mandynotes.com Open in urlscan Pro
2606:4700:3034::6815:2aa Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mandynotes.com/
Submission Tags: phishingrod
Submission: On August 18 via api (August 18th 2024, 1:21:09 am UTC) from DE — Scanned from DE

Summary HTTP 116 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 14 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3034::6815:2aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is mandynotes.com.
TLS certificate: Issued by WE1 on July 13th 2024. Valid for: 3 months.

This is the only time mandynotes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3034::6815:2aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	104.199.210.210 104.199.210.210	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:206... 2600:9000:206f:2c00:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 31	172.67.129.122 172.67.129.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:b200:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	34.102.239.73 34.102.239.73	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.12.34 34.111.12.34	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
2	34.111.137.131 34.111.137.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
3	34.102.218.41 34.102.218.41	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.150.21 34.107.150.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
1	35.229.142.89 35.229.142.89	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.96.83.10 34.96.83.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.194.212.25 35.194.212.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.160.218.201 34.160.218.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
116	25

20 2606:4700:3034::6815:2aa (United States)

ASN13335 (CLOUDFLARENET, US)

mandynotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.210.210 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.210.199.104.bc.googleusercontent.com

vawpro.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:2c00:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 172.67.129.122 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mandynotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:b200:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0771c812-c374-4849-850a-208b06299b95.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.239.73 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 73.239.102.34.bc.googleusercontent.com

t.daexauto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com

ad.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.137.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.137.111.34.bc.googleusercontent.com

vahfront.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

10559160.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11009166.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com

ecs.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com

uec.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.229.142.89 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.142.229.35.bc.googleusercontent.com

iptoweather.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com

event.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.212.25 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.212.194.35.bc.googleusercontent.com

pt0.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.218.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.218.160.34.bc.googleusercontent.com

ttd-cm.tagtoo.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	mandynotes.com 1 redirects mandynotes.com	3 MB
22	gstatic.com fonts.gstatic.com	2 MB
11	tagtoo.co ad.tagtoo.co — Cisco Umbrella Rank: 222829 ecs.tagtoo.co — Cisco Umbrella Rank: 176779 uec.tagtoo.co — Cisco Umbrella Rank: 257124 event.tagtoo.co — Cisco Umbrella Rank: 189491	83 KB
8	vm5apis.com vawpro.vm5apis.com — Cisco Umbrella Rank: 406289 man.vm5apis.com — Cisco Umbrella Rank: 410502 vahfront.vm5apis.com — Cisco Umbrella Rank: 481842 iptoweather.vm5apis.com — Cisco Umbrella Rank: 421322 pt0.vm5apis.com — Cisco Umbrella Rank: 421887	20 KB
6	doubleclick.net 2 redirects 10559160.fls.doubleclick.net — Cisco Umbrella Rank: 467544 ad.doubleclick.net — Cisco Umbrella Rank: 210 11009166.fls.doubleclick.net — Cisco Umbrella Rank: 475143	2 KB
5	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 86773 0771c812-c374-4849-850a-208b06299b95.t.ssp.hinet.net	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	363 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	daexauto.com t.daexauto.com — Cisco Umbrella Rank: 317811	1 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 4519 pixel.wp.com — Cisco Umbrella Rank: 4225	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	67 KB
1	tagtoo.com.tw ttd-cm.tagtoo.com.tw — Cisco Umbrella Rank: 362714	161 B
1	lndata.com cm.lndata.com — Cisco Umbrella Rank: 145642	470 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
116	14

	Domain	Requested by
51	mandynotes.com	1 redirects mandynotes.com static.cloudflareinsights.com
22	fonts.gstatic.com	fonts.googleapis.com
6	event.tagtoo.co	ecs.tagtoo.co
4	t.ssp.hinet.net	man.vm5apis.com t.ssp.hinet.net
4	www.googletagmanager.com	mandynotes.com www.googletagmanager.com
3	ecs.tagtoo.co	ad.tagtoo.co ecs.tagtoo.co
3	region1.google-analytics.com	www.googletagmanager.com
3	man.vm5apis.com	mandynotes.com man.vm5apis.com
2	11009166.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ad.doubleclick.net	mandynotes.com
2	10559160.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	vahfront.vm5apis.com	man.vm5apis.com
2	t.daexauto.com	man.vm5apis.com t.daexauto.com
2	fonts.googleapis.com	mandynotes.com
1	ttd-cm.tagtoo.com.tw	uec.tagtoo.co
1	pt0.vm5apis.com	man.vm5apis.com
1	0771c812-c374-4849-850a-208b06299b95.t.ssp.hinet.net	mandynotes.com
1	iptoweather.vm5apis.com	man.vm5apis.com
1	uec.tagtoo.co	man.vm5apis.com
1	cm.lndata.com	mandynotes.com
1	ad.tagtoo.co	man.vm5apis.com
1	pixel.wp.com	mandynotes.com
1	static.cloudflareinsights.com	mandynotes.com
1	stats.wp.com	mandynotes.com
1	vawpro.vm5apis.com	mandynotes.com
116	25

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
iseeu.tw
www.facebook.com

Subject Issuer	Validity	Valid
mandynotes.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.vm5apis.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-30` - `2024-11-29`	a year	crt.sh
man.vm5apis.com Amazon RSA 2048 M03	`2023-12-31` - `2025-01-27`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.t.ssp.hinet.net	`2024-03-11` - `2025-03-11`	a year	crt.sh
t.daexauto.com WR3	`2024-07-25` - `2024-10-23`	3 months	crt.sh
ad.tagtoo.co WR3	`2024-06-27` - `2024-09-25`	3 months	crt.sh
*.lndata.com GeoTrust G5 TLS RSA4096 SHA384 2022 CA1	`2023-12-04` - `2024-12-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
ecs.tagtoo.co WR3	`2024-07-29` - `2024-10-27`	3 months	crt.sh
uec.tagtoo.co WR3	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.tagtoo.co Go Daddy Secure Certificate Authority - G2	`2024-04-29` - `2025-05-31`	a year	crt.sh
*.tagtoo.com.tw Go Daddy Secure Certificate Authority - G2	`2024-04-14` - `2025-05-16`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://mandynotes.com/
Frame ID: 008FF6BADC6EEE6F962D936DBFC982C5
Requests: 109 HTTP requests in this frame

Frame: https://man.vm5apis.com/dist/persistentID.html
Frame ID: BEF82014D80F8DBE44C8DC56E1DFE4DF
Requests: 1 HTTP requests in this frame

Frame: https://10559160.fls.doubleclick.net/activityi;dc_pre=CJb0vYuw_YcDFWWHgwcdyvooAA;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=844612377;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181773707za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 269153DA9E23F72770ACC1B3B7FD37AD
Requests: 1 HTTP requests in this frame

Frame: https://11009166.fls.doubleclick.net/activityi;dc_pre=CPvYw4uw_YcDFdChgwcdjg86Ew;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=481459821;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181783534za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: AF3E2DDEBF2FC6B511E82A35410E9483
Requests: 1 HTTP requests in this frame

Frame: https://t.daexauto.com/main.html?partner=vmfive&member=01916312-c906-7b13-aa41-ca3d9ae46ca1
Frame ID: 999DCEF7ECC933A8B5F38D95662129B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

曼娣慢慢遊

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

116
Requests

99 %
HTTPS

32 %
IPv6

14
Domains

25
Subdomains

25
IPs

3
Countries

4920 kB
Transfer

6850 kB
Size

20
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/p/CfZVee7vot2/
Title: #소소한일상_맨디 願你往後的人生如

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CeqPpQVvneQ/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cd7RwolvsyN/
Title: 不能只有我看到😍 原本想說疫情趨緩

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cdycctdvx0g/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tv/CdSdaVQjFsm/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CdMAj_uPx1_/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mandy.twkr/
Title: 在 Instagram 上追蹤

Search URL Search Domain Scan URL

URL: https://iseeu.tw/
Title: 金城事務所

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mandy.twkr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=844612377;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181773707za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
https://10559160.fls.doubleclick.net/activityi;dc_pre=CJb0vYuw_YcDFWWHgwcdyvooAA;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=844612377;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181773707za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F

Request Chain 88

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=481459821;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181783534za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
https://11009166.fls.doubleclick.net/activityi;dc_pre=CPvYw4uw_YcDFdChgwcdjg86Ew;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=481459821;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181783534za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F

Request Chain 112

https://mandynotes.com/favicon.ico HTTP 302
https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mandynotes.com/ 127 KB
31 KB 1270ms
1173ms Document
text/html 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1095a0dc24ac6b09e364cb1c5fcf33117026d836a663b928cd03a8d284301e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b4e159d6fba1909-FRA
content-encoding: br
content-type: text/html
date: Sun, 18 Aug 2024 01:20:59 GMT
last-modified: Fri, 16 Aug 2024 03:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bEya%2BtZ4tKRZFhWRrnbTAN%2Fe1wXrCEuzKAgQJqOJVTLyibGH8mAcKnKfzsHsI%2Br8PoxUqMudw%2BbuCDrFxGGC8pB2zRCM%2FxXU129lwweAm6U0FWEHAGbp%2BzMk1Ws0vJOf2DPfjjuWHUlifb%2BdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
x-content-type-options: nosniff

GET
H2 200 global.css
mandynotes.com/wp-content/uploads/blocksy/css/ 17 KB
3 KB 943ms
940ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/uploads/blocksy/css/global.css?ver=71386

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3d4bb4913fdc7167a981be1d8f47aa0e110fab5ec0fdd39ae6208cebe7f966a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Aug 2024 01:23:06 GMT
server: cloudflare
etag: W/"66bea9fa-446b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WdkaTcBJPHPqodAmV%2FBqqCKBW%2FBP%2Bgs3l1xPAFwHYZXBYNjc%2Fyvy6%2FpgtYDs%2FWz%2F%2BWeS1AOiymSVarcq1AY29BWxyggChf2Q3M24QYMttdjj8WdZ00p%2FdWw4%2B5eSnE%2BM32GOov01aUD1btWRtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cbfd1909-FRA

GET
H2 200 sbi-styles.min.css
mandynotes.com/wp-content/plugins/instagram-feed/css/ 45 KB
10 KB 957ms
954ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.5.0

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Aug 2024 05:10:58 GMT
server: cloudflare
etag: W/"66ac6a62-b5db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGZFrUdiZpBtCZlOYeStBAdChqqhwgU1RMNM5USxdwJvFZuCvm9CM%2BkV8G3MBtVZYpp4yhwH8MgTa6473O3LahR%2BZl0ghXl8tvKAgDqEOXOWRnP4wyzVxroF41oiRCwsuB4WPGLTo%2Fkj%2FxOmOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cbff1909-FRA

GET
H2 200 style.min.css
mandynotes.com/wp-includes/css/dist/block-library/ 110 KB
16 KB 948ms
945ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jul 2024 19:33:20 GMT
server: cloudflare
etag: W/"66a00580-1b723"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JaFcoxBGkmzb9aq52M%2FvGpPaGuhPSesWFgpoqI%2BKYA7Ro02UeLQsXY31LcHkXEaFSh7hq711rMTFD1%2FZUF6eFIZp%2FOAMQ8MsldN8b3L08ldoYYIayDm20sRLSjPkjggA2v%2Fsr969J1sXCvlYvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc001909-FRA

GET
H2 200 mediaelementplayer-legacy.min.css
mandynotes.com/wp-includes/js/mediaelement/ 11 KB
3 KB 929ms
927ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: cloudflare
etag: W/"5f735862-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GLlIwDfgQyNcQNbRS0uEZXiwoiOMFu2QjvCnC5EjFGSq6b6l%2FfLIezI6JC%2F9bBQWd24vr07uocYH1ueWxX%2F%2B2hFG7t%2FYhIU2FT51ly5GzFQknliyPheTid3%2BXA5Nz3eYKOJJFGkRWIYzsqCxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc011909-FRA

GET
H2 200 wp-mediaelement.min.css
mandynotes.com/wp-includes/js/mediaelement/ 4 KB
1 KB 931ms
929ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: cloudflare
etag: W/"5cfaccce-105a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TxJ9OkkyIut%2F4SfrtYLjMqn9Sf1heeSeAcXYiIh0D8x%2FYYO8DCwoJDM9gdUp5qbFEJsOXLrD7StK6sQwmVyWjuoolOdgxZLYgxB6%2BZXuRXTW16OvFZrVFiB7%2BPGL1d6pXtlqHKrnhUGN73QFnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc021909-FRA

GET
H2 200 style.build.css
mandynotes.com/wp-content/plugins/block-options/build/ 19 KB
3 KB 945ms
943ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/block-options/build/style.build.css?ver=new

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 May 2024 04:33:50 GMT
server: cloudflare
etag: W/"6656b02e-4d66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZACuBSdMaGUZ%2B75WcWfrD4qhnsFCuhjZ2UM%2BiSXEI1xgYsp707sIIk4BM%2F2i8ZVhs75QRDrIwGKuxvbkoHF0bsstM%2BYvjRTIw0wNtWTuDDhX6ykrq5Cojq5jsV4jdf8sch8vudLnEKa5OLsoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc031909-FRA

GET
H2 200 screen.min.css
mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/ 6 KB
2 KB 931ms
929ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.68.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6ae8dbff96469621efbc79f5d44c1f6d6c13460ed12e34e826af9b0308424aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Jul 2024 01:27:48 GMT
server: cloudflare
etag: W/"669db594-169f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sy%2Ba1aNqequ0ahfs4UeeDYQlwYz%2FLMzR93za44rxetOqXIg1B6I3zrJqJg8H8j7DNL92BVnyZORiTNU%2FowJL8cfsW1hyADqKl00i4xjZsHrCahKlwIElLZdMBxXdvvNrPGBzBesnYcLSzaqOMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc041909-FRA

GET
H2 200 main.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 101 KB
20 KB 950ms
948ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.62

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c715c2506c1f04747f9eac30dee38bc1c19220692c1089aeb0251010abebf122

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Aug 2024 01:23:02 GMT
server: cloudflare
etag: W/"66bea9f6-193d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sULJuKP3Z%2Bt3I8IDI16jml52kr3hbsDcqcBa5bjbaji%2FiQ%2F0vVpfk9aX57ClYG2cOy%2BcRpYMOsUL7vKwDFHBcnz8O3w0TdHpxzbFJRbsN7iNNKA619sumcDwxq3wRbsKGzrqxzRaylYNQvXy6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc051909-FRA

GET
H2 200 admin-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 4 KB
2 KB 947ms
945ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/admin-frontend.min.css?ver=2.0.62

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ea07d95b1aa9838c74582199385ff06912479f98fe96952c1c3d56fafec0e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Aug 2024 01:23:02 GMT
server: cloudflare
etag: W/"66bea9f6-f17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MU6r%2F1vbZ94cma4SoRfOHN7z81ORQyH0Sh6fFxDsAa41K8yWdqyaHl%2BQWE%2BbLCyt7WpJ5rPsaSqR0eiJjvZaBmqfLXxnqGtlAOocH1bfGKDC7j1tI%2BI0CllkhR3ksVWhUeAWflhPj%2FbUxbqPKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc061909-FRA

GET
H2 200 elementor-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 1 KB
738 B 944ms
943ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=2.0.62

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4a584febc734009548e91f8b2893134067670373bf5b3254922d48c58388f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Aug 2024 01:23:02 GMT
server: cloudflare
etag: W/"66bea9f6-5ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQoiq5XsKYNHELssQzAAy6F7kKR9haMuRLQrRSFpUlsKkYqyhFsZYu6Mjfs6NhM%2F0t1uV3WojJZR8aXbf32YRZltGSr4fj1sw5gnh7CCwIO4iBzc%2BsylWvG%2Bg5BGbNSAluWqYsaGMgcFwUPTlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a4cc071909-FRA

GET
H2 200 sidebar.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 3 KB
1 KB 988ms
987ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/sidebar.min.css?ver=2.0.62

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662bc6c35380d82750184891575463f18908e477c17fdcb380d85e45e5c2fa07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Aug 2024 01:23:02 GMT
server: cloudflare
etag: W/"66bea9f6-c98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZRfiEr1Hgn3wuc7xtxpxT3BNNuekmsYeWjwwHnQkAi6Gs%2FzGpk%2BN0MCzxEBHK3w8W1qn7kt3Wwl8Os6nBfIVm2yRigNuJwv3wQJYOyEAdj4ayTHyPc8BErrDAAqImx6rjOkJf5MOKX8KK4tfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a50c221909-FRA

GET
H2 200 style.css
mandynotes.com/wp-content/themes/blocksy-child/ 1 KB
1 KB 988ms
986ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy-child/style.css?ver=6.6.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 13:03:54 GMT
server: cloudflare
etag: W/"6239c93a-59e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=540er2IZXrn6E%2B3mpqvXdqpt64vk5%2B6aZeDPeu0VDjRuJvxFv7HSlIApauCjeU5ZjEU7ffZhqFQyPYvXvzQT8GLa3W3y8dQBCHwFBzpx0CRxaDNb7pvBgYsVsSyQhZFDkbEii09E7h1iu01JIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a50c231909-FRA

GET
H2 200 css2
fonts.googleapis.com/ 237 KB
66 KB 142ms
53ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33f787bcb784b24167f78596209dd7c333f1aa2e07aaedbf73bf34a265ad936b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 01:20:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 01:20:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 01:20:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
854 B 136ms
47ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 01:20:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 00:15:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 01:20:59 GMT

GET
H2 200 font-awesome.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 53 KB
13 KB 975ms
974ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d474b00ed0fe9653738bd11c834b13efa13c59a76ad4be016e8b3f5a68173d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-d43c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxe28RVEtBCE6dMbODW3T5uzcWgtI%2F9DJ%2BwvElpfp1QA1rX56IEhhcQZQlXGYOY2jTzhGRzviBWjXJPl2%2BNp4FjbrJvfPbi23FhDcE8hw0kd2%2BWUl8%2FcV5aKlEv3qE3q3uxiCmWKMJbMVenCEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a50c241909-FRA

GET
H2 200 mystickyelements-front.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 197 KB
17 KB 987ms
986ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/mystickyelements-front.min.css?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f702e0afa9b8e706566fb43b8a20274d5e0e77fe79c329db743f3ed0acf7bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-31391"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aw1It0mc7hozGWPtlO%2FAgf6a3yS%2FWbCi0tPnWgjvvUbnxdSW0CWCxBdzK3OO85wjdMl%2BU1AVqFKB5VawNmr4s5XzvUlaQKXSQCQbHwHt7LWaLjBa%2B3LwKf7C2VsYdTVe5NDKojRpTtoOgxLJXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a50c251909-FRA

GET
H2 200 intlTelInput.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/ 26 KB
4 KB 983ms
982ms Stylesheet
text/css 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/intlTelInput.css?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-6659"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ps6FQLyQIvmf8Ov1dI%2FlDxYMxySFpxdM3IW%2BrWbOxu57rSBIEN5aEYn%2Bj6xgPqNk3yp2ROKIKEGQv1sPaIPshJCf7qAE%2FFaXQLEBXaV7nWysoYbBAhmGIh79akj%2Ff2WG%2F1%2F0tB3ysU2tJ8%2B5ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b4e15a50c271909-FRA

GET
H2 200 jquery.min.js Show response
mandynotes.com/wp-includes/js/jquery/ 86 KB
31 KB 1004ms
1003ms Script
application/javascript 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 14:19:26 GMT
server: cloudflare
etag: W/"654cea6e-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnOtBlXsWv%2F6NUiFsITpC5XJ8%2F78VGmyC17QHPBFpFZpkLroIhpLWRqh%2FAUPx4O8jTzf1i3ZSJlo1hbY%2Bb7W5i7tHmANtvHsZERKX924Rt1yMMb2cTJu%2Big%2BSd8buGCHBoGl8YOs%2FHpKIoTzzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15a50c281909-FRA

GET
H2 200 jquery-migrate.min.js Show response
mandynotes.com/wp-includes/js/jquery/ 13 KB
5 KB 966ms
965ms Script
application/javascript 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 11 Aug 2023 09:16:57 GMT
server: cloudflare
etag: W/"64d5fc89-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdxLEqcujtqzrIGkBVl2olbXM4jlMic2UJ40ctcvzlhwo%2BCIp8oL5iTQo%2BMUic1xO6%2FpGJtTfg%2BE0ghacrzrHzEy6r3ki9Zu2FmsOINq9oK18szIo1QnUrCbI5XrWvRHLVa8Nq%2Bo4EiV%2FmKb5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15a50c2a1909-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
103 KB 143ms
58ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66b908e7a75667d61ddf22a47c47faa3a15076d2fe49f504f2171664bdfeaccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 01:21:00 GMT

GET
H2 200 banner.jpg
mandynotes.com/wp-content/uploads/2024/05/ 313 KB
314 KB 1213ms
1212ms Image
image/jpeg 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2024/05/banner.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da28e136f7d61d01bd37c87e15a28707280fd57d7bf2d6e53f100f78deed8240

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 320948
last-modified: Thu, 23 May 2024 03:36:10 GMT
server: cloudflare
etag: "664eb9aa-4e5b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vIoM2%2F5i2ZzC0kDBJgmM83OcZmm%2BMla0D9mdg25%2FLJrdg4YpN8oUh81IWM%2Fr3rdsidHVlLEdR2qgE8MhnOBCem5m4gGUCtuVSM5sGqFm7i1iwN4x7TWrE%2BdGVu2GS0wbQTl5JYiWshqzMoOW9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15a50c2b1909-FRA

GET
H2 200 placeholder.png
mandynotes.com/wp-content/plugins/instagram-feed/img/ 176 B
488 B 965ms
965ms Image
image/png 2606:4700:3034::6815:2aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/img/placeholder.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 176
last-modified: Fri, 02 Aug 2024 05:10:58 GMT
server: cloudflare
etag: "66ac6a62-b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8PmDmiP0N5U1H06ymXxSCksf0pXq3GmNfhSD%2FA7MChDIyq0fXT28uCkVhJInDdZ3jpY9AM1Tq7oophzHCXCit6yBo17XnJlRs5G9iox1eJRDmgiXidst4X1KMYXa4ptsfr3By55aKKG39EGVDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15a50c2c1909-FRA

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ 2 KB
1 KB 718ms
237ms Script
application/javascript 104.199.210.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

b3d334e08759f314ea604c9eb5a274daf1cbcc0c65a02367fed2e9b3bfefe55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 01:21:01 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.19.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=3600
Connection: keep-alive

GET
H2 200 VPT_mandynotes.js Show response
man.vm5apis.com/dist/iseeu/ 227 B
604 B 1157ms
996ms Script
application/javascript 2600:9000:206f:2c00:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2c00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d77cf458924e835fafe8349c276260d7b967432ad9baef8f4f3761d34cf1bd98

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 06:58:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "28463c3ff22f52e432d9da448ee83142"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 227
x-amz-cf-id: bl0m-_vaaYrzQ4MXxPbwCXZlupvxGZszFG6qxVanwvlVBHmtLx_rhQ==

GET
H3 200 main.js Show response
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 32 KB
10 KB 937ms
935ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.62

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

325dec9f8e29eb5534af8aa6018a8ee4592ababbd79beefee45a884743a7e902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 9220
last-modified: Fri, 16 Aug 2024 01:23:02 GMT
server: cloudflare
etag: "66bea9f6-2404"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObKwmArNPiIGzQ787%2BpH0EM05WfUV7Y8y6fZyMXY1agMBJMCyId1DrLkoRkCWdNuMjRTVvU38IVK64POkVkaOYEkhmjSiEtf%2BtUPyjzsXtMi2%2BwM0rYqd5YWdimNxIQk2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15ab29e2694b-FRA
priority: u=2,i=?0

GET
H2 200 e-202433.js Show response
stats.wp.com/ 7 KB
3 KB 114ms
37ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202433.js
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113627.1218
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Aug 2025 05:11:28 GMT

GET
H3 200 intlTelInput.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/ 103 KB
23 KB 958ms
956ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/intlTelInput.js?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-19d8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PI%2BDWtYBMO6%2FpS2v3wJZjpcJH64lWNkKOD0AEAj%2B%2B%2FXXJr%2FABRiMTj9FhIqrhU6Yl7x4ZU6gM65%2FFBUK%2BCaLMfx1Gqy5afsHPnUx0mJ1Xc%2FDt0YFELWsAV5flm520%2Fw1Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15ab29e4694b-FRA
priority: u=3,i=?0

GET
H3 200 jquery.cookie.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 1 KB
1 KB 925ms
924ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/jquery.cookie.js?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-597"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hwe4T60lEgqFqF2akPlMG4BhroURN349KQiHQyk6DUWDChyzkESIFghbJ8BTVPxJ50GuGBZGphx93AgUI6Uroenbiyn4v098WUIIsNXt4LoSDY%2BRLvUhPnHiwcrDFyZdmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15ab29e5694b-FRA
priority: u=3,i=?0

GET
H3 200 mailcheck.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 11 KB
4 KB 933ms
932ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/mailcheck.js?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c9f123ebd16997f50d81cbc2a40c8e1553487704bc67f501853d87e4ee1a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-2c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cSFiup2oDH81rvVP3cjvPHHlcxV6D8IbnI0%2FsJI%2FVZXK6g6RoRqA3wkzrT%2BF8F6Q%2FATgg9%2BzN%2BfmO9HFP9iPNRO6Kj60FBZ4JLUchUkVqXEMyozXcle1x%2BIIaT8Mxm23g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15ab29e6694b-FRA
priority: u=3,i=?0

GET
H3 200 jquery.email-autocomplete.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 6 KB
3 KB 927ms
926ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/jquery.email-autocomplete.js?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

761094d3031de6fc0d32291fc06e2d5c7b63f8a82a017e7ade0811cc002092aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-1907"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rjpvd2dRRwsTXDnJsLtM79Jp91nhrUQsPvYkjiQ4b9dMPSliBnX9gnfbwrsmZORUukj%2FT%2FA1XtEsKpSt1K5r62VdAK1WPgjxX8LXRFLHEVgSbH6XGAbnB%2By%2FRmy9JQ4uzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15ab29e7694b-FRA
priority: u=3,i=?0

GET
H3 200 mystickyelements-fronted.min.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 35 KB
7 KB 928ms
927ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/mystickyelements-fronted.min.js?ver=2.1.9

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5096c33cab71936218b239093be00239e234a55a2574db288b1d7d9e99a2e5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: W/"66b5bacf-8ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjmUXCBZR8jBJWI7duY9LH5jMUcelR3Taj%2BIkwwSTpWmTU6uWfrBqsJQzegelUeZzi2X96b51wmIO5NrgkItaw0uxFgPd2KR97OxK67FgfQLVTkDBqnx1oHoNUvDZ2EbWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15ab29e8694b-FRA
priority: u=3,i=?0

GET
H3 200 sbi-scripts.min.js Show response
mandynotes.com/wp-content/plugins/instagram-feed/js/ 24 KB
7 KB 286ms
284ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.5.0

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2643c51b19a5077cdb0f6668711693937827cf82322c38a595441c13cd25164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Aug 2024 05:10:58 GMT
server: cloudflare
etag: W/"66ac6a62-613b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c86Zld%2BP1TX9XFPWAeeN%2BmnmXhFQeZNqQNMnJ0Dlf4yNFAA65xw0400S%2BzTiF%2FM9nA0JauLEPWNuPPoxXTqNPdudmKHtWTu6dP0WWloTXTWRPX2biRx6HYAptppi6kiUxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15ab29e3694b-FRA
priority: u=2,i=?0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 150ms
64ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://mandynotes.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:00 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8b4e15abbb283681-FRA

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BtnAOSA.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 32 KB
32 KB 173ms
81ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BtnAOSA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73c55149045e2877d3b9b3d2ca9f95bd89c12d63cb0e5268aead3ee556e604aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:00:27 GMT
x-content-type-options: nosniff
age: 386433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33140
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:33:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:00:27 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 46 KB
46 KB 322ms
230ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1260bad6a0367f33b2842651681b6ae1be4d39238f4aa225ddf4e84ea591b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:04:26 GMT
x-content-type-options: nosniff
age: 386194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46604
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:04:26 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 79 KB
79 KB 262ms
171ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8060fe3f342afa9bf5ee21944bf5b6001f411a56abf1437e375829733298b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:39:05 GMT
x-content-type-options: nosniff
age: 384115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80880
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:39:05 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 93 KB
93 KB 301ms
210ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd46aa80e742b7d2217d9833eff576b36ecb655e36779e2cee719037bcb3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:32:19 GMT
x-content-type-options: nosniff
age: 384521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95412
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:32:19 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 97 KB
97 KB 255ms
164ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0af6d036d8a3d23fba830e01be2ab4417f46a1310a89ed51fd467990f6784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:34:33 GMT
x-content-type-options: nosniff
age: 384387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99184
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:34:33 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.75.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 45 KB
45 KB 130ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.75.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0022da996fdaa7b79bccaf6990949826a6d62673b17958af739c6169fdb45134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 15:11:25 GMT
x-content-type-options: nosniff
age: 382175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45724
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:33:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 15:11:25 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 83 KB
83 KB 327ms
235ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

032840274c039cffcd7475916a14612cafc3caf54346a53263555c8fa2527c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:57:33 GMT
x-content-type-options: nosniff
age: 386607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85100
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:33:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:57:33 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 95 KB
95 KB 322ms
231ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb871acb2b4ed7a3457553c7fb35913f7518f21beafd9def816b7517039b7597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:04:49 GMT
x-content-type-options: nosniff
age: 386171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97040
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:04:49 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 95 KB
95 KB 236ms
144ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64b4e92b63be67ecb73bc8ebb98b2b625f2988185e96f31e8f4088bc59c433c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:23:15 GMT
x-content-type-options: nosniff
age: 385065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97084
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:23:15 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 93 KB
93 KB 247ms
155ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23e6c57561965841f2711b31c6b4c12b9e0d21cb4005b0a37835f8828e1dc63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:00:28 GMT
x-content-type-options: nosniff
age: 386432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95252
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:00:28 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 94 KB
94 KB 298ms
207ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8c5bc6aa8c2caca210a91ecb39d7fa9d7800ff4004e5b16e3fd11425af7627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:32:22 GMT
x-content-type-options: nosniff
age: 384518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96020
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:32:22 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.100.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 83 KB
83 KB 222ms
131ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.100.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2caa976bb925e8e1386b738ef7a8d427fcf1b1277e85f6c17b4b7e04f2736593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:01:56 GMT
x-content-type-options: nosniff
age: 436744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85332
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 00:01:56 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 113 KB
113 KB 316ms
225ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d91a60215242cd03796d14a8305b1d236cfb597f7a507ca68e525abf8cc83ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:24:50 GMT
x-content-type-options: nosniff
age: 428170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115784
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 02:24:50 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 94 KB
94 KB 327ms
236ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c051a70982d38a72b2f9da10d2b8abbd289e380de9b8426029912e6638e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:36:25 GMT
x-content-type-options: nosniff
age: 384275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96240
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:36:25 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 102 KB
102 KB 314ms
223ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9434642cf3899fea380a75d6a90c9f140b46331133497fba7d0338c74c44988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:09:23 GMT
x-content-type-options: nosniff
age: 385897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104304
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:09:23 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 86 KB
86 KB 205ms
114ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed53b44e95cac27ed87dd1c42ac52946be4e19c058ca7ea5e452ede5f76f9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:04:49 GMT
x-content-type-options: nosniff
age: 386171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87916
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:04:49 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.19.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 42 KB
42 KB 324ms
234ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.19.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c673304b9fb19cfa2187506d47af727bb3e0d2ff53a57b76c08defdd49bab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:49:29 GMT
x-content-type-options: nosniff
age: 383491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42904
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:33:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:49:29 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 89 KB
89 KB 304ms
213ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291233f564b5ee2404883da8e9e404e2e671026348ac3772775fb12e9eeab257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:22:44 GMT
x-content-type-options: nosniff
age: 385096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90812
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:34:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:22:44 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.69.woff2
fonts.gstatic.com/s/notoseriftc/v31/ 57 KB
57 KB 323ms
232ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v31/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.69.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1e74e10895a180f1757647f529dfeba8163ac4cb6a8fe33dbd900de95cdc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 15:09:29 GMT
x-content-type-options: nosniff
age: 382291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58376
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:33:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 15:09:29 GMT

GET
H3 404 DaiDaiSpa-768x576.jpg
mandynotes.com/wp-content/uploads/2023/03/ 4 KB
4 KB 1109ms
1108ms Image
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2023/03/DaiDaiSpa-768x576.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89b00889a90dddef9f06c3da98a503d6c69f45a868d3615a9ae309d94e94174

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OdAHVpwyXQDaQlJ%2FhmL4GnERKDzsWz0VWiIiWUhkP9x9oyBxFkZmYx0pEnJtIk5R7xH%2F8YRed7uy1Zsb0O5RQz0euDvSdbNxpSNoU8X0zt%2BYhclenx9r93EDlz%2BvzPCuLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 8b4e15ab7a0a694b-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=3,i
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 IMG_6926.jpg
mandynotes.com/wp-content/uploads/2022/04/ 365 KB
366 KB 1216ms
1215ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/04/IMG_6926.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 373783
last-modified: Mon, 11 Jul 2022 13:45:39 GMT
server: cloudflare
etag: "62cc2983-5b417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wwcZaKgs%2FofQ%2B5qfYn0UiDmtiFAM2ainl6wstYSLt9DzNJPDrUd7BD0iOaw0TNRbE8nAPjbXgMNhGWaljZKNc6NieAXCWnkTbFyynpuHOy3NEUdvC%2BhC0110bkcjTdMOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15ab7a0b694b-FRA
priority: u=3,i

GET
H3 200 IMG_5639.jpg
mandynotes.com/wp-content/uploads/2022/03/ 295 KB
296 KB 388ms
387ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/03/IMG_5639.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 302535
last-modified: Tue, 29 Mar 2022 09:15:57 GMT
server: cloudflare
etag: "6242ce4d-49dc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNLVe7oM%2FACnzMEbTLuFsxEw6YEfwp2gUtF5sAS91cYEOAWG3vM2SLSmQ3%2BM7vkCycd9iyeTW030DXZ2Z%2B%2F2ge3697hgJF5PoqYSxKmOc5o0%2BYKvtdGMe79F4mSiNGvhfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15ab7a0c694b-FRA
priority: u=3,i

GET
H3 200 %E5%B0%81%E9%9D%A2.jpg
mandynotes.com/wp-content/uploads/2022/02/ 256 KB
257 KB 1178ms
1176ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/02/%E5%B0%81%E9%9D%A2.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 262326
last-modified: Tue, 29 Mar 2022 09:15:54 GMT
server: cloudflare
etag: "6242ce4a-400b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2B8PAd7GaiaKJn57MGpYoZTQch55ZL14Pu4Pvyh4ZhwkEZqLaYUazWTTKoJFTp1I9Q5jF8FGl07%2FLfvmCtntGGb1a4GnAULb56Mur64chNjBkmUqgt3OWRXYkzvXpUjvcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15ab7a0e694b-FRA
priority: u=3,i

GET
H3 404 IMG_2405-scaled.jpg
mandynotes.com/wp-content/uploads/2021/12/ 17 KB
17 KB 1106ms
1104ms Image
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/IMG_2405-scaled.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7782defc74d9bb0d13dee7777daddf521b96c27bccc2775f22f87085ab4a1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45xmKdTP4M0spLF7dK24uOFnhWnt1NpIHP7gge8WZdUGWYUD8Ti%2F9AbpySKzVLCw4gpl7WnvDnEsGxwDBHAYYfIjSuRmciAY4xVWg7CsRYZMh9qADztFyzcaC7dwFJLzrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 8b4e15ab7a0f694b-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=3,i
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 83C0059A-5613-44A9-890B-A0D8E8CCCB45.png
mandynotes.com/wp-content/uploads/2021/12/ 233 KB
233 KB 1207ms
1205ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/83C0059A-5613-44A9-890B-A0D8E8CCCB45.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb60d5c2779ad34d21bfa76ee2b7f04d35451bcc7c6b2fd7712a70f6af0eb08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 238122
last-modified: Sat, 18 May 2024 18:39:20 GMT
server: cloudflare
etag: "6648f5d8-3a22a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8k5en4HMOBLIBK6obyIYK4G%2BZvNDa9bSMQOhG5EgH8rH3loa%2BSotAI78bdPubzpmPNG5APoLTSFi%2FaLGNq%2BdJ%2FEoyUTNVDy2Q3PMRpClhbWQDr2cbJixEAnEYDmwkAAGVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15ab7a10694b-FRA
priority: u=3,i

GET
H3 200 1A9FCD83-52A6-4076-9234-799118FC6059.png
mandynotes.com/wp-content/uploads/2021/12/ 536 KB
537 KB 1218ms
1216ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/1A9FCD83-52A6-4076-9234-799118FC6059.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6751e08b2a3926a07b52b5ffb56c7fa76fa3587ffd6bf7dfbfe4ee1192286e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 549373
last-modified: Sat, 18 May 2024 18:39:19 GMT
server: cloudflare
etag: "6648f5d7-861fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2BmGO36tmftVe1Hy0EEs%2ByxS6u1jgov76mMrxrbk7yt2UZ2zJZm65RrvaAdIBq2mKrFRxjalZs%2FEtko1Xp3eaHbN5k8Xc5Hy5z2kqWM4Ok7dLfVFlFlo09KeRNLblQ1Slw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15ab7a12694b-FRA
priority: u=3,i

GET
H3 200 VIXX.jpg
mandynotes.com/wp-content/uploads/2021/06/ 127 KB
127 KB 1180ms
1178ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/06/VIXX.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 129711
last-modified: Wed, 25 Aug 2021 06:59:23 GMT
server: cloudflare
etag: "6125ea4b-1faaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2TPSOU6WmedpZDfq1qzo4svY7RlRZtlOpb6dcxDMhpozYofL9XrlpSwUrKQrfm5LE0Ww8aKdyI%2FR%2BXnoxphtQPNzWsDc%2F5r0Nt5RMorPf8UWHDWfPQeBWDgON6R7XwJjDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15ab7a13694b-FRA
priority: u=3,i

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 140ms
49ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KNSMQ888FP&gtm=45je48e0v9116217875za200&_p=1723944060650&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1928683802.1723944061&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723944060&sct=1&seg=0&dl=https%3A%2F%2Fmandynotes.com%2F&dt=%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2563
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 01:21:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 VM5AdLite.js Show response
man.vm5apis.com/dist/pmp_v3/production/ 55 KB
17 KB 40ms
38ms Script
application/javascript 2600:9000:206f:2c00:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2c00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c8e2d9b7dfc6b9fa5323aaf1931a5ba1421088a20101e51aa86ff416132947f

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 03:30:09 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Thu, 08 Aug 2024 02:44:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 78682
x-amz-server-side-encryption: AES256
etag: W/"0ad5b71a1cd27ee3876a07424062bf1d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wgl_h6gWWe_Vhi5MaiM6aTh0Z06KSvJslmm5m0znHPSzrs2Gz4gAMA==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 39ms
37ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=193817632&post=0&tz=8&srv=mandynotes.com&j=1%3A13.7&host=mandynotes.com&ref=&fcp=2379&rand=0.5023187476060826
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Aug 2024 01:21:01 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 921.ea5565c86a4be1f7d88d.js Show response
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 274ms
274ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/921.ea5565c86a4be1f7d88d.js

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.62

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 1956
last-modified: Fri, 16 Aug 2024 01:23:02 GMT
server: cloudflare
etag: "66bea9f6-7a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVUqpHmzTRUeP3jV9KaOOrvjK%2FFAXO%2FGme3RhdY58shxuES36uhZJT%2FoqyYp%2BURDbQo8psSZ6T5rknOM3se1ygE3lzVOYtgf%2BZfZSBoolsqy1vsLO3Bb1zstZfGqNsu%2FcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b27dbe694b-FRA
priority: u=3,i=?0

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 39ms
37ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:27:21 GMT
x-content-type-options: nosniff
age: 384820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:27:21 GMT

GET
H3 200 fa-regular-400.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 24 KB
24 KB 959ms
958ms Font
font/woff2 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-regular-400.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.9

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.9
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 24488
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: "66b5bacf-5fa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nrVAqkKNzr0qp1zDAG1W4plt5ufTHGzH3ffPbUgrzn8nVdwLEyHfkslPfgDRS1eVvkbL0SePRSjK3QYcFZvMODyUJkRYTWHMpYY5rdjbwivXULBjEyTunH9rMVJaZkj9Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b28de2694b-FRA
priority: u=0,i=?0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:07:09 GMT
x-content-type-options: nosniff
age: 386032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:07:09 GMT

GET
H3 200 fa-solid-900.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 147 KB
147 KB 1184ms
1183ms Font
font/woff2 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-solid-900.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.9

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.9
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: "66b5bacf-24a04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h54Xn1AeIawycmuEexCptn0m0SVDWoo4ubOVuNaZ4b7Ayar%2FHId1h9xN7OSmYRPghrW6KiMF4GWbwsCkaGijPW0Er2skIz0APjAQR7D4IXl6iFuNW8xNkfpC9TIdz%2B9Ahw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b28de3694b-FRA
priority: u=0,i=?0

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:59:12 GMT
x-content-type-options: nosniff
age: 386509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:59:12 GMT

GET
H3 200 fa-brands-400.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 107 KB
108 KB 1182ms
1181ms Font
font/woff2 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-brands-400.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.9

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.9
Origin: https://mandynotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 109808
last-modified: Fri, 09 Aug 2024 06:44:31 GMT
server: cloudflare
etag: "66b5bacf-1acf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4OF2tFzAEOg%2F2ZZ0ezQk3VOrRvUbLkKOjnjMPzQtjJL3waQJ%2FQrsbkSg9rfMeqW6eBzcwinKZRBFyk7L2te%2F4p5yXAt4qMxbgxKYqC5Fg82jWSF%2FlgqPJMPyOU9lv2u2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b28de4694b-FRA
priority: u=0,i=?0

GET
H3 200 290707657_574852714160241_4486527713873087896_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 12 KB
12 KB 937ms
936ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 11931
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-2e9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XhCq19SH4xp%2BTf2pY%2BU3SFzrngMwMyNJoM8%2Bz6UAFS8NxIzCdPsS5dNPMyq6uUGpLr5AeYTE6Owt6AlTT4fXI5KuNLyBzSiLTBCT4frjcjHQ3NIBdtqY4PzmpHabe8jUKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b29de6694b-FRA
priority: u=3,i

GET
H3 200 287217568_160686366461413_7366712871875368301_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 14 KB
14 KB 943ms
942ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 14218
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-378a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHzJtVFHJJBuK%2FAHLCquUDKitqpknBENqQNT6d9SCfyrzFCHNIhuYrTo%2FcshoLJoZzor8sgRT1eFegt%2Fr2ZbcCKt9ZuoI1kh90zdUY%2FMa0AnKDRPEsiZ6EO5UjwOBsGZZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b29de8694b-FRA
priority: u=3,i

GET
H3 200 283765183_2561605660637417_6847878822727222019_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 17 KB
17 KB 945ms
945ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/283765183_2561605660637417_6847878822727222019_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 17241
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-4359"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDlZcDdVdGUtkf%2F78%2FY5GBpPLDgrEjPPIU4Ca13L5VywMHq0Xt2T%2FS5O3jqgXcMKbQIRSYmbPj%2FEREvnv67Xxxkpye%2BQh%2Bpviu4y7MW02HBqySA6ZFinTH09xBlUR1KOag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b29de9694b-FRA
priority: u=3,i

GET
H3 200 281884683_396541252361589_8956761148631846597_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 12 KB
13 KB 934ms
934ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/281884683_396541252361589_8956761148631846597_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 12288
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-3000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eWqb8cgXnoemOtRlVgMK9OsjyXLI4yuLruwm3jli758MN%2FtIaWe19HIpig2h%2BmmPJ1Im3JfTrsNfS3XcrsKYLOZpqJCVSqI%2BlQaLWibMehXF1egeCVortMoUOmPyAtmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b29dea694b-FRA
priority: u=3,i

GET
H3 200 280139623_283474380549111_8818302409236210254_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 26 KB
26 KB 964ms
963ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/280139623_283474380549111_8818302409236210254_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 26225
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-6671"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVFNoJByFbccSd0AiuswB7QxSyXSqZpxmFetxCwRt3JOUKQZmq3k4gNj9Cprbtkd6JSlPkYpHtvEPsPUahFquEXGi282tIRSjI%2BdqJnEdGzMBqmlMJh84VajAbLoKwzD9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b29deb694b-FRA
priority: u=3,i

GET
H3 200 279844487_3159380181047996_2449311943832026812_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 13 KB
13 KB 295ms
294ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/279844487_3159380181047996_2449311943832026812_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 12826
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-321a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPMxk9Gl6J5M5pJI4IXshxapZwLR0yrWR73Np7XZS0bSfpokno1n6VI2log9XRM8NP6RzxQMqTvzYvm6W7pZEknZWnT6dIitFgDmz5vnK6pK%2FKCkNuI4ECD2ZZHbkLhEPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b29dec694b-FRA
priority: u=3,i

GET
H3 200 sticky.js Show response
mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/ 12 KB
4 KB 281ms
281ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js?ver=2.0.62

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.62

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d42739e04ed669634bfa9f3f800deef54a230d19f2662e740c7fb96a882caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Aug 2024 01:01:37 GMT
server: cloudflare
etag: W/"66bea4f1-2ee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFGvsUzeY4JwarFaimu1YNaGTENBcNMcTxsDytO6%2Fg4fBb0uHot6iVMXzkRVMtI8SBSgW8YkC3HuvJEWZVeE%2BR7cB4AJo3leUfUu2F%2B%2FfV8HzjrgMVcgE8qgJ26nQ4dCrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b4e15b2adf1694b-FRA
priority: u=3,i=?0

GET
H2 200 persistentID.html
man.vm5apis.com/dist/ Frame BEF8 0
0 116ms
38ms Document
text/html 2600:9000:206f:b200:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/persistentID.html
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b200:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 76781
content-encoding: gzip
content-type: text/html
date: Sat, 17 Aug 2024 04:49:21 GMT
etag: W/"76ad014071673508950b9f0395151cf8"
last-modified: Tue, 07 Feb 2023 10:42:21 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-id: wYlRuGIGBSzrtf85U6UUgx4M4uhUK_Jnfvi3VyszQAiqxaEcni4ZFg==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 58ms
56ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c10d888dc361386c3d97e9d00ac95bb945e5d3097466e5f2fbd61bcdd634135b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79993
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 01:21:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 60ms
58ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48f479497e5d7e2f854aadbf27bc7f69795320cb7304c462bade112ad33ac40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80243
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 01:21:01 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1048ms
267ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 06:51:38 GMT
server: nginx
etag: W/"65e6c0fa-15e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sun, 18 Aug 2024 01:31:02 GMT

GET
H2 200 cm.js Show response
t.daexauto.com/ 2 KB
1 KB 132ms
40ms Script
application/javascript 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/cm.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:11:33 GMT
content-encoding: gzip
age: 568
x-guploader-uploadid: AHxI1nM3kZM0lsU94OaqZIbkBs1BGuOAm34RrzJbotAtgf-CYXYWWnHuowFrvhFxkQh3ZcuTZHI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 605
last-modified: Tue, 20 Sep 2022 03:01:56 GMT
server: UploadServer
etag: "5cc302c71332a6e8596d563d8e1d4412"
x-goog-generation: 1663642916783214
x-goog-hash: crc32c=fEiJzw==, md5=XMMCxxMypuhZbVY9jh1EEg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 605
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 18 Aug 2025 01:11:33 GMT

GET
H2 200 track.js Show response
ad.tagtoo.co/media/ad/ 7 KB
2 KB 130ms
39ms Script
text/javascript 34.111.12.34
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tagtoo.co/media/ad/track.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 34.12.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3aaab535bb945aee290bc822cecd9e5a3381e256da23f7209cdf4a8868d3176d

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 00:22:31 GMT
content-encoding: gzip
via: 1.1 google
age: 3510
x-guploader-uploadid: AHxI1nMMELpeXvM1mjD12ND-DdYOXyTzRuCNIuOTv0h848QPz8Cg7QCktcXUCfqE1cZguCapRspSHhs8sg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1937
last-modified: Thu, 15 Aug 2024 07:11:38 GMT
server: UploadServer
etag: "866ebaabc47e40adbcd900d301e11f0e"
vary: Accept-Encoding
x-goog-generation: 1723705898801064
x-goog-hash: crc32c=LTvt1A==, md5=hm66q8R+QK282QDTAeEfDg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
cache-control: public, max-age=3600
x-goog-stored-content-length: 1937
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Sun, 18 Aug 2024 01:22:31 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ 35 B
470 B 1268ms
272ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4027&uid=01916312-c906-7b13-aa41-ca3d9ae46ca1
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Date: Sun, 18 Aug 2024 01:21:02 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
Content-Type: image/gif

POST
H2 403 connect Show response
vahfront.vm5apis.com/lite/ 803 B
928 B 324ms
323ms Fetch
application/json 34.111.137.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vahfront.vm5apis.com/lite/connect
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.137.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.137.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e01cfb8111782fb587abb8c25aafeeb16611fa246fc88357181b2db90c4f4078

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin: https://mandynotes.com
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 connect
vahfront.vm5apis.com/lite/ Frame 0
0 414ms
302ms Preflight
application/json 34.111.137.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vahfront.vm5apis.com/lite/connect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.137.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.137.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mandynotes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin: https://mandynotes.com
access-control-expose-headers: Content-Length
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: application/json
date: Sun, 18 Aug 2024 01:21:02 GMT
via: 1.1 google

GET
H2

200

activityi;dc_pre=CJb0vYuw_YcDFWWHgwcdyvooAA;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=htt...
10559160.fls.doubleclick.net/ Frame 2691
Redirect Chain

https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=...
https://10559160.fls.doubleclick.net/activityi;dc_pre=CJb0vYuw_YcDFWWHgwcdyvooAA;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b45...

0
0

54ms
53ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10559160.fls.doubleclick.net/activityi;dc_pre=CJb0vYuw_YcDFWWHgwcdyvooAA;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=844612377;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181773707za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 01:21:02 GMT
expires: Sun, 18 Aug 2024 01:21:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 01:21:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10559160.fls.doubleclick.net/activityi;dc_pre=CJb0vYuw_YcDFWWHgwcdyvooAA;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=844612377;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181773707za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fma...
ad.doubleclick.net/ 0
23 B 276ms
223ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10559160;type=invmedia;cat=websd0;ord=3859951203940;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=844612377;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181773707za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 01:21:02 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"16628796274611647544"}],"aggregatable_trigger_data":[{"filters":[{"14":["14028695"]}],"key_piece":"0xa1bf4d3e1743abed","source_keys":["12","13","14","15","16","17","18","19","20","21","628497788","628497789","628497790","628497791","628553632","628553633","628553634","628553635"]},{"key_piece":"0x6b3dab27e5c10a0f","not_filters":{"14":["14028695"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628497788","628497789","628497790","628497791","628553632","628553633","628553634","628553635"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628497788":32,"628497789":32,"628497790":32,"628497791":3177,"628553632":32,"628553633":32,"628553634":32,"628553635":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"17713539594936527298","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16628796274611647544","filters":[{"14":["14028695"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16628796274611647544","filters":[{"14":["14028695"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16628796274611647544","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16628796274611647544","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10559160"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CPvYw4uw_YcDFdChgwcdjg86Ew;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=htt...
11009166.fls.doubleclick.net/ Frame AF3E
Redirect Chain

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=...
https://11009166.fls.doubleclick.net/activityi;dc_pre=CPvYw4uw_YcDFdChgwcdjg86Ew;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b45...

0
0

52ms
51ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11009166.fls.doubleclick.net/activityi;dc_pre=CPvYw4uw_YcDFdChgwcdjg86Ew;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=481459821;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181783534za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 01:21:02 GMT
expires: Sun, 18 Aug 2024 01:21:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 01:21:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11009166.fls.doubleclick.net/activityi;dc_pre=CPvYw4uw_YcDFdChgwcdjg86Ew;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=481459821;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181783534za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fma...
ad.doubleclick.net/ 0
23 B 121ms
103ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11009166;type=invmedia;cat=websd0;ord=4356627512691;npa=1;auiddc=236922196.1723944062;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;ps=1;pcor=481459821;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9181783534za200zb9116217875;gcd=13l3lPl2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 01:21:02 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7234136232804235294"}],"aggregatable_trigger_data":[{"filters":[{"14":["12016848"]}],"key_piece":"0xae3ce2b33c550735","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xe44f81d49e23c159","not_filters":{"14":["12016848"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15442548198214847684","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7234136232804235294","filters":[{"14":["12016848"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7234136232804235294","filters":[{"14":["12016848"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7234136232804235294","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7234136232804235294","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11009166"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.html
t.daexauto.com/ Frame 999D 0
0 223ms
149ms Document
text/html 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/main.html?partner=vmfive&member=01916312-c906-7b13-aa41-ca3d9ae46ca1
Requested by: Host: t.daexauto.com
URL: https://t.daexauto.com/cm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-length: 13194
content-type: text/html
date: Sun, 18 Aug 2024 01:21:02 GMT
etag: "eaab32de7850de7dd79c63e84f311fa1"
expires: Mon, 18 Aug 2025 01:21:02 GMT
last-modified: Tue, 20 Sep 2022 03:03:06 GMT
server: UploadServer
x-goog-generation: 1663642986084651
x-goog-hash: crc32c=ixrhRQ== md5=6qsy3nhQ3n3XnGPoTzEfoQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13194
x-guploader-uploadid: AHxI1nMksm6fH40ls2-z7i6Ed1UnHtz2zbjhU0F_DkakqP4B2Zg7hgsWvujWzpyropvJ7SYvtem80SRpSA

GET
H2 200 3542.js Show response
ecs.tagtoo.co/js/ 198 KB
55 KB 192ms
38ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/3542.js
Requested by: Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a1d2f8b964b0cd0f6c21a81cc7dce5e069371a0eefa53275ce1b665cb5113a31

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 23:51:25 GMT
content-encoding: gzip
age: 5377
x-guploader-uploadid: AHxI1nPSzxEkrnkKp-Hm_OV9Lyuwl-zvsRBsg005fZY9KeLHB5aWDBD705TtblF4o8WR1GBJAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55519
last-modified: Mon, 05 Aug 2024 06:52:10 GMT
server: UploadServer
etag: "8f6b4f925c2657ceef17df7fbd0489df"
vary: Accept-Encoding
x-goog-generation: 1722840730102121
x-goog-hash: crc32c=7oCg2g==, md5=j2tPklwmV87vF99/vQSJ3w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=5400
x-goog-stored-content-length: 55519
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Sun, 18 Aug 2024 01:21:25 GMT

GET
H2 200 tuec.js Show response
uec.tagtoo.co/ 10 KB
4 KB 193ms
39ms Script
application/javascript 34.107.150.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://uec.tagtoo.co/tuec.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.150.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 00:32:05 GMT
content-encoding: gzip
age: 2937
x-guploader-uploadid: AHxI1nPBuu3foVWrUWbQOnqT9cjQy3UZgbKOo83Eoh_eNFHteVKzILVBwOxrmhQJPi92Hb0Rx6Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3770
last-modified: Tue, 12 Dec 2023 09:08:46 GMT
server: UploadServer
etag: "2fa133db50cd81d87b8ffb8729a6ab35"
vary: Accept-Encoding
x-goog-generation: 1702372126688115
x-goog-hash: crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 3770
accept-ranges: bytes

GET
H2 200 unitrack.js Show response
ecs.tagtoo.co/js/ 26 KB
9 KB 39ms
38ms Script
application/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/unitrack.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/3542.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 00:42:02 GMT
content-encoding: gzip
age: 2340
x-guploader-uploadid: AHxI1nOd-IAEZGBtMWvPsAyBVFMAlZT2GDWS59s447-p1fSkvaYd5yLizurgpMby-tm8_n8tMXE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8725
last-modified: Wed, 17 May 2023 07:38:52 GMT
server: UploadServer
etag: "ccd513edbe3eb66c17d73c94d6462526"
vary: Accept-Encoding
x-goog-generation: 1684309132134575
x-goog-hash: crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
cache-control: public,max-age=5400
x-goog-stored-content-length: 8725
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Sun, 18 Aug 2024 02:12:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
103 KB 57ms
57ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HFDETXVVJE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ad793ea48f142a3e3a1892bcb3f15c3ad3eb1275887225d6d50c2be182da8dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105231
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 01:21:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 45ms
44ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HFDETXVVJE&gtm=45je48e0v9189278963za200zb9116217875&_p=1723944060650&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1928683802.1723944061&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723944062&sct=1&seg=0&dl=https%3A%2F%2Fmandynotes.com%2F&dt=%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4112
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HFDETXVVJE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 01:21:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 addr.json Show response
iptoweather.vm5apis.com/ 23 B
113 B 732ms
236ms Fetch
application/json 35.229.142.89
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iptoweather.vm5apis.com/addr.json
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.229.142.89 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 89.142.229.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6025adfc16c5d01ff8e60e5e6c089b0119ca09024336e18e592202b7975b449f

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Aug 2024 01:21:03 GMT
server: nginx
content-length: 23
content-type: application/json

GET
H3 200 290707657_574852714160241_4486527713873087896_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 39 KB
39 KB 991ms
991ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nfull.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 39788
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-9b6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDaqFMLbbS0rf%2BcOXBV7%2Fh9CpbzoLozliZPpndzmPjdZkSA3HPYPdaObushTJTmrMclcqcxfaZHmyCYMkwbQBkZt0IktWvM4j%2Bc0nvdnmWbI%2BVIJEFrt%2BLALEBqsHowoIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b8781f694b-FRA
priority: u=3,i

GET
H3 200 287217568_160686366461413_7366712871875368301_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 33 KB
34 KB 972ms
972ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nfull.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 34078
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-851e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qsUiJXmdlY5O89LhoW3Nd3wryRDNmUAzngZwZl2aqSGkfwwfKZ1udZwwLIQC4TVyIy%2FR0hQXp8vZDvvRUoJnOMZ8u0F6oBdyonT%2BLmzBUv1uEWZqoxqY7sDUI%2BksWeNOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15b88825694b-FRA
priority: u=3,i

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
405 B 280ms
280ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

99bdc4381562c08e7b028a7cfa3910c5a543dde21cf985874131c3567e358665

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:03 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
275 B 271ms
271ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=0771c812-c374-4849-850a-208b06299b95

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:03 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 fp.min.js Show response
ecs.tagtoo.co/js/ 31 KB
13 KB 40ms
40ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/fp.min.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:17:35 GMT
content-encoding: gzip
age: 208
x-guploader-uploadid: AHxI1nO8AF84rSbOM1-6Jljifeb-mzxC-CPxflv1GzRkwe54Zn2ftOwBpC9sEiZ6Mja0DPlDEYAx0bGbfQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12950
last-modified: Thu, 16 Sep 2021 09:25:47 GMT
server: UploadServer
etag: "5d9159073c44e4858b07d4445a1adceb"
vary: Accept-Encoding
x-goog-generation: 1631784347603860
x-goog-hash: crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=300
x-goog-stored-content-length: 12950
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Sun, 18 Aug 2024 01:22:35 GMT

GET
H2 200 permanent Show response
event.tagtoo.co/ 48 B
113 B 317ms
317ms Fetch
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=6a5a189ad194d7cfd6728ddc28c2aaaa
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: ee8d5fc0e37e8bb6472f6d1bdad3c79f5826e9746e2c5ed196d03e21cc5ba0aa

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-TOKEN: ccd9a490e4cbc0342440ea2d540a8e87f52367b8a8279e7d190100b08004

Response headers

access-control-allow-origin: *
date: Sun, 18 Aug 2024 01:21:03 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
content-type: application/json

OPTIONS
H2 200 permanent
event.tagtoo.co/ Frame 0
0 393ms
304ms Preflight
text/plain 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=6a5a189ad194d7cfd6728ddc28c2aaaa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-token
Access-Control-Request-Method: GET
Origin: https://mandynotes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Aug 2024 01:21:02 GMT
server: uvicorn
via: 1.1 google

GET
H3 200 permanent Show response
event.tagtoo.co/ 48 B
62 B 617ms
300ms Fetch
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=6a5a189ad194d7cfd6728ddc28c2aaaa
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: ee8d5fc0e37e8bb6472f6d1bdad3c79f5826e9746e2c5ed196d03e21cc5ba0aa

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-TOKEN: ccd9a490e4cbc0342440ea2d540a8e87f52367b8a8279e7d190100b08004

Response headers

access-control-allow-origin: *
date: Sun, 18 Aug 2024 01:21:03 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
content-type: application/json

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
191 B 274ms
273ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=8f86e5&cid=01916312-c906-7b13-aa41-ca3d9ae46ca1&mp=0771c812-c374-4849-850a-208b06299b95

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:03 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
0771c812-c374-4849-850a-208b06299b95.t.ssp.hinet.net/ 0
79 B 833ms
268ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0771c812-c374-4849-850a-208b06299b95.t.ssp.hinet.net/pixel?bd=0771c812-c374-4849-850a-208b06299b95&t=8f86e5&referrer=https%3A%2F%2Fmandynotes.com%2F

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:04 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H/1.1 200
OK pixel
pt0.vm5apis.com/api/v2/ 35 B
0 729ms
248ms Fetch
image/gif 35.194.212.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel?event=id_sync&provider=-&webBrowserId=01916312-ce72-7169-aaf3-6a65d785bcfb&eventDetails=%7B%22browser_id%22%3A%2201916312-ce72-7169-aaf3-6a65d785bcfb%22%2C%22browser_id_shared%22%3A%2201916312-ce72-7169-aaf3-6a65d785bcfb%22%2C%22browser_id_timestamp_shared%22%3A1723944062700%2C%22browser_id_cookie_shared%22%3A%2201916312-ce72-7169-aaf3-6a65d785bcfb%22%2C%22browser_id_cookie_timestamp_shared%22%3A1723944062700%2C%22browser_id_local%22%3A%2201916312-ce72-7169-aaf3-6a65d785bcfb%22%2C%22browser_id_timestamp_local%22%3A%221723944062700%22%2C%22browser_id_cookie_local%22%3A%2201916312-ce72-7169-aaf3-6a65d785bcfb%22%2C%22browser_id_cookie_timestamp_local%22%3A%221723944062700%22%2C%22referrer%22%3A%22%22%2C%22request_source%22%3A%22https%3A%2F%2Fmandynotes.com%2F%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22language%22%3A%22de-DE%22%2C%22ip%22%3A%2280.255.7.123%22%7D

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/pmp_v3/production/VM5AdLite.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 01:21:04 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://mandynotes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

OPTIONS
H2 200 permanent
event.tagtoo.co/ Frame 0
0 362ms
305ms Preflight
text/plain 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=6a5a189ad194d7cfd6728ddc28c2aaaa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-token
Access-Control-Request-Method: GET
Origin: https://mandynotes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Aug 2024 01:21:03 GMT
server: uvicorn
via: 1.1 google

POST
H3 200 v1
event.tagtoo.co/event/ 2 B
16 B 362ms
315ms Ping
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/event/v1
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Aug 2024 01:21:03 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: application/json

GET
H2 200 / Show response
ttd-cm.tagtoo.com.tw/prn/uidm/ 21 B
161 B 400ms
306ms Fetch
application/json 34.160.218.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=e58a8076da938d20d36125096eb87b4d&pid=1011&puid=01916312-c906-7b13-aa41-ca3d9ae46ca1&
Requested by: Host: uec.tagtoo.co
URL: https://uec.tagtoo.co/tuec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.218.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.218.160.34.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: de8a41e157ef0da2ade162ac2dc3a95e99ae93f24be2e671deef7a0df9677c12

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:04 GMT
via: 1.1 google
server: gunicorn/19.9.0
vary: Origin
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21

POST
H3 204 rum Show response
mandynotes.com/cdn-cgi/ 0
140 B 44ms
43ms XHR
text/plain 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 18 Aug 2024 01:21:04 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://mandynotes.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8b4e15c1ef0e694b-FRA

GET
H3

200

w-logo-blue-white-bg.png
mandynotes.com/wp-includes/images/
Redirect Chain

https://mandynotes.com/favicon.ico
https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

4 KB
5 KB

925ms
925ms

Other
image/png

172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

Protocol

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 01:21:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 4119
last-modified: Thu, 21 May 2020 09:10:12 GMT
server: cloudflare
etag: "5ec64574-1017"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jabpVKaeeUrFd8XTc8ViEdQZNVY3%2BdBgwBAzfiVx8fjQ%2BmNyGKmGtwqGgyD5%2F8IP7Jc2G4peBjR8wotyFSssXYBBkJSQrDFNXhsgHQ1z8nRg9WdszVHk3UG6HrALY6lSZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b4e15c44801694b-FRA
priority: u=1,i

Redirect headers

date: Sun, 18 Aug 2024 01:21:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5swlg2tEnRFjvIjngGeW%2BjYg2CKqMGsfUijSXffeQIqBHQcIlCFssiAYgTyniAvn0DxTtY54Yu8BAGz7CyBet60HgP6ufpiPeAk88YpRdO%2F7WSrpJ7OiYPztaW6SwcevQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png
cf-ray: 8b4e15c1ef11694b-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=1,i
alt-svc: h3=":443"; ma=86400

POST
H3 200 v1
event.tagtoo.co/event/ 2 B
16 B 315ms
314ms Ping
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/event/v1
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Aug 2024 01:21:03 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: application/json

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 48ms
48ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HFDETXVVJE&gtm=45je48e0v9189278963za200zb9116217875&_p=1723944060650&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1928683802.1723944061&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&cu=TWD&sid=1723944062&sct=1&seg=0&dl=https%3A%2F%2Fmandynotes.com%2F&dt=%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A&en=view_item&_ee=1&pr1=id~nm%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A~pr1~qt1~caHOME~c2%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A&epn.value=1&ep.event_category=ecommerce&ep.event_label=&_et=2&tfd=9117
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HFDETXVVJE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 01:21:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
man.vm5apis.com/dist	1970-01-21 08:28:24	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1723944062700
man.vm5apis.com/dist	1970-01-21 08:28:24	Name: VM5AD_BROWSER_ID_COOKIE Value: 01916312-ce72-7169-aaf3-6a65d785bcfb
.mandynotes.com/	1970-01-21 08:28:24	Name: _ga_KNSMQ888FP Value: GS1.1.1723944060.1.0.1723944060.0.0.0
.mandynotes.com/	1970-01-21 08:28:24	Name: _ga Value: GA1.1.1928683802.1723944061
mandynotes.com/	1970-01-20 23:35:36	Name: MSE_HTTP_REFERER Value: https%3A%2F%2Fmandynotes.com%2F
.mandynotes.com/	1970-01-21 01:02:00	Name: _gcl_au Value: 1.1.236922196.1723944062
.doubleclick.net/	1970-01-20 23:35:36	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 08:14:00	Name: IDE Value: AHWqTUlNAziYUWvmI1hbYIePvDC1NgVnueciLJNNaKJPsyhGWmDmVj11sKLtU6fYyHY
.doubleclick.net/	1970-01-21 03:11:36	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:52:24	Name: test_cookie Value: CheckForPermission
.mandynotes.com/	1970-01-21 08:28:24	Name: _ga_HFDETXVVJE Value: GS1.1.1723944062.1.0.1723944062.0.0.0
mandynotes.com/	1970-01-21 08:28:24	Name: VM5AD_BROWSER_ID_COOKIE Value: 01916312-ce72-7169-aaf3-6a65d785bcfb
mandynotes.com/	1970-01-21 08:28:24	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1723944062700
.hinet.net/	1970-01-21 08:28:24	Name: uuid Value: 0771c812-c374-4849-850a-208b06299b95
.mandynotes.com/	1970-01-21 07:38:00	Name: __htid Value: 0771c812-c374-4849-850a-208b06299b95
.mandynotes.com/	1970-01-20 22:52:27	Name: _ht_em Value: 1
.mandynotes.com/	1970-01-20 22:53:50	Name: _ht_8f86e5 Value: 1
.lndata.com/	1970-01-21 07:38:28	Name: admckid Value: 2408180921031848314
mandynotes.com/	1970-01-21 01:02:00	Name: _fbp Value: fb.1.1723944064131.731423898
mandynotes.com/	1970-01-20 23:12:33	Name: _tg_IM Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mandynotes.com/wp-content/uploads/2021/12/IMG_2405-scaled.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mandynotes.com/wp-content/uploads/2023/03/DaiDaiSpa-768x576.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vahfront.vm5apis.com/lite/connect Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0771c812-c374-4849-850a-208b06299b95.t.ssp.hinet.net
10559160.fls.doubleclick.net
11009166.fls.doubleclick.net
ad.doubleclick.net
ad.tagtoo.co
cm.lndata.com
ecs.tagtoo.co
event.tagtoo.co
fonts.googleapis.com
fonts.gstatic.com
iptoweather.vm5apis.com
man.vm5apis.com
mandynotes.com
pixel.wp.com
pt0.vm5apis.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.wp.com
t.daexauto.com
t.ssp.hinet.net
ttd-cm.tagtoo.com.tw
uec.tagtoo.co
vahfront.vm5apis.com
vawpro.vm5apis.com
www.googletagmanager.com
104.199.210.210
116.50.36.71
142.250.186.102
172.67.129.122
192.0.76.3
2001:4860:4802:32::36
203.75.214.136
216.239.34.36
216.58.206.72
2600:9000:206f:2c00:15:a9a7:4a80:93a1
2600:9000:206f:b200:15:a9a7:4a80:93a1
2606:4700:3034::6815:2aa
2606:4700::6810:4f49
2a00:1450:4001:809::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:82f::200a
34.102.218.41
34.102.239.73
34.107.150.21
34.111.12.34
34.111.137.131
34.160.218.201
34.96.83.10
35.194.212.25
35.229.142.89
0022da996fdaa7b79bccaf6990949826a6d62673b17958af739c6169fdb45134
032840274c039cffcd7475916a14612cafc3caf54346a53263555c8fa2527c96
046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2
0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1
12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d
1ed53b44e95cac27ed87dd1c42ac52946be4e19c058ca7ea5e452ede5f76f9cd
23e6c57561965841f2711b31c6b4c12b9e0d21cb4005b0a37835f8828e1dc63f
25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3
291233f564b5ee2404883da8e9e404e2e671026348ac3772775fb12e9eeab257
29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754
2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194
2caa976bb925e8e1386b738ef7a8d427fcf1b1277e85f6c17b4b7e04f2736593
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c
2f6751e08b2a3926a07b52b5ffb56c7fa76fa3587ffd6bf7dfbfe4ee1192286e
2f702e0afa9b8e706566fb43b8a20274d5e0e77fe79c329db743f3ed0acf7bbf
31bd46aa80e742b7d2217d9833eff576b36ecb655e36779e2cee719037bcb3af
325dec9f8e29eb5534af8aa6018a8ee4592ababbd79beefee45a884743a7e902
33f787bcb784b24167f78596209dd7c333f1aa2e07aaedbf73bf34a265ad936b
34c051a70982d38a72b2f9da10d2b8abbd289e380de9b8426029912e6638e081
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee
3aaab535bb945aee290bc822cecd9e5a3381e256da23f7209cdf4a8868d3176d
3d1095a0dc24ac6b09e364cb1c5fcf33117026d836a663b928cd03a8d284301e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d42739e04ed669634bfa9f3f800deef54a230d19f2662e740c7fb96a882caf
48f479497e5d7e2f854aadbf27bc7f69795320cb7304c462bade112ad33ac40a
4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510
5096c33cab71936218b239093be00239e234a55a2574db288b1d7d9e99a2e5b3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
57c673304b9fb19cfa2187506d47af727bb3e0d2ff53a57b76c08defdd49bab0
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
6025adfc16c5d01ff8e60e5e6c089b0119ca09024336e18e592202b7975b449f
64b4e92b63be67ecb73bc8ebb98b2b625f2988185e96f31e8f4088bc59c433c6
662bc6c35380d82750184891575463f18908e477c17fdcb380d85e45e5c2fa07
66b908e7a75667d61ddf22a47c47faa3a15076d2fe49f504f2171664bdfeaccf
684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
73c55149045e2877d3b9b3d2ca9f95bd89c12d63cb0e5268aead3ee556e604aa
761094d3031de6fc0d32291fc06e2d5c7b63f8a82a017e7ade0811cc002092aa
7d91a60215242cd03796d14a8305b1d236cfb597f7a507ca68e525abf8cc83ce
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ea07d95b1aa9838c74582199385ff06912479f98fe96952c1c3d56fafec0e4e
7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c8e2d9b7dfc6b9fa5323aaf1931a5ba1421088a20101e51aa86ff416132947f
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d
9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73
98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb
99bdc4381562c08e7b028a7cfa3910c5a543dde21cf985874131c3567e358665
a1d2f8b964b0cd0f6c21a81cc7dce5e069371a0eefa53275ce1b665cb5113a31
ad793ea48f142a3e3a1892bcb3f15c3ad3eb1275887225d6d50c2be182da8dd1
ae0af6d036d8a3d23fba830e01be2ab4417f46a1310a89ed51fd467990f6784b
b3d334e08759f314ea604c9eb5a274daf1cbcc0c65a02367fed2e9b3bfefe55e
b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23
b5c9f123ebd16997f50d81cbc2a40c8e1553487704bc67f501853d87e4ee1a90
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9434642cf3899fea380a75d6a90c9f140b46331133497fba7d0338c74c44988
bb1260bad6a0367f33b2842651681b6ae1be4d39238f4aa225ddf4e84ea591b2
bb4a584febc734009548e91f8b2893134067670373bf5b3254922d48c58388f7
c10d888dc361386c3d97e9d00ac95bb945e5d3097466e5f2fbd61bcdd634135b
c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02
c715c2506c1f04747f9eac30dee38bc1c19220692c1089aeb0251010abebf122
cb60d5c2779ad34d21bfa76ee2b7f04d35451bcc7c6b2fd7712a70f6af0eb08b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d474b00ed0fe9653738bd11c834b13efa13c59a76ad4be016e8b3f5a68173d6e
d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2
d6ae8dbff96469621efbc79f5d44c1f6d6c13460ed12e34e826af9b0308424aa
d7782defc74d9bb0d13dee7777daddf521b96c27bccc2775f22f87085ab4a1d0
d77cf458924e835fafe8349c276260d7b967432ad9baef8f4f3761d34cf1bd98
d8060fe3f342afa9bf5ee21944bf5b6001f411a56abf1437e375829733298b94
da28e136f7d61d01bd37c87e15a28707280fd57d7bf2d6e53f100f78deed8240
db1e74e10895a180f1757647f529dfeba8163ac4cb6a8fe33dbd900de95cdc5a
de8a41e157ef0da2ade162ac2dc3a95e99ae93f24be2e671deef7a0df9677c12
e01cfb8111782fb587abb8c25aafeeb16611fa246fc88357181b2db90c4f4078
e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f
e2643c51b19a5077cdb0f6668711693937827cf82322c38a595441c13cd25164
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d4bb4913fdc7167a981be1d8f47aa0e110fab5ec0fdd39ae6208cebe7f966a
e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca
e89b00889a90dddef9f06c3da98a503d6c69f45a868d3615a9ae309d94e94174
ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07
ee8d5fc0e37e8bb6472f6d1bdad3c79f5826e9746e2c5ed196d03e21cc5ba0aa
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d
fb871acb2b4ed7a3457553c7fb35913f7518f21beafd9def816b7517039b7597
fb8c5bc6aa8c2caca210a91ecb39d7fa9d7800ff4004e5b16e3fd11425af7627

mandynotes.com Open in urlscan Pro 2606:4700:3034::6815:2aa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

99 %HTTPS

32 %IPv6

14 Domains

25 Subdomains

25 IPs

3 Countries

4920 kBTransfer

6850 kBSize

20 Cookies

9 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mandynotes.com Open in urlscan Pro
2606:4700:3034::6815:2aa Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

99 %
HTTPS

32 %
IPv6

14
Domains

25
Subdomains

25
IPs

3
Countries

4920 kB
Transfer

6850 kB
Size

20
Cookies

116 HTTP transactions
0 data transactions