com/url/serviceapi/
2 B
273 B
XHR
General
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.mandalastaffsupport.org%2F
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.mandalastaffsupport.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.mandalastaffsupport.org/
last-modified
Sun, 19 Sep 2021 05:00:00 GMT
server
nginx/1.15.8
date
Sun, 19 Sep 2021 05:11:54 GMT
content-type
application/json
access-control-allow-origin
https://www.mandalastaffsupport.org
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/
34 B
292 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.mandalastaffsupport.org%2F&callback=_ate.cbs.rcb_bkk40
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ad9957e2b6a521433cfece65dba6b0c719478d6c17957632a9a02fce3a6335b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.mandalastaffsupport.org/
last-modified
Sun, 19 Sep 2021 05:11:53 GMT
server
nginx/1.15.8
date
Sun, 19 Sep 2021 05:11:54 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
54
shares.json
api-public.addthis.com/url/
34 B
292 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.mandalastaffsupport.org%2F&callback=_ate.cbs.rcb_9p550
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
5c7b10a621859bbab5b603308689acae04b38758c6d2e94b6cc117da11983c0e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.mandalastaffsupport.org/
last-modified
Sun, 19 Sep 2021 05:11:53 GMT
server
nginx/1.15.8
date
Sun, 19 Sep 2021 05:11:54 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
54
boy-60659_1280.jpg
www.mandalastaffsupport.org/wp-content/uploads/2015/10/
256 KB
0
Image
General
Full URL
http://www.mandalastaffsupport.org/wp-content/uploads/2015/10/boy-60659_1280.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1aa14be1e48ded3d14476d51ed3691e701b2d1a210ab159a1d2eb0f38dfd89

Request headers

:path
/wp-content/uploads/2015/10/boy-60659_1280.jpg
pragma
no-cache
cookie
_ga=GA1.2.982377454.1632028313; _gid=GA1.2.1931164367.1632028313; _gat=1; __atuvc=1%7C38; __atuvs=6146c698a197b3d0000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
cf-cache-status
MISS
last-modified
Sun, 14 May 2017 05:11:02 GMT
server
cloudflare
etag
"13451ae-3fec6-54f74f6fb0580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koJVzcBjuEjAj36QgFJfz75XOqOUb5yDk1yJbs15Pg2X5QS5LBD96EQ32cNa5O9sX2jaw2Q9fKYhg9TZfUicRfNn4dIOD87Ko3%2FZKXKSVvSPeNpLgWxvXFs4ukc7CpWUs2CEKM3qeeoYdlZkHHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050df1db1543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
261830
Kutupalong_Refugee_Camp_John_Owens-VOA.jpg
www.mandalastaffsupport.org/wp-content/uploads/2017/12/
265 KB
0
Image
General
Full URL
http://www.mandalastaffsupport.org/wp-content/uploads/2017/12/Kutupalong_Refugee_Camp_John_Owens-VOA.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e8aa61cc34beef7fea419fa3402172e223f355c1c89bddb49a506d2be3b084d

Request headers

:path
/wp-content/uploads/2017/12/Kutupalong_Refugee_Camp_John_Owens-VOA.jpg
pragma
no-cache
cookie
_ga=GA1.2.982377454.1632028313; _gid=GA1.2.1931164367.1632028313; _gat=1; __atuvc=1%7C38; __atuvs=6146c698a197b3d0000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer

Response headers

date
Sun, 19 Sep 2021 05:11:53 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2017 01:59:31 GMT
server
cloudflare
etag
"134161a-4253c-56093b3861080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4ceURpvJfZ39ITeuJz%2F%2FqmCBNmWwq%2BTwuH6Uz4zSqGlIHTPETgClkMmEfNXthyEHwHhETd6O1HvflqAVXdrMpjBNlwquQo6oGLk8%2BPzWtBH3elY5rJ8Gs%2FCXnwhvpYTngSug6QewYwQVeGUdmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691050df1db2543a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
271676
Logo_no-square-outline_not-bold_65.png
www.mandalastaffsupport.org/wp-content/uploads/2017/05/
11 KB
11 KB
Image
General
Full URL
https://www.mandalastaffsupport.org/wp-content/uploads/2017/05/Logo_no-square-outline_not-bold_65.png
Requested by
Host: www.mandalastaffsupport.org
URL: https://www.mandalastaffsupport.org/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c6257536c33a89685c658061e36c9c9b58eadb2cfb4cb0706f636f2bfdf516

Request headers

:path
/wp-content/uploads/2017/05/Logo_no-square-outline_not-bold_65.png
pragma
no-cache
cookie
_ga=GA1.2.982377454.1632028313; _gid=GA1.2.1931164367.1632028313; _gat=1; __atuvc=1%7C38; __atuvs=6146c698a197b3d0000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mandalastaffsupport.org
referer
https://www.mandalastaffsupport.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mandalastaffsupport.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:11:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10958
last-modified
Thu, 18 May 2017 11:29:43 GMT
server
cloudflare
etag
"1345350-2ace-54fcab89f77c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLPQNum1ozbm3kQdOuPuni4WydZDU4r088KxthJ4u3j7ne2KV%2FiQj2O0eFwwtiCUpb3BrZEJ9khpL2I1bbvRsCoxObX498p%2FY2Mh1cBvkYuWcmo6KH6msowTi5nC2%2FD9Rfjl6b5eGBzajnaD%2BNE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
691050e42991543a-LHR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster string| et_site_url string| et_post_id function| et_core_page_resource_fallback object| _wpemojiSettings undefined| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| ES6Promise object| et_core_api_spam_recaptcha object| etCore string| addthis_product string| wp_product_version object| addthis_share object| addthis_config object| addthis_layers object| addthis_layers_tools object| addthis_plugin_info string| cffajaxurl string| cfflinkhashtags string| GoogleAnalyticsObject function| ga object| tribe_l10n_datatables object| addComment object| DIVI object| et_shortcodes_strings object| et_pb_custom object| et_frontend_scripts object| et_pb_box_shadow_elements object| et_pb_motion_elements function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha boolean| __@@##MUH object| twemoji object| wp function| et_shortcodes_init function| Waypoint object| salvattore function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars object| ET_SmoothScroll boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized boolean| cff_js_exists undefined| cffAddMasonry function| cff_init function| checkConsent function| cffCmplzGetCookie function| addFullFeatures function| afterConsentToggled function| cffGetFeedLocatorDataArray function| locationGuess object| closure_lm_58653 object| $et_tooltip object| $et_learn_more function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len string| waypointContextKey

8 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ALWX7fussanmh7H9XL5hTdlS6bgGF4me_cX9SjKGi2W6CRczPN2_ARhiSXEoj7FMzOgFTJPXl1fOURc22afFjkQ
.mandalastaffsupport.org/ Name: _ga
Value: GA1.2.982377454.1632028313
.mandalastaffsupport.org/ Name: _gid
Value: GA1.2.1931164367.1632028313
.mandalastaffsupport.org/ Name: _gat
Value: 1
www.mandalastaffsupport.org/ Name: __atuvc
Value: 1%7C38
www.mandalastaffsupport.org/ Name: __atuvs
Value: 6146c698a197b3d0000
.addthis.com/ Name: uvc
Value: 1%7C38
.addthis.com/ Name: loc
Value: MDAwMDBFVURFUlAyMzAzMTg3NjAwMzAwMDBDSA==

2 Console Messages

Source Level URL
Text
security warning URL: https://www.mandalastaffsupport.org/wp-includes/js/jquery/jquery.min.js?ver=3.5.1(Line 1)
Message:
Mixed Content: The page at 'https://www.mandalastaffsupport.org/' was loaded over HTTPS, but requested an insecure element 'http://www.mandalastaffsupport.org/wp-content/uploads/2015/10/boy-60659_1280.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.mandalastaffsupport.org/wp-includes/js/jquery/jquery.min.js?ver=3.5.1(Line 1)
Message:
Mixed Content: The page at 'https://www.mandalastaffsupport.org/' was loaded over HTTPS, but requested an insecure element 'http://www.mandalastaffsupport.org/wp-content/uploads/2017/12/Kutupalong_Refugee_Camp_John_Owens-VOA.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-public.addthis.com
fonts.googleapis.com
fonts.gstatic.com
m.addthis.com
maxcdn.bootstrapcdn.com
s7.addthis.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.mandalastaffsupport.org
z.moatads.com
s7.addthis.com
104.18.11.207
104.75.88.126
142.250.184.227
142.250.184.234
142.250.185.228
142.250.185.99
172.217.16.142
172.67.176.110
2.18.235.40
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d36cb1f367b1cba12226e24dc567fd9344bd4ead11593206474123317a5afba
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2728b89406fa84aa991ca9b49ad7e6c4c3370e4e82852b373ff6de144755a52c
288eca39170023b1768cdd1440c5ef3cf2f74114f1322dbb9fbde8a839c715bd
28beb0cd39bf68e3fe5772eb87aed8038fe0faa288225b4099ca3668740006d5
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d00b4b9b7830289e7d240abdcbdb3b11c607bba3bcf88b55bd6448411c7506b
2e8aa61cc34beef7fea419fa3402172e223f355c1c89bddb49a506d2be3b084d
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3dd5c912fea93a7d74e19a2d00d66466ed4580dc7d56494d7f1758b4293a948a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44acc8179f7cc12787ca692b04b8ac38c7c3d180e97b9f2989f11b249cd37e30
46d0edd56c2160dbe9a168f63e03d252a533166887ba5ba82a96013ee21a5736
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c7b10a621859bbab5b603308689acae04b38758c6d2e94b6cc117da11983c0e
5cc228832932cd731235f3f4324b367a2cbbca769fb565dc638e4128002e16d8
5e1aa14be1e48ded3d14476d51ed3691e701b2d1a210ab159a1d2eb0f38dfd89
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
670bc18d702b6810b3eb3415cd910de14dd13eca75c18e96a9e088d680c95838
6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f
73ddab2828934ca7ad67c54e087fe444d435ec776ac823d1b487ae9a845c433d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b3a7e4265228a39bea0d22ac1aedb86219a7b521a831827f7f4579ca5ae4156
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
94140fa1b2b924b5b0dbe179468228685fc23eb6362b10a2603397695ae518c2
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad9957e2b6a521433cfece65dba6b0c719478d6c17957632a9a02fce3a6335b2
ae1828679dd90ba20573c57425d5fd327c233c9c465fbe49024aaaca61c17f41
affb14c326a97c6b408e73eb8566d9a3ec706bd987a0a91ce19aa2e6cedf1f29
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
bea42db5db863288ac32fe5495c3afedb3dadddd8e84e659af52cd3ee97d248a
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ce6049610dda46d6231730d5207e0740c18b8c368367ca17e48567dad7877e8e
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d7ea432791bab2f43cce4e0bfb457e9472b411460ab9d8c14d7f766f59aa9fd0
dd63cfe0e5e71ec261b4f4ea5ebeffd3b3418a1ebbd6fe4618e6ada7feae5f36
f0c6257536c33a89685c658061e36c9c9b58eadb2cfb4cb0706f636f2bfdf516
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62