mandynotes.com Open in urlscan Pro
172.67.129.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mandynotes.com/
Submission Tags: phishingrod
Submission: On April 29 via api (April 29th 2024, 8:34:00 am UTC) from DE — Scanned from DE

Summary HTTP 101 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 101 HTTP transactions. The main IP is 172.67.129.122, located in United States and belongs to CLOUDFLARENET, US. The main domain is mandynotes.com.
TLS certificate: Issued by E1 on March 17th 2024. Valid for: 3 months.

This is the only time mandynotes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	172.67.129.122 172.67.129.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	104.199.210.210 104.199.210.210	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:206... 2600:9000:206f:1200:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	104.199.245.202 104.199.245.202	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:5800:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	34.102.239.73 34.102.239.73	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
1	34.111.137.131 34.111.137.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	35.229.142.89 35.229.142.89	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.194.212.25 35.194.212.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
101	19

50 172.67.129.122 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mandynotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.210.210 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.210.199.104.bc.googleusercontent.com

vawpro.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1200:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.245.202 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 202.245.199.104.bc.googleusercontent.com

match-hubble-man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5800:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6791b8b5-cb08-4a32-8e02-786b8585c72a.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.239.73 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 73.239.102.34.bc.googleusercontent.com

t.daexauto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.137.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.137.111.34.bc.googleusercontent.com

vahfront.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

11009166.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10559160.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.229.142.89 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.142.229.35.bc.googleusercontent.com

iptoweather.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.212.25 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.212.194.35.bc.googleusercontent.com

pt0.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	mandynotes.com 1 redirects mandynotes.com	4 MB
25	gstatic.com fonts.gstatic.com	1 MB
7	vm5apis.com vawpro.vm5apis.com — Cisco Umbrella Rank: 362382 man.vm5apis.com — Cisco Umbrella Rank: 364870 match-hubble-man.vm5apis.com — Cisco Umbrella Rank: 364202 vahfront.vm5apis.com — Cisco Umbrella Rank: 439536 iptoweather.vm5apis.com — Cisco Umbrella Rank: 373437 pt0.vm5apis.com — Cisco Umbrella Rank: 379566	19 KB
5	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 62787 6791b8b5-cb08-4a32-8e02-786b8585c72a.t.ssp.hinet.net	4 KB
4	doubleclick.net 2 redirects 11009166.fls.doubleclick.net — Cisco Umbrella Rank: 398382 10559160.fls.doubleclick.net — Cisco Umbrella Rank: 404744	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	246 KB
2	daexauto.com t.daexauto.com — Cisco Umbrella Rank: 254841	1 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2879 pixel.wp.com — Cisco Umbrella Rank: 2841	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	66 KB
1	lndata.com cm.lndata.com — Cisco Umbrella Rank: 131175	470 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2404	253 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 817	7 KB
0	iseeu.tw Failed demo4.iseeu.tw Failed
101	13

	Domain	Requested by
50	mandynotes.com	1 redirects mandynotes.com static.cloudflareinsights.com
25	fonts.gstatic.com	fonts.googleapis.com
4	t.ssp.hinet.net	man.vm5apis.com t.ssp.hinet.net
3	www.googletagmanager.com	mandynotes.com www.googletagmanager.com
2	10559160.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	11009166.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	t.daexauto.com	man.vm5apis.com t.daexauto.com
2	man.vm5apis.com	mandynotes.com man.vm5apis.com
2	fonts.googleapis.com	mandynotes.com
1	6791b8b5-cb08-4a32-8e02-786b8585c72a.t.ssp.hinet.net	mandynotes.com
1	pt0.vm5apis.com	man.vm5apis.com
1	iptoweather.vm5apis.com	man.vm5apis.com
1	vahfront.vm5apis.com	man.vm5apis.com
1	cm.lndata.com	mandynotes.com
1	pixel.wp.com	mandynotes.com
1	match-hubble-man.vm5apis.com	vawpro.vm5apis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	mandynotes.com
1	stats.wp.com	mandynotes.com
1	vawpro.vm5apis.com	mandynotes.com
0	demo4.iseeu.tw Failed	mandynotes.com
101	21

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
iseeu.tw
www.facebook.com

Subject Issuer	Validity	Valid
mandynotes.com E1	`2024-03-17` - `2024-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.vm5apis.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-30` - `2024-11-29`	a year	crt.sh
man.vm5apis.com Amazon RSA 2048 M03	`2023-12-31` - `2025-01-27`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.t.ssp.hinet.net	`2024-03-11` - `2025-03-11`	a year	crt.sh
t.daexauto.com GTS CA 1D4	`2024-03-28` - `2024-06-26`	3 months	crt.sh
*.lndata.com GeoTrust G5 TLS RSA4096 SHA384 2022 CA1	`2023-12-04` - `2024-12-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://mandynotes.com/
Frame ID: E3FFA7B56D353FDEFA2945E228FD7221
Requests: 97 HTTP requests in this frame

Frame: https://man.vm5apis.com/dist/persistentID.html
Frame ID: F0D80D2ABA2E2CC3B9CED2D93DA4E0D8
Requests: 1 HTTP requests in this frame

Frame: https://11009166.fls.doubleclick.net/activityi;dc_pre=CN2eiuiB54UDFaVLHgIdllcCGw;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: D9FC8515C3832925CAAF000414916778
Requests: 1 HTTP requests in this frame

Frame: https://10559160.fls.doubleclick.net/activityi;dc_pre=CPmmiuiB54UDFbdFHgIdLU4A-w;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F
Frame ID: 921C129384D55A5420A61A68B794BBA7
Requests: 1 HTTP requests in this frame

Frame: https://t.daexauto.com/main.html?partner=vmfive&member=53dcb55d-6511-4054-8842-58ec205c0843
Frame ID: BA147FF7877281FF8C231086B345A3F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

曼娣慢慢遊

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

101
Requests

98 %
HTTPS

39 %
IPv6

13
Domains

21
Subdomains

19
IPs

3
Countries

5442 kB
Transfer

6933 kB
Size

15
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/p/CfZVee7vot2/
Title: #소소한일상_맨디 願你往後的人生如

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CeqPpQVvneQ/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cd7RwolvsyN/
Title: 不能只有我看到😍 原本想說疫情趨緩

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cdycctdvx0g/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tv/CdSdaVQjFsm/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CdMAj_uPx1_/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mandy.twkr/
Title: 在 Instagram 上追蹤

Search URL Search Domain Scan URL

URL: https://iseeu.tw/
Title: 金城事務所

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mandy.twkr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg HTTP 301
https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/

Request Chain 87

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
https://11009166.fls.doubleclick.net/activityi;dc_pre=CN2eiuiB54UDFaVLHgIdllcCGw;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F

Request Chain 88

https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F HTTP 302
https://10559160.fls.doubleclick.net/activityi;dc_pre=CPmmiuiB54UDFbdFHgIdLU4A-w;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F

Request Chain 99

https://mandynotes.com/favicon.ico HTTP 302
https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mandynotes.com/ 113 KB
30 KB 1160ms
1132ms Document
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa44979f3360bfd486f138063b251df5c0cae73bdea4a52eb2a184b9f013f84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87bdf304aaea4d32-FRA
content-encoding: br
content-type: text/html
date: Mon, 29 Apr 2024 08:33:49 GMT
last-modified: Fri, 26 Apr 2024 07:00:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSb%2B8cVvAa0RN%2BlSoGlkhwP6phcjBId%2FIuC12tTPfgfUnIQxd6krIEy5Pa5fo1zTak%2BDiTieUN3AqcW84IVDoxgZBe6jLyo%2FCFNWZ7yEY0ovsQts7EXiQs5oT8ff7ssGGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT - WP Cache
x-content-type-options: nosniff

GET
H3 200 global.css
mandynotes.com/wp-content/uploads/blocksy/css/ 16 KB
3 KB 321ms
320ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/uploads/blocksy/css/global.css?ver=12663

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e66987e84ebc8ad696bb03c441676460c75747f6de9087f6a6f5b91aa40f552

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 06:24:23 GMT
server: cloudflare
etag: W/"662b4897-4154"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyFsLeAq9%2BCO0CYgGvGpjn4yk6Aq%2BB21I1Hg62AymWinPETWQp3lGj6fnYrTfY2Ro9nA0hHUq6AqJuSklnU5gsx%2FK3c1muEe3N9XM%2BfLAgrEXPoOkwklKGDHyqf4yrhAWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcd9b4d32-FRA
priority: u=0,i=?0

GET
H3 200 sbi-styles.min.css
mandynotes.com/wp-content/plugins/instagram-feed/css/ 45 KB
9 KB 1178ms
1177ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.3

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 27 Apr 2024 03:14:25 GMT
server: cloudflare
etag: W/"662c6d91-b5db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2BnAYZdZcS4xoUCSw5L8RPfRhpy2IQ7VRLRYqkpWmmnxcvF%2BaYMTQXgwvKHD7Guj0GJmZ0LeAp%2BYmDinrft8IvfP6GQeSyO%2F9Wf%2F7njpywrg4CdvPEDUl510JWv2zB8tCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcd9f4d32-FRA
priority: u=0,i=?0

GET
H3 200 style.min.css
mandynotes.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 1201ms
1199ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 01:18:22 GMT
server: cloudflare
etag: W/"660dffde-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIdB1TCUDv4KH0bE%2F%2FNKCeDTxpRgNFv%2BNXW4y1E3m53dz2guXlVqKsZ3WRy2fmvI8sKeL6Bq7wPBNILMepiUbhQ0ZiXy9tAaZWtmCvrld20gp4dgvaQGJ0Rr%2F6jJoFeMrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcda24d32-FRA
priority: u=0,i=?0

GET
H3 200 mediaelementplayer-legacy.min.css
mandynotes.com/wp-includes/js/mediaelement/ 11 KB
3 KB 1175ms
1173ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: cloudflare
etag: W/"5f735862-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meGubfaEJghhlXAonPseL3%2BqiRsKOIdEdrT9%2FBLvZoN44mcK3DjUFU02ros00NwWNoq0GkkXjK%2F70kzDfPRT5lzl5umbaTVRL%2FwZI8TqKCire%2FjUOHm5j%2BfSXolOaN9p0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcda44d32-FRA
priority: u=0,i=?0

GET
H3 200 wp-mediaelement.min.css
mandynotes.com/wp-includes/js/mediaelement/ 4 KB
2 KB 1186ms
1184ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: cloudflare
etag: W/"5cfaccce-105a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHL6Vd%2F5DOVqTb0FUrcV%2FQAE57pG5hjVNduErXi8agWNBlkaNv2%2BlDizNkxhYJjaJEVRkDx%2BRqjkrwf7iYFAbvwSsPJhOMDhlyJLjH8s2SyrDKEbH1BmXkQ7hXEGM39IZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcda54d32-FRA
priority: u=0,i=?0

GET
H3 200 style.build.css
mandynotes.com/wp-content/plugins/block-options/build/ 19 KB
3 KB 1169ms
1167ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/block-options/build/style.build.css?ver=new

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 04:58:11 GMT
server: cloudflare
etag: W/"65fbbe63-4d66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeKnLTYWln%2FfYKyC0nEJ50t6FysKUv8xKtjXrPcsE0Zz%2FX5ntx3HmOWF7FLJ8z4RHBw%2FMgQCMucVt4Jg2TyT5Levy%2BPvwjzEHwwGrK34O1S0e7ZogE5cX%2Fg0zLSb2O4vlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcda74d32-FRA
priority: u=0,i=?0

GET
H3 200 screen.min.css
mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/ 6 KB
2 KB 1185ms
1183ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.65

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37ba86536f9a12d450390901292af30f4393d4fe3e06b907d351ef876264301

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Apr 2024 03:56:29 GMT
server: cloudflare
etag: W/"66175f6d-165f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNjkdiCc9Tv5nwxRo4%2Be8xBBqcQP04MOmQH3tgcGL9TUwaXwoa9qYPACFVXTlvaclQh8ZPc3yv2l7t%2FRAiz82THnxOnN7v33Z4J2oAW%2BnpXDRcuPcg7Lc%2FatnAKpDkAu8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcda84d32-FRA
priority: u=0,i=?0

GET
H3 200 main.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 99 KB
19 KB 1237ms
1235ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.42

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f5261200e45a4c82ce3086317930b6ff5e734b591b1072ebd99ce0e1c51889

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 06:24:12 GMT
server: cloudflare
etag: W/"662b488c-18dd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NCUUYq4sbw0yAcYVIPkJPXVZz8m98F6N9DVh36Kza%2FuiH%2F4gsBOJwXW%2B3bt57S3IT29zdIVEpV%2FXn1Kg24EE7m18JWHct%2FzwoB2n9jEUdwR3Y16eYMg3jkEmzVsMFvPEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcda94d32-FRA
priority: u=0,i=?0

GET
H3 200 admin-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 4 KB
2 KB 1173ms
1171ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/admin-frontend.min.css?ver=2.0.42

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ea07d95b1aa9838c74582199385ff06912479f98fe96952c1c3d56fafec0e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 06:24:12 GMT
server: cloudflare
etag: W/"662b488c-f17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RE5SFjsi69KtvJMTbsimdpHq8MMhRhjJJf1DeVQUr8lctmFW3RosrmpbscX8Qh%2F51uZBki5Cte2rrdX31feRc5iAGU7ukGO6xmnVUh1kySDV%2FqRFKPxZEyv1B0Z3e0iDqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcdaa4d32-FRA
priority: u=0,i=?0

GET
H3 200 elementor-frontend.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 1 KB
903 B 1155ms
1153ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=2.0.42

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4a584febc734009548e91f8b2893134067670373bf5b3254922d48c58388f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 06:24:12 GMT
server: cloudflare
etag: W/"662b488c-5ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VGzeV2wfNuhHpa2GADTPbBIKCU3D3fdXlrjVA2QG3Q7On8Uu574x3sp4nIFn6iBhXm4xH%2F%2BbNvUU8EB02YfblGH%2BhA6LMZ7tZik4x9%2Btbpu3idxCtlVHoz%2Bxpbn1EAO8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcdab4d32-FRA
priority: u=0,i=?0

GET
H3 200 sidebar.min.css
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 3 KB
1 KB 1189ms
1187ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/sidebar.min.css?ver=2.0.42

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d11699672028c7d917de56adadb077c11e3bb4e14580a242870c4ed31c2e50d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 06:24:12 GMT
server: cloudflare
etag: W/"662b488c-cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DA5ifq4XadNdfsc3S81YXtMqTgmjmv%2BC0a1ajQ8KP2VlhA68bdv9VTfJmCfovWkA2oTYgCl4iRXybSJBRsvvgHt2FQ6ZXXwkaG7bW%2FH3WD8wpnsm4OzF571eOVxX%2BN%2FvBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcdac4d32-FRA
priority: u=0,i=?0

GET
H3 200 style.css
mandynotes.com/wp-content/themes/blocksy-child/ 1 KB
1 KB 1172ms
1170ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy-child/style.css?ver=6.5.2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 13:03:54 GMT
server: cloudflare
etag: W/"6239c93a-59e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HhH8cSVTyERH1ivNv4wNf0wYBgQKLW4n8KG9KjAHbI7viT4sQdRkg27JLIJS1CKRjVqo2CyxoRgAlSPpkVgg6zmXiX0KxTPbzb9iGI2wDrozOPsRE2EXAM1dw1mcqxwuog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcdad4d32-FRA
priority: u=0,i=?0

GET
H2 200 css2
fonts.googleapis.com/ 234 KB
65 KB 45ms
23ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8b1672a2a8313fec05db1272f8f0679660ddb3e3ce223a483449ebd835e6570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 08:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 08:33:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 08:33:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
963 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 08:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 07:01:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 08:33:49 GMT

GET
H3 200 font-awesome.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 53 KB
12 KB 1203ms
1201ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d474b00ed0fe9653738bd11c834b13efa13c59a76ad4be016e8b3f5a68173d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-d43c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKBV3m7zto1UFoEXphrRuVstK9WSkCPtirPtw4kQepqUwZnBil2AdUKqCIBS2qCgOuCdg2pXrKl7HHuZjxWmcYV0%2FB0oA%2FdkDoRvqpMVYhZxsESCueIYLAZOAmYnR5zs5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcdae4d32-FRA
priority: u=0,i=?0

GET
H3 200 mystickyelements-front.min.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/css/ 197 KB
15 KB 1186ms
1185ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/mystickyelements-front.min.css?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3253052f515950819228de250155ebb75741ac7aa6e9d14792415b01279fb87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-312ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryQ01tmfSu%2F3vMIpW%2FspK7AtVRKGiFEgnqYN9tK8eTx%2F%2Bmxixagxxc9Ivx70alL7h6xRQ5Zxldjs5F1dKFWyxYo4m6ezrZRqKxJu9GDK4DwsvKW5vmbexk7W2ec07aPIvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcdaf4d32-FRA
priority: u=0,i=?0

GET
H3 200 intlTelInput.css
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/ 26 KB
3 KB 1158ms
1157ms Stylesheet
text/css 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/css/intlTelInput.css?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-6659"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxyfSCRdT3F9dQJ8%2B4rpLwu0Wba6WuFJa%2BoKJGh%2FUjhn9mhnWyv6nfrRD4akPllvw7HXz0Y%2Blm%2FK7OwX7PuRx7%2FT0h8WGVQUZ9sRYvtrGb%2FQrL%2BU4aVDmxXUM0FUmNHEIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bdf30bcdb04d32-FRA
priority: u=0,i=?0

GET
H3 200 jquery.min.js Show response
mandynotes.com/wp-includes/js/jquery/ 86 KB
31 KB 1233ms
1232ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 14:19:26 GMT
server: cloudflare
etag: W/"654cea6e-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyviYQYfQT43CVI6X2yq2LTd67J2%2BXZ%2BDsU%2FTgNG7xOpK3jS3U69D%2FCcYo3bXjLRK%2F0Asg%2BCEgkYaAvBNWMcfuQrOpqVD3UnVCodpPsdzY7JbJOY5CAiCDYYWfB%2Bvut0XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf30bcdb14d32-FRA
priority: u=1,i=?0

GET
H3 200 jquery-migrate.min.js Show response
mandynotes.com/wp-includes/js/jquery/ 13 KB
5 KB 1178ms
1177ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 11 Aug 2023 09:16:57 GMT
server: cloudflare
etag: W/"64d5fc89-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uia91y2A7QKgGGMyBSpfDunjdn9zhxSxcGDYTMr4XXuCG6cRJIK1iKCMEoL7r3gndYSlgJPX1CBZbcmDaHPjecUwwbWMhrbz22ju5LtrdDfuxoop8ATsw2RKV48yhXn1lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf30bcdb24d32-FRA
priority: u=1,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
99 KB 64ms
40ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e07575dc748dc6a1fbbe4c64a611c2ddced2115b451bc4c205b63c14318ae148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Apr 2024 08:33:50 GMT

GET

/
demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/
Redirect Chain

https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg
https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/

0
0

GET
H3 200 placeholder.png
mandynotes.com/wp-content/plugins/instagram-feed/img/ 176 B
693 B 1154ms
1154ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/img/placeholder.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 176
last-modified: Sat, 27 Apr 2024 03:14:25 GMT
server: cloudflare
etag: "662c6d91-b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BsfN1hQYvGlKIO3h8AocdFaxtp4toLTI%2Bw2S4NiAEgKhKtCjl0NoCV8pKZyGR653%2BMWaITvwdtvqBJWlPySD4qi%2F5zZem0hKykLotpvYZlVnGNMo%2FRV%2BLBBCPwAfFaisQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf30bddbb4d32-FRA
priority: u=2,i

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ 2 KB
1 KB 703ms
229ms Script
application/javascript 104.199.210.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

c59e332c6ef17e2180392e920c620a44e9d19db5c916f51a6e2436812173d9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 08:33:51 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.19.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=3600
Connection: keep-alive

GET
H2 200 VPT_mandynotes.js Show response
man.vm5apis.com/dist/iseeu/ 53 KB
16 KB 1152ms
1079ms Script
application/javascript 2600:9000:206f:1200:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1200:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 275eff8894dcaa23fab335ce6ace71a79d918e689c4d5013c605bb0643fc4435

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
content-encoding: br
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified: Fri, 22 Sep 2023 07:27:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"5cbf4f5c4c7cb8dcf0ce5cc1504f6a4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 2DJhOaGDkBceP5BabgW2iWBxJhOmYiwAdBmAX_wU4332OcV_qNiqxQ==

GET
H3 200 main.js Show response
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 30 KB
9 KB 1177ms
1176ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.42

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dadfcb1d00ec7b30133f65d63ccd855996ee1aa6348147b73cca79cd91c0890

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 06:24:12 GMT
server: cloudflare
etag: W/"662b488c-224c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U044iyLWgffWJ8%2FBFLQyRAkNq6bGOUceHZiQUYtfp7XixsBDrSW6TXNO8fQkeoLw%2FxwC48GJZJYFMp28o7QPOGUsaXX082Dm3CcPxwkI4w%2BCTFEf8%2FtyFagp%2BY%2BmhTc9fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf3139eed4d32-FRA
priority: u=2,i=?0

GET
H2 200 e-202417.js Show response
stats.wp.com/ 7 KB
3 KB 30ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202417.js
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Mon, 29 Apr 2024 08:33:50 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356565.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Apr 2025 13:52:42 GMT

GET
H3 200 intlTelInput.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/ 103 KB
22 KB 1206ms
1205ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/intl-tel-input-src/build/js/intlTelInput.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-19d8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frZPANojONSZIcgvibbP%2F2bfZLpHIfBvklVcrUxkCX%2FuKlchzbjejIhd%2FIFsDgELXdWdMPNEVxj3mSOiALYy2u0Mt5RQHkw0AzXGPMEiNKWaI3tabyuWmUWjck2KT5ZVOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf3139ef24d32-FRA
priority: u=3,i=?0

GET
H3 200 jquery.cookie.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 1 KB
1 KB 1196ms
1195ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/jquery.cookie.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-597"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fh91w%2Bsdawh0s8JCXCaHQDbnzcL7MuPjY1%2B9JbQv1%2BtbiwoJ0CiYYMM8EQE0daT4qVe5%2BsBE4tlA6U8GdMyIXBIFlz06VMVs9KP21YtQaX6EHwhmHsFNwoNFLAFMVZxzKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf3139ef34d32-FRA
priority: u=3,i=?0

GET
H3 200 mailcheck.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 11 KB
4 KB 1153ms
1152ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/mailcheck.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c9f123ebd16997f50d81cbc2a40c8e1553487704bc67f501853d87e4ee1a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-2c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkVi0JqVotu0v7qVlee4%2FNONeEpWzm3vHkJSWpef6m%2FDyp%2BGvTW7Nkk2Wdn60l%2B44qDqpyMDFdWYqH2iPb29skAVPbY3ay92Zlz3Z45kcrLNve%2FysZ%2BFqbO3YDbz1yQ70g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf3139ef54d32-FRA
priority: u=3,i=?0

GET
H3 200 jquery.email-autocomplete.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 6 KB
3 KB 1164ms
1164ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/jquery.email-autocomplete.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

761094d3031de6fc0d32291fc06e2d5c7b63f8a82a017e7ade0811cc002092aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-1907"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEXnmsd1FmKakVowR9vD%2BSJGf%2Beo6rLWqOzlbZPmeY4ZfOQpCyzC%2B6mRynd51RElv9%2FnGjqyQ281eJtBH%2FWQYZNTO7CfaHmM97SUMsWe1ALbHizJB%2F0SbPGdLsR2FHs1Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf3139ef74d32-FRA
priority: u=3,i=?0

GET
H3 200 mystickyelements-fronted.min.js Show response
mandynotes.com/wp-content/plugins/mystickyelements-pro/js/ 33 KB
7 KB 1193ms
1193ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/js/mystickyelements-fronted.min.js?ver=2.1.6

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad33bc128653bc0425653188dde91a4e5154fd67ba5de0398c89a99d8a4dc39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: W/"6596c049-858b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QB6g%2BhhuHzB9DQ5heua4IJfIYF%2F6u0uAvEMeF2VW6RyATq7zjsOgR8voYF7eGQIFetnmnHGt1R5PA3ZTM2Cdl1iIAN%2BX21YFj0RPK%2FfK00OhnkBwFYpczIbf98nnO278xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf3139ef84d32-FRA
priority: u=3,i=?0

GET
H3 200 sbi-scripts.min.js Show response
mandynotes.com/wp-content/plugins/instagram-feed/js/ 24 KB
7 KB 1159ms
1157ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.3

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6da90c7c676b9c3ea80dae9a2e589a653bd258f26506e37fd212df20643036

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 27 Apr 2024 03:14:25 GMT
server: cloudflare
etag: W/"662c6d91-6020"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvaF%2Fr6yvL4fZxQdtkvPF%2BOG%2B2rm9pXIyhiSr2POUbWvprJiDQbguLXCVPCDky%2Be%2BupzHeDesMqTr8eUAJQwWaXujcAEBF7TWg8UXRUdPdoJ9uMh5bA5nKmVYeli%2BoL4uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf3139ef04d32-FRA
priority: u=2,i=?0

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 70ms
49ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:50 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87bdf313b9d28fdc-FRA

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 78 KB
79 KB 57ms
35ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf14dd765f4e984deed8d571b1615ecfc6fc8d287758ba1423a25f3c10c218c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 20:12:17 GMT
x-content-type-options: nosniff
age: 217293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80252
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 20:12:17 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 33 KB
34 KB 63ms
41ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5d02048d625e6fdaba8063decd1e9edcd57829147090ce1d64358e54d34f4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 02:33:27 GMT
x-content-type-options: nosniff
age: 194423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34276
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:29:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 02:33:27 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrXX5MTw.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 24 KB
24 KB 64ms
42ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrXX5MTw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22da5f0a4d71e350caa293772de75f23c7670d2dd53b9517d693e3207c5e6d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 02:35:29 GMT
x-content-type-options: nosniff
age: 539901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24500
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:02:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 02:35:29 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 63 KB
63 KB 58ms
36ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d261b03fea6392d5cf6220a7a9925497d1c3bd760990e24668542fc8bfa4c256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 03:11:35 GMT
x-content-type-options: nosniff
age: 537735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64196
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:36:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 03:11:35 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 75 KB
75 KB 67ms
45ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a94797fbbdf249e0b86cfce84f76e05f18a3be22864c7157bf4f47281d7b5d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 08:18:25 GMT
x-content-type-options: nosniff
age: 173725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77004
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 08:18:25 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.75.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 31 KB
31 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvvMpbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.75.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89ffd81c7420d6c0fb81ddbe609f8ded303ac53c200bf00508f5434ae48cf1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:19:23 GMT
x-content-type-options: nosniff
age: 166467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31532
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:02:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 10:19:23 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 62 KB
62 KB 55ms
34ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896adb75b41f312934d2c084c31df6af7a461567ab9b45cc76f5124d24cc3752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 00:50:09 GMT
x-content-type-options: nosniff
age: 546221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63168
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 00:50:09 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 67 KB
67 KB 53ms
32ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e613ed4308f865da260455901af0b7b2e0cc0bfe2c8dfa7aa4cc0aa3dcb974b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 03:45:37 GMT
x-content-type-options: nosniff
age: 103693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68788
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Apr 2025 03:45:37 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 74 KB
74 KB 50ms
29ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4f096f9d656631111cdf91411fc73f3e68f3ddb8b8b3ea12a149554ac93cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 13:21:16 GMT
x-content-type-options: nosniff
age: 155554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76120
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:29:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 13:21:16 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 76 KB
76 KB 64ms
43ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8057d8ef047c6a1bf9cc0230f7657dead23fb56ea2e934c030e228ab379b39d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 14:51:22 GMT
x-content-type-options: nosniff
age: 150148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77352
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 14:51:22 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 73 KB
73 KB 59ms
38ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d79a6b0e86550cc7ebcb8f7da27e33335c85e61ad6531d2fc1d8f31c02cb36df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 07:24:58 GMT
x-content-type-options: nosniff
age: 436132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74520
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 07:24:58 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.100.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 64 KB
64 KB 61ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.100.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b57b7b16306305c0ffc2968853da6025fe04d4a3be1b7d5bfa4593e04c375e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 08:10:14 GMT
x-content-type-options: nosniff
age: 174216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65064
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 08:10:14 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 73 KB
73 KB 55ms
35ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

466669ce0a393852b5a765c513d0b5502f0ea35a9f56847718af5aa86dcfd018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:38:27 GMT
x-content-type-options: nosniff
age: 208523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74384
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:29:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 22:38:27 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 73 KB
74 KB 47ms
26ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1c4916fc37af5dec08ebd1bc5138a4317fadd5b854bfc4137983b7ecfd38cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 04:16:53 GMT
x-content-type-options: nosniff
age: 188217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75244
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 04:16:53 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 77 KB
77 KB 62ms
41ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d34b810c3f6cbf7f98005d4624988efc4accace19779d24ed580b0f1be4f955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 06:13:03 GMT
x-content-type-options: nosniff
age: 526847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78460
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 06:13:03 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 74 KB
74 KB 58ms
38ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e568dc1579169ae8f0b159abd5d348f6dc7f345eb84c45868930464bc08825e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 19:54:02 GMT
x-content-type-options: nosniff
age: 218388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75312
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 19:54:02 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 79 KB
79 KB 45ms
24ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903e9ce7f8aeac0f07036d6324176111886c5efe6a3b1ace4c6a2228aab36118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 11:14:59 GMT
x-content-type-options: nosniff
age: 163131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80748
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 11:14:59 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.105.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 67 KB
67 KB 41ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef50c6727cb0074307974e8ea6f3b2a7036b7f9dac38edb763ca5b412ee06c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 11:48:40 GMT
x-content-type-options: nosniff
age: 161110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68228
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 11:48:40 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.111.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 67 KB
67 KB 59ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09f8bc8291f64f495aa2c1b1a95c2fcf541a72e077dc90807270ff104e2800c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 06:30:14 GMT
x-content-type-options: nosniff
age: 439416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68400
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 06:30:14 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.19.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 36 KB
36 KB 58ms
38ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.19.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75e5b34d94fef79e1ebb5bdae05cb944a17193382827fe666a724bd9eec69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 20:01:57 GMT
x-content-type-options: nosniff
age: 45113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36880
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:38:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Apr 2025 20:01:57 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 66 KB
66 KB 52ms
32ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fd3a5fa32c9d8aa4a7a29a3d375ba06735f0582534873c5043f480ab53637b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 22:57:52 GMT
x-content-type-options: nosniff
age: 552958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67584
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 22:57:52 GMT

GET
H2 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.69.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 40 KB
40 KB 63ms
43ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.69.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20TC:wght@700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

988b57582cd352f2c71b5fcfa8649a1b06384aa5b0f37d6b0627c6b29d39b9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 20:11:45 GMT
x-content-type-options: nosniff
age: 130925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41044
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:46:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 20:11:45 GMT

GET
H3 404 DaiDaiSpa-768x576.jpg
mandynotes.com/wp-content/uploads/2023/03/ 40 KB
40 KB 1584ms
1584ms Image
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2023/03/DaiDaiSpa-768x576.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db5a99955a6e894a01536872853636ed92e933b2faff90de8a1cafbaec79949

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXTbgl8FqlwH1eAtUPUJWBwzIstgeATfexTznrSQ8TWi0r4Mp9WUh0H7o8eZcMRD9S8qesTXJSzWwp4YADIUGEGTABlE7uNZSbiCK%2FhQrZbT7onHaXfxfB1GIPHIXU332w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 87bdf313df3a4d32-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=3,i
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 IMG_6926.jpg
mandynotes.com/wp-content/uploads/2022/04/ 365 KB
366 KB 1510ms
1510ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/04/IMG_6926.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 373783
last-modified: Mon, 11 Jul 2022 13:45:39 GMT
server: cloudflare
etag: "62cc2983-5b417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QoCkg6aH1S9O1uWESV8ZgIy6GdBZrU%2BbOXOvip7KuUMLZucpEB4xIaxiKpRzb8BzbEAJ3hSGwuPAHiVAk9odGJU3XB9J4x3WYHYDDf5X5jocbbTJsC8ZvARQrPjvCHBU2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf313df3c4d32-FRA
priority: u=3,i

GET
H3 200 IMG_5639.jpg
mandynotes.com/wp-content/uploads/2022/03/ 295 KB
296 KB 1507ms
1506ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/03/IMG_5639.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 302535
last-modified: Tue, 29 Mar 2022 09:15:57 GMT
server: cloudflare
etag: "6242ce4d-49dc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4C1x4WT88Bv6H8APMVWd16yg6bmV7a%2BPFxSbCuJPa1oGKYpG9%2FRkkqLcSz6ORKTZ01oS%2F56DGVI8PPGVIp6023sqkNstui19gdnM%2FObUw2Y8ozGXs9jzeAOI6oA3p9kcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf313df3d4d32-FRA
priority: u=3,i

GET
H3 200 %E5%B0%81%E9%9D%A2.jpg
mandynotes.com/wp-content/uploads/2022/02/ 256 KB
257 KB 1520ms
1518ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2022/02/%E5%B0%81%E9%9D%A2.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 262326
last-modified: Tue, 29 Mar 2022 09:15:54 GMT
server: cloudflare
etag: "6242ce4a-400b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6H8Pavx4J6k8876qZ5gffaDIOriyxvEelRAMzYEWhbfuerdx6CqcxAwGbtXQsLhEnkdtnMepbB3WVHOvo8udBF68hRoJvrE0s3eC0gvgGHZq4YkBYxGEDkJKlOrepw2CSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf313df404d32-FRA
priority: u=3,i

GET
H3 404 IMG_2405-scaled.jpg
mandynotes.com/wp-content/uploads/2021/12/ 100 KB
100 KB 1624ms
1622ms Image
text/html 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/IMG_2405-scaled.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9fd188b0ca88e509affc7ba3b84667962971b5b7e3dc7f1b447f9eec12b1867

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fb73HH8lwP32dzwdv4qvRM0GKxkwYMHdIDYz8eoeRbtJNovEKwnZIMlZq54uspWXlQ2g2bGNSNFKGybdSPjRjWpGtgttND8qzYP1Ne5PWCRoyzR0%2Fl8qZTA8%2Bwc98FaPxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 87bdf313df414d32-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=3,i
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 83C0059A-5613-44A9-890B-A0D8E8CCCB45.png
mandynotes.com/wp-content/uploads/2021/12/ 508 KB
509 KB 1517ms
1514ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/83C0059A-5613-44A9-890B-A0D8E8CCCB45.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ea3b70f36817a4b4e683731d6ea45b6059980db3a64d732c900e4a751441c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 520626
last-modified: Mon, 25 Dec 2023 21:17:35 GMT
server: cloudflare
etag: "6589f16f-7f1b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9kqOubK7dpmjs%2FDrJCBR2irrbjVSvMFsO0H82EPMaElddcLzlqEAwqJvveGtrtSG%2BeZMPZ4VhtFEIbJwxHx2EerExaGa8H%2Fglx%2BFNy%2FNfhxAG4UORsTEtEgN8imqC1L3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf313df444d32-FRA
priority: u=3,i

GET
H3 200 1A9FCD83-52A6-4076-9234-799118FC6059.png
mandynotes.com/wp-content/uploads/2021/12/ 1 MB
1 MB 631ms
628ms Image
image/png 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/12/1A9FCD83-52A6-4076-9234-799118FC6059.png

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c522f4416a22e9b3e4e5c725facc757ee73ecd65e907aad67043c05fda7c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 1365194
last-modified: Mon, 25 Dec 2023 21:17:35 GMT
server: cloudflare
etag: "6589f16f-14d4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAdqGPrvWR2inqEY4mQhxzi95%2Bs27m4ROQqP6xH3oDNBCwZHaBXdgOzgauGZZf0oFEw75DKg5U7gG9IRRFW259s27mNSUANJqSlfw7sXoc%2FcssmAzo6f7928NgMkk6RWxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf313df464d32-FRA
priority: u=3,i

GET
H3 200 VIXX.jpg
mandynotes.com/wp-content/uploads/2021/06/ 127 KB
127 KB 1515ms
1512ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/2021/06/VIXX.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 129711
last-modified: Wed, 25 Aug 2021 06:59:23 GMT
server: cloudflare
etag: "6125ea4b-1faaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkmFv4iRPtsNgDA7aP7YoCvquZcQr7TqPxkmFdirjhqnqhY1aB1bUwA5ghW1xjpFQMtgfNLh4gvqLOr6DI52aYFzKJaoHOHwLOiQf%2B2Plkbx58nNvZCehlc3aM%2BYyqdC4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf313df484d32-FRA
priority: u=3,i

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 46ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KNSMQ888FP&gtm=45je44o0v9116217875za200&_p=1714379630652&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=612178456.1714379631&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714379630&sct=1&seg=0&dl=https%3A%2F%2Fmandynotes.com%2F&dt=%E6%9B%BC%E5%A8%A3%E6%85%A2%E6%85%A2%E9%81%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2609
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 08:33:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ 0
192 B 928ms
228ms XHR
application/octet-stream 104.199.245.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=53dcb55d-6511-4054-8842-58ec205c0843
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Apr 2024 08:33:52 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 23ms
9ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=193817632&post=0&tz=8&srv=mandynotes.com&j=1%3A13.3.1&host=mandynotes.com&ref=&fcp=2468&rand=0.2973799316226413
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 29 Apr 2024 08:33:52 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 persistentID.html
man.vm5apis.com/dist/ Frame F0D8 0
0 21ms
6ms Document
text/html 2600:9000:206f:5800:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/persistentID.html
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5800:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 17470
content-encoding: gzip
content-type: text/html
date: Mon, 29 Apr 2024 07:24:02 GMT
etag: W/"76ad014071673508950b9f0395151cf8"
last-modified: Tue, 07 Feb 2023 10:42:21 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-id: etyE0wcSyc0UMLSdWVEJypJ4D1uaNvJcG4CLGAW6BQSbECfMUEoRDg==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b62977b19822a8df3c0ba13ccabd5c47ff0e6e2d041a8095803d2c4ba771d596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75384
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Apr 2024 08:33:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KNSMQ888FP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63706dcc093cda90dbd570de36febe3ababfc9544a63d42008ea6fc0660a4dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75554
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Apr 2024 08:33:52 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1756ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 06:51:38 GMT
server: nginx
etag: W/"65e6c0fa-15e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Mon, 29 Apr 2024 08:43:53 GMT

GET
H2 200 cm.js Show response
t.daexauto.com/ 2 KB
1 KB 182ms
7ms Script
application/javascript 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/cm.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:53:16 GMT
content-encoding: gzip
age: 2436
x-guploader-uploadid: ABPtcPqmXBC5Kjcs_wDLX4CLszBVmUpL5EwuLgforhUVqCEHRyR_UprSb-SOOFaURmsXrD2duQYXfwPDIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 605
last-modified: Tue, 20 Sep 2022 03:01:56 GMT
server: UploadServer
etag: "5cc302c71332a6e8596d563d8e1d4412"
x-goog-generation: 1663642916783214
x-goog-hash: crc32c=fEiJzw==, md5=XMMCxxMypuhZbVY9jh1EEg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 605
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 29 Apr 2025 07:53:16 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 13:26:32 GMT
x-content-type-options: nosniff
age: 155240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 13:26:32 GMT

GET
H3 200 fa-regular-400.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 24 KB
24 KB 1230ms
1229ms Font
application/octet-stream 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-regular-400.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 24488
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: "6596c049-5fa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdef3wkkjlORamI%2FLPT51OQs1qyKaLDx1e9VWVqW9Br1sted%2BvP1gs7OQNW%2FzyGy%2BSU8s1%2FYdMXGXQEh1KOXh7942XAgbYBaDb4%2FiQq6vCxDBVYiGRDXCF%2Bu%2BzWxH2NxzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e6bc44d32-FRA
priority: u=0,i=?0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:37:05 GMT
x-content-type-options: nosniff
age: 208607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 22:37:05 GMT

GET
H3 200 fa-solid-900.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 147 KB
147 KB 1501ms
1501ms Font
font/woff2 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-solid-900.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: "6596c049-24a04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dHDEP0qJmhYB7LDGS6T8K5quUMfznvJZ4RHx6eTbDdG1F9EDphRFAO9yt2Dhjw7UwaluLvm9H9KQrxDlMCcIYS1kJwLl3DCKqJr7rqtCAs4G%2B8GlbHLxNkyP0alWVFkQYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e6bc64d32-FRA
priority: u=0,i=?0

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=2.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 18:34:04 GMT
x-content-type-options: nosniff
age: 136788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 18:34:04 GMT

GET
H3 200 fa-brands-400.woff2
mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/ 107 KB
108 KB 602ms
601ms Font
application/octet-stream 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/mystickyelements-pro/fonts/fa-brands-400.woff2

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/wp-content/plugins/mystickyelements-pro/css/font-awesome.min.css?ver=2.1.6
Origin: https://mandynotes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 109808
last-modified: Thu, 04 Jan 2024 14:27:21 GMT
server: cloudflare
etag: "6596c049-1acf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJl9BMzoKr4SPZKYqTDmd8wfLfVZMFtawANXkjMofCf9UrVgLiS7X%2Fs2b5P2rW3t7ozbemDEzPFRvuGG1dfJj9Roo4O9yuElwM7WfkrfhnEuzdyc8hOvQdck1PabNTpQ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e6bc84d32-FRA
priority: u=0,i=?0

GET
H/1.1 200
OK /
cm.lndata.com/ 35 B
470 B 1588ms
313ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4027&uid=53dcb55d-6511-4054-8842-58ec205c0843
Requested by: Host: mandynotes.com
URL: https://mandynotes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Date: Mon, 29 Apr 2024 08:33:53 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

POST
H2 400 connect Show response
vahfront.vm5apis.com/lite/ 88 B
521 B 435ms
278ms XHR
application/json 34.111.137.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vahfront.vm5apis.com/lite/connect
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.137.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.137.111.34.bc.googleusercontent.com
Software: /
Resource Hash: c887d5125c1ffec7752cfa76d7f2db16d1a6a69f57e8f330dd0445a61580d18b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin: https://mandynotes.com
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 88
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 921.7a6f43ef91a0ae3bd065.js Show response
mandynotes.com/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 1149ms
1149ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/themes/blocksy/static/bundle/921.7a6f43ef91a0ae3bd065.js

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6ba0d52497a6435af276340d537dfa35f7843378aab1e15dbc86d4aa6e4b60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 06:24:12 GMT
server: cloudflare
etag: W/"662b488c-7a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ma6TsXFhdwATxRqwCUsNpdOSjrEEhMjeMZ8mDHfehR3h7vcTX1Li1IPMZuHuaPKUun4WOZcNKvj1vk50PbZvseFG3IbMHmj4ZW4vf8gpbq1Pe9TX4%2FZ75cd%2FKmcGNnzsnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf31e2b944d32-FRA
priority: u=3,i=?0

GET
H3 200 290707657_574852714160241_4486527713873087896_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 12 KB
12 KB 1169ms
1168ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 11931
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-2e9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vb1DXH7ur4fKKxF76dL%2B%2FBaADJ9ke0C05v5BvrQXpBOpmCCDI5xjGXB%2FL55ipmSBDS4itEk%2Bz2XIIfWVTWpjjXZdVqBp4LZD13Fe3SYC6E96j9gVBIKrHqWOMurcRJpcaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e5bba4d32-FRA
priority: u=3,i

GET
H3 200 287217568_160686366461413_7366712871875368301_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 14 KB
14 KB 1201ms
1200ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 14218
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-378a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGiC69tNHD1czYa1PBDzamGPfgbAXyfeFtdUhJ3wrzC8LJCpMiQbHR1HcS5WZ4ao5p6NCdzOegXL6rz6rKjqhFZkVPHDzGtpVphtXOpnieSa5ouvJ443sGT7TMTlcq4mQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e5bbb4d32-FRA
priority: u=3,i

GET
H3 200 283765183_2561605660637417_6847878822727222019_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 17 KB
17 KB 1184ms
1183ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/283765183_2561605660637417_6847878822727222019_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 17241
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-4359"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ex%2FQUaknQu%2BUWu5oVffavJXPyGn%2BY0aRIKpaMtGrFAwCAR8JYsNJt24UH3PhdmsSeUKYgQ1MXzUNRRtJHa%2BHihTWDVKC1un6P5jgU3YXJqLoWieXDt%2B90l8uRULSXdMsMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e5bbc4d32-FRA
priority: u=3,i

GET
H3 200 281884683_396541252361589_8956761148631846597_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 12 KB
13 KB 1191ms
1190ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/281884683_396541252361589_8956761148631846597_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 12288
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-3000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLU5NjsjX11ITxgZHpoRWM1LNiNt%2BVuvmkzL4dimK1YPk9IpoGCJgmjUK8cYjgDpqbzgtQby5bV7HKfqjQ1ZxTjh0zwB%2FkNZj2hS5XnXCpCGbyuSbc3AINh%2BHndLB6XPSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e5bbd4d32-FRA
priority: u=3,i

GET
H3 200 280139623_283474380549111_8818302409236210254_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 26 KB
26 KB 1225ms
1224ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/280139623_283474380549111_8818302409236210254_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 26225
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-6671"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8jPm%2BJ1zVv2btaDG4cQ7I5papDR6G3DVGGBqysCXgYgILPgogFF8qEVPPJCogHd0oVL6hWBG7rwNpJGna9MVlmbs0BOq3BCVSGBEmrfx1dLTZWN6mAEJAR%2BcgY2rXkKRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e5bbe4d32-FRA
priority: u=3,i

GET
H3 200 279844487_3159380181047996_2449311943832026812_nlow.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 13 KB
13 KB 1194ms
1193ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/279844487_3159380181047996_2449311943832026812_nlow.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 12826
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-321a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=he62j2H1xVnpnhUVgH5G7KRCoBKtP3ltJNnts1MpDOTQtgrrb14J82MbKmEppIs1lkWF2pzgox2rDBaRvX69%2FRjDOx5Ii9fF7vfrerSeFfnILGIpWlMfYJqMVKdMSwRn8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf31e5bbf4d32-FRA
priority: u=3,i

GET
H3 200 sticky.js Show response
mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/ 15 KB
4 KB 345ms
344ms Script
application/javascript 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js?ver=2.0.42

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96f071e438795b8d647e5b5beba0a42df5d9a1b72ab9820436ea26f45ce56af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Apr 2024 15:19:04 GMT
server: cloudflare
etag: W/"662bc5e8-3a8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO%2BrVU7La390ybO8TdGG5gXI%2Fo4wMB4qLkKO6ufiFrUrWm1DjsN6gV6QK2t58wQpeNKYMSpYUuRrOuDiG5TGQe9iycfpFi7NpkLCCD5bfHE6cUUU0NantMI3qEGDk3M0HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bdf31e6bc94d32-FRA
priority: u=3,i=?0

GET
H2

200

activityi;dc_pre=CN2eiuiB54UDFaVLHgIdllcCGw;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=ht...
11009166.fls.doubleclick.net/ Frame D9FC
Redirect Chain

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16...
https://11009166.fls.doubleclick.net/activityi;dc_pre=CN2eiuiB54UDFaVLHgIdllcCGw;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b4...

0
0

46ms
44ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11009166.fls.doubleclick.net/activityi;dc_pre=CN2eiuiB54UDFaVLHgIdllcCGw;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11009166&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 08:33:52 GMT
expires: Mon, 29 Apr 2024 08:33:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 08:33:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11009166.fls.doubleclick.net/activityi;dc_pre=CN2eiuiB54UDFaVLHgIdllcCGw;src=11009166;type=invmedia;cat=websd0;ord=4282579237636;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181783534za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPmmiuiB54UDFbdFHgIdLU4A-w;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=ht...
10559160.fls.doubleclick.net/ Frame 921C
Redirect Chain

https://10559160.fls.doubleclick.net/activityi;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16...
https://10559160.fls.doubleclick.net/activityi;dc_pre=CPmmiuiB54UDFbdFHgIdLU4A-w;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b4...

0
0

44ms
43ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10559160.fls.doubleclick.net/activityi;dc_pre=CPmmiuiB54UDFbdFHgIdLU4A-w;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10559160&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 08:33:52 GMT
expires: Mon, 29 Apr 2024 08:33:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 08:33:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10559160.fls.doubleclick.net/activityi;dc_pre=CPmmiuiB54UDFbdFHgIdLU4A-w;src=10559160;type=invmedia;cat=websd0;ord=6504132258262;npa=1;auiddc=2058040458.1714379632;u8=63d787c267696b000116b456;u9=63d787f767696b000116b459;u16=https%3A%2F%2Fmandynotes.com%2F;u17=;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44o0v9181773707za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fmandynotes.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.html
t.daexauto.com/ Frame BA14 0
0 147ms
136ms Document
text/html 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/main.html?partner=vmfive&member=53dcb55d-6511-4054-8842-58ec205c0843
Requested by: Host: t.daexauto.com
URL: https://t.daexauto.com/cm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-length: 13194
content-type: text/html
date: Mon, 29 Apr 2024 08:33:52 GMT
etag: "eaab32de7850de7dd79c63e84f311fa1"
expires: Tue, 29 Apr 2025 08:33:52 GMT
last-modified: Tue, 20 Sep 2022 03:03:06 GMT
server: UploadServer
x-goog-generation: 1663642986084651
x-goog-hash: crc32c=ixrhRQ== md5=6qsy3nhQ3n3XnGPoTzEfoQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13194
x-guploader-uploadid: ABPtcPrKf4WoDHVnZkY-4uY8B3RqZsC936SKnD-oTLVk8r06cuZDSXoJBwTCSc11A3dVJWG816c

GET
H2 200 addr.json Show response
iptoweather.vm5apis.com/ 25 B
115 B 703ms
228ms Fetch
application/json 35.229.142.89
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iptoweather.vm5apis.com/addr.json
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.229.142.89 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 89.142.229.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 034459fef9ffacf77c8575ef300be1b1f2364c49a7fead7b46183e6a569fcdf9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 29 Apr 2024 08:33:53 GMT
server: nginx
content-length: 25
content-type: application/json

GET
H3 200 290707657_574852714160241_4486527713873087896_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 39 KB
39 KB 1232ms
1232ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/290707657_574852714160241_4486527713873087896_nfull.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 39788
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-9b6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IS7Fo%2FEiHC8zFTi7OrjtFbHYZLBFO13mgdwVB%2BonUhG5MWM%2FmGWRSfLs1LLh3l%2Be9Pa5z6A8OHR8J0Yihu8rHEOHLaHELKz4uWLCzO6O0imhy670%2FjgjNVAezA3xbdYEQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf325ac784d32-FRA
priority: u=3,i

GET
H3 200 287217568_160686366461413_7366712871875368301_nfull.jpg
mandynotes.com/wp-content/uploads/sb-instagram-feed-images/ 33 KB
34 KB 1263ms
1263ms Image
image/jpeg 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mandynotes.com/wp-content/uploads/sb-instagram-feed-images/287217568_160686366461413_7366712871875368301_nfull.jpg

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 34078
last-modified: Mon, 11 Jul 2022 13:45:14 GMT
server: cloudflare
etag: "62cc296a-851e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f27v4Ev%2FL9mUXYtNAYIMsJ3%2FAS9W7QzhCPCFPpp1rydujiAI9OrmRXlHS3pzJq1hF3lOp8ovQlu0USVDoSjaUts2DWE3n8BqmZsgavTh4%2BgiUi6xovQAKDpi5w2ciSVMxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf325dcad4d32-FRA
priority: u=3,i

GET
H/1.1 200
OK pixel
pt0.vm5apis.com/api/v2/ 35 B
0 727ms
250ms Fetch
image/gif 35.194.212.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel?event=id_sync&provider=-&webBrowserId=2071dae5-62b7-4ce0-8278-817c7ef82d9c&eventDetails=%7B%22browser_id%22%3A%222071dae5-62b7-4ce0-8278-817c7ef82d9c%22%2C%22browser_id_shared%22%3A%222071dae5-62b7-4ce0-8278-817c7ef82d9c%22%2C%22browser_id_timestamp_shared%22%3A1714379633184%2C%22browser_id_cookie_shared%22%3A%222071dae5-62b7-4ce0-8278-817c7ef82d9c%22%2C%22browser_id_cookie_timestamp_shared%22%3A1714379633184%2C%22browser_id_local%22%3A%222071dae5-62b7-4ce0-8278-817c7ef82d9c%22%2C%22browser_id_timestamp_local%22%3A%221714379633184%22%2C%22browser_id_cookie_local%22%3A%222071dae5-62b7-4ce0-8278-817c7ef82d9c%22%2C%22browser_id_cookie_timestamp_local%22%3A%221714379633184%22%2C%22referrer%22%3A%22%22%2C%22request_source%22%3A%22https%3A%2F%2Fmandynotes.com%2F%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36%22%2C%22platform%22%3A%22Win32%22%2C%22language%22%3A%22de-DE%22%2C%22ip%22%3A%22146.70.117.100%22%7D

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/iseeu/VPT_mandynotes.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 08:33:54 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://mandynotes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
406 B 287ms
287ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

271a7232485eb64d5338c5c34d61d65e77a77a447ff9b74af94ef59c07517317

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
275 B 287ms
287ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=6791b8b5-cb08-4a32-8e02-786b8585c72a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
191 B 300ms
299ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=8f86e5&cid=53dcb55d-6511-4054-8842-58ec205c0843&mp=6791b8b5-cb08-4a32-8e02-786b8585c72a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:54 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://mandynotes.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
6791b8b5-cb08-4a32-8e02-786b8585c72a.t.ssp.hinet.net/ 0
79 B 1057ms
284ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6791b8b5-cb08-4a32-8e02-786b8585c72a.t.ssp.hinet.net/pixel?bd=6791b8b5-cb08-4a32-8e02-786b8585c72a&t=8f86e5&referrer=https%3A%2F%2Fmandynotes.com%2F

Requested by

Host: mandynotes.com
URL: https://mandynotes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 08:33:55 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

POST
H3 204 rum Show response
mandynotes.com/cdn-cgi/ 0
140 B 38ms
37ms XHR
text/plain 172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://mandynotes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 29 Apr 2024 08:33:55 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://mandynotes.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87bdf332cbcc4d32-FRA

GET
H3

200

w-logo-blue-white-bg.png
mandynotes.com/wp-includes/images/
Redirect Chain

https://mandynotes.com/favicon.ico
https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

4 KB
5 KB

1172ms
1171ms

Other
image/png

172.67.129.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png

Protocol

Server

172.67.129.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mandynotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Apr 2024 08:33:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT - WP Cache
alt-svc: h3=":443"; ma=86400
content-length: 4119
last-modified: Thu, 21 May 2020 09:10:12 GMT
server: cloudflare
etag: "5ec64574-1017"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NVdQt7IvhxAaJakazS0vub9LpnkdndChLdSkQwZZFzGrmunQ1xReWb67EUzNecjOR6Fvyd2hLEqWsVZyHQstyfMaCpmMFf0oBkjMYi5oNl2GVOO40I9iobkSKsBY9O2sQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bdf33e9a824d32-FRA
priority: u=1,i

Redirect headers

date: Mon, 29 Apr 2024 08:33:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
vary: Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfyJRHf1uIUlDx0swvhx1t%2BsudgDnDx%2FrD%2FI1uwgJh6MYr0BKSYFVOoecMjgM6YBJBoHD7PS%2B6pICdn%2BQhnd64E8OtyWFxUUBp9Xy9rJdaI1Omw8ZG3Wh3LuRGyu3tIHOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://mandynotes.com/wp-includes/images/w-logo-blue-white-bg.png
cf-ray: 87bdf3350e454d32-FRA
link: <https://mandynotes.com/wp-json/>; rel="https://api.w.org/"
priority: u=1,i
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: demo4.iseeu.tw
URL: https://demo4.iseeu.tw/wp-content/uploads/2022/02/pexels-2.jpg/

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
man.vm5apis.com/dist	1970-01-21 05:48:59	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1714379633184
man.vm5apis.com/dist	1970-01-21 05:48:59	Name: VM5AD_BROWSER_ID_COOKIE Value: 2071dae5-62b7-4ce0-8278-817c7ef82d9c
.mandynotes.com/	1970-01-21 05:48:59	Name: _ga_KNSMQ888FP Value: GS1.1.1714379630.1.0.1714379630.0.0.0
.mandynotes.com/	1970-01-21 05:48:59	Name: _ga Value: GA1.1.612178456.1714379631
mandynotes.com/	1970-01-20 20:56:11	Name: MSE_HTTP_REFERER Value: https%3A%2F%2Fmandynotes.com%2F
.mandynotes.com/	1970-01-20 22:22:35	Name: _gcl_au Value: 1.1.2058040458.1714379632
.doubleclick.net/	1970-01-20 20:13:00	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:32:11	Name: receive-cookie-deprecation Value: 1
mandynotes.com/	1970-01-21 05:48:59	Name: VM5AD_BROWSER_ID_COOKIE Value: 2071dae5-62b7-4ce0-8278-817c7ef82d9c
mandynotes.com/	1970-01-21 05:48:59	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1714379633184
.hinet.net/	1970-01-21 05:48:59	Name: uuid Value: 6791b8b5-cb08-4a32-8e02-786b8585c72a
.mandynotes.com/	1970-01-21 04:58:35	Name: __htid Value: 6791b8b5-cb08-4a32-8e02-786b8585c72a
.mandynotes.com/	1970-01-20 20:13:03	Name: _ht_em Value: 1
.lndata.com/	1970-01-21 04:59:04	Name: admckid Value: 2404291633541846296
.mandynotes.com/	1970-01-20 20:14:26	Name: _ht_8f86e5 Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mandynotes.com/wp-content/uploads/2023/03/DaiDaiSpa-768x576.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mandynotes.com/wp-content/uploads/2021/12/IMG_2405-scaled.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vahfront.vm5apis.com/lite/connect Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mandynotes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10559160.fls.doubleclick.net
11009166.fls.doubleclick.net
6791b8b5-cb08-4a32-8e02-786b8585c72a.t.ssp.hinet.net
cm.lndata.com
demo4.iseeu.tw
fonts.googleapis.com
fonts.gstatic.com
iptoweather.vm5apis.com
man.vm5apis.com
mandynotes.com
match-hubble-man.vm5apis.com
pixel.wp.com
pt0.vm5apis.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.wp.com
t.daexauto.com
t.ssp.hinet.net
vahfront.vm5apis.com
vawpro.vm5apis.com
www.googletagmanager.com
demo4.iseeu.tw
104.199.210.210
104.199.245.202
116.50.36.71
172.217.18.6
172.67.129.122
192.0.76.3
2001:4860:4802:34::36
203.75.214.136
2600:9000:206f:1200:15:a9a7:4a80:93a1
2600:9000:206f:5800:15:a9a7:4a80:93a1
2606:4700::6810:5049
2a00:1450:4001:800::2003
2a00:1450:4001:809::2008
2a00:1450:4001:81c::200a
34.102.239.73
34.111.137.131
35.194.212.25
35.229.142.89
034459fef9ffacf77c8575ef300be1b1f2364c49a7fead7b46183e6a569fcdf9
046a5be00a8046c113a13ce1c0be8d25de4d91cebca99d5ba34346936bee93c2
09f8bc8291f64f495aa2c1b1a95c2fcf541a72e077dc90807270ff104e2800c6
0bb1e10dbb690e2e3b4e6abe3632918b47f7ee1ccaa5c174e9a1cc39a94965d1
0dadfcb1d00ec7b30133f65d63ccd855996ee1aa6348147b73cca79cd91c0890
12068182f11d222d11ded0fa8f7634f068084a052e64bcc47fae66ff53a9033d
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1e66987e84ebc8ad696bb03c441676460c75747f6de9087f6a6f5b91aa40f552
22da5f0a4d71e350caa293772de75f23c7670d2dd53b9517d693e3207c5e6d35
25513feb2a07c8d5794eb114332a70bb01cbf925830fe0eea9e7a5adde2ee1e3
271a7232485eb64d5338c5c34d61d65e77a77a447ff9b74af94ef59c07517317
275eff8894dcaa23fab335ce6ace71a79d918e689c4d5013c605bb0643fc4435
29decae2dffd4a7ac87b0d74c1879bd8a4e3d5bb1721e1ea19d0255c6895e754
2a3f566bbe2f088df70208164de9d99723dac4a3a37e1ab933f55b1c73a16194
2cf14dd765f4e984deed8d571b1615ecfc6fc8d287758ba1423a25f3c10c218c
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fd3a5fa32c9d8aa4a7a29a3d375ba06735f0582534873c5043f480ab53637b5
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
397a9b9ce07f535c3235236b1ac93736cd5ceab2fff97bc9a950bb336000c8ee
466669ce0a393852b5a765c513d0b5502f0ea35a9f56847718af5aa86dcfd018
4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55f5261200e45a4c82ce3086317930b6ff5e734b591b1072ebd99ce0e1c51889
5e568dc1579169ae8f0b159abd5d348f6dc7f345eb84c45868930464bc08825e
63706dcc093cda90dbd570de36febe3ababfc9544a63d42008ea6fc0660a4dd7
684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
73c522f4416a22e9b3e4e5c725facc757ee73ecd65e907aad67043c05fda7c40
761094d3031de6fc0d32291fc06e2d5c7b63f8a82a017e7ade0811cc002092aa
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ea07d95b1aa9838c74582199385ff06912479f98fe96952c1c3d56fafec0e4e
7f202a8ad7320cc76774b85868b02b6a81db9c5b06bd8bc9bba556370bf4fe7d
8057d8ef047c6a1bf9cc0230f7657dead23fb56ea2e934c030e228ab379b39d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ec834878761e44faae6b64f8bce9b9c697c3458495cc42595a42a3f90807fb
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
896adb75b41f312934d2c084c31df6af7a461567ab9b45cc76f5124d24cc3752
8db5a99955a6e894a01536872853636ed92e933b2faff90de8a1cafbaec79949
903e9ce7f8aeac0f07036d6324176111886c5efe6a3b1ace4c6a2228aab36118
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
95ab04443b5fc982a814103a35e97c0768d62b8b21fc259f40fb0b967152849d
9617206da0e0e50a5b686a0b6bbefe21259985049c743db989b5beb0c6474f73
96f071e438795b8d647e5b5beba0a42df5d9a1b72ab9820436ea26f45ce56af0
98659e17eba9024b911e23bc5205ae294bd7973ddb91983b5603742624fcf0eb
988b57582cd352f2c71b5fcfa8649a1b06384aa5b0f37d6b0627c6b29d39b9b3
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9d34b810c3f6cbf7f98005d4624988efc4accace19779d24ed580b0f1be4f955
a5ea3b70f36817a4b4e683731d6ea45b6059980db3a64d732c900e4a751441c8
a6ba0d52497a6435af276340d537dfa35f7843378aab1e15dbc86d4aa6e4b60d
a8b1672a2a8313fec05db1272f8f0679660ddb3e3ce223a483449ebd835e6570
a94797fbbdf249e0b86cfce84f76e05f18a3be22864c7157bf4f47281d7b5d26
aa44979f3360bfd486f138063b251df5c0cae73bdea4a52eb2a184b9f013f84a
ad33bc128653bc0425653188dde91a4e5154fd67ba5de0398c89a99d8a4dc39e
ad6da90c7c676b9c3ea80dae9a2e589a653bd258f26506e37fd212df20643036
b3df744ded789cf8fda881a83d1981054f1139039b47794fca74ce1b3e11cf23
b57b7b16306305c0ffc2968853da6025fe04d4a3be1b7d5bfa4593e04c375e09
b5c9f123ebd16997f50d81cbc2a40c8e1553487704bc67f501853d87e4ee1a90
b62977b19822a8df3c0ba13ccabd5c47ff0e6e2d041a8095803d2c4ba771d596
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b89ffd81c7420d6c0fb81ddbe609f8ded303ac53c200bf00508f5434ae48cf1f
bb4a584febc734009548e91f8b2893134067670373bf5b3254922d48c58388f7
bc75e5b34d94fef79e1ebb5bdae05cb944a17193382827fe666a724bd9eec69a
bf4f096f9d656631111cdf91411fc73f3e68f3ddb8b8b3ea12a149554ac93cf2
c3ab3282c8974ca6eb2b52461b75957a66f3b456852d3b2527d7bf341d36dc02
c59e332c6ef17e2180392e920c620a44e9d19db5c916f51a6e2436812173d9b6
c887d5125c1ffec7752cfa76d7f2db16d1a6a69f57e8f330dd0445a61580d18b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d11699672028c7d917de56adadb077c11e3bb4e14580a242870c4ed31c2e50d3
d261b03fea6392d5cf6220a7a9925497d1c3bd760990e24668542fc8bfa4c256
d3253052f515950819228de250155ebb75741ac7aa6e9d14792415b01279fb87
d474b00ed0fe9653738bd11c834b13efa13c59a76ad4be016e8b3f5a68173d6e
d5d02048d625e6fdaba8063decd1e9edcd57829147090ce1d64358e54d34f4bc
d79a6b0e86550cc7ebcb8f7da27e33335c85e61ad6531d2fc1d8f31c02cb36df
e07575dc748dc6a1fbbe4c64a611c2ddced2115b451bc4c205b63c14318ae148
e12eb911b140062f9e130082c2c47247c2f707c6a59edf2a4d5c2722e9e0236f
e37ba86536f9a12d450390901292af30f4393d4fe3e06b907d351ef876264301
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa7dca61bdb217b84520eb29e513ccadf2db39a85a6ad3c1d78255deb0e2ca
e613ed4308f865da260455901af0b7b2e0cc0bfe2c8dfa7aa4cc0aa3dcb974b8
e9fd188b0ca88e509affc7ba3b84667962971b5b7e3dc7f1b447f9eec12b1867
ee2cf08802b9ecc9b1cb13bed5e3bd9b00fca2a53cc4bfda875a7c6339500a07
ef50c6727cb0074307974e8ea6f3b2a7036b7f9dac38edb763ca5b412ee06c2b
f1c4916fc37af5dec08ebd1bc5138a4317fadd5b854bfc4137983b7ecfd38cf5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fabee0294a8be86c04f4d604d627d2f76e8b955a63f5678aa8a45079692bd85d

mandynotes.com Open in urlscan Pro 172.67.129.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

39 %IPv6

13 Domains

21 Subdomains

19 IPs

3 Countries

5442 kBTransfer

6933 kBSize

15 Cookies

9 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mandynotes.com Open in urlscan Pro
172.67.129.122 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

39 %
IPv6

13
Domains

21
Subdomains

19
IPs

3
Countries

5442 kB
Transfer

6933 kB
Size

15
Cookies

101 HTTP transactions
0 data transactions