mandor.vip Open in urlscan Pro
2606:4700:3037::ac43:b1cc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mandor.vip/
Submission: On December 18 via api (December 18th 2024, 8:57:50 am UTC) from BE — Scanned from US

Summary HTTP 38 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3037::ac43:b1cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is mandor.vip.
TLS certificate: Issued by WE1 on November 17th 2024. Valid for: 3 months.

This is the only time mandor.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	2606:4700:303... 2606:4700:3037::ac43:b1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	66.29.148.78 66.29.148.78	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2606:4700:20:... 2606:4700:20::ac43:4790	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	5

23 2606:4700:3037::ac43:b1cc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mandor.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 66.29.148.78 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server27-1.shared.spaceship.host

cxfteams-games-cloning-slots-gambling.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4790 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.databerjalan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	mandor.vip 1 redirects mandor.vip	2 MB
12	cxfteams-games-cloning-slots-gambling.top cxfteams-games-cloning-slots-gambling.top	86 KB
2	databerjalan.com cdn.databerjalan.com — Cisco Umbrella Rank: 139891	63 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	15 KB
38	5

	Domain	Requested by
23	mandor.vip	1 redirects mandor.vip
12	cxfteams-games-cloning-slots-gambling.top	mandor.vip
2	cdn.databerjalan.com	mandor.vip
1	cdn.jsdelivr.net	mandor.vip
1	cdnjs.cloudflare.com	mandor.vip
38	5

This site contains links to these domains. Also see Links.

Domain
direct.lc.chat
www.hkpools1.com
online.singaporepools.com
livedrawsydney.co

Subject Issuer	Validity	Valid
mandor.vip WE1	`2024-11-17` - `2025-02-15`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cxfteams-games-cloning-slots-gambling.top Sectigo RSA Domain Validation Secure Server CA	`2024-10-03` - `2025-10-03`	a year	crt.sh
databerjalan.com WE1	`2024-12-12` - `2025-03-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mandor.vip/
Frame ID: 1A3ECB0DFEF30632473D04F4874DFD27
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SINGGASANA77 : Situs Judi Online Aman & Terpercaya Se-Asia | Situs Judi Slot Online, Judi Bola &Live Casino, 24/7, Terbesar di Indonesia

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

38
Requests

97 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

2244 kB
Transfer

3893 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://direct.lc.chat/18928066/
Title: Help Center

Search URL Search Domain Scan URL

URL: http://www.hkpools1.com/
Title: HONGKONG

Search URL Search Domain Scan URL

URL: https://online.singaporepools.com/en/lottery
Title: SINGAPORE

Search URL Search Domain Scan URL

URL: http://livedrawsydney.co/
Title: SYDNEY

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mandor.vip/update_saldo.php HTTP 301
https://mandor.vip/update_saldo

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mandor.vip/ 154 KB
31 KB 1031ms
1009ms Document
text/html 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c6d749b751d9206525858c2a7fe66dee082c504a3630de2a68c4d198fb8b33

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f3df263bc89c334-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 18 Dec 2024 08:57:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSif9QOOYl7qguhGn8YcQzJGfy94BFf%2FOaQHvw9K7zhCWIG1HOcJ7lK9U13okBzxgXHICbkuYQdEzoV0kyZMGyajxOG%2BXMMNNeCrQAxdphL4OWEDb9CzhH3bEzsgdfl4H218y86zxS6k"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=11321&min_rtt=8004&rtt_var=7568&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4228&recv_bytes=4469&delivery_rate=859&cwnd=12000&unsent_bytes=0&cid=8f3cf128ebfad254&ts=1017&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 0a4ae62ed810513b.css
mandor.vip/_next/static/css/ 111 KB
18 KB 1022ms
1020ms Stylesheet
text/css 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbe74bf835f5f68961b88556e40ebc553dd6bdca9d33bab412cdef892abc58c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1ba7c-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SSWSohLhpFiFR4fRPkc8E0fWig7MQOERvyi4hhntap5tKD2aGA6oMsAZKYV7VIoeU0xoM7xm3nYoIGplIIGFlzNcRPpywB69OrbgWRoYGUeJ1OLNSMpgAP5nDAKqmpy%2Fzj8d2BZVT6w"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9993&min_rtt=7796&rtt_var=1179&sent=71&recv=36&lost=0&retrans=0&sent_bytes=65999&recv_bytes=7658&delivery_rate=8820&cwnd=22800&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2047&x=1", cfExtPri, cfHdrFlush;dur=5
date: Wed, 18 Dec 2024 08:57:43 GMT
content-type: text/css
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a1fb9c334-EWR
accept-ranges: bytes
content-length: 17826
server: cloudflare

GET
H3 200 54fc46000f7e20bc.css
mandor.vip/_next/static/css/ 4 KB
2 KB 766ms
765ms Stylesheet
text/css 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/54fc46000f7e20bc.css
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6328963b2262f23c457055adeabaca27241479471e65c63851bfc85a3d13dd5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "e7e-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lgin3iaabtOHH5kyWvNZP85QRjeGvDaYN43rUhZ5tbN05vMDqTm%2BycmjM%2B%2FnOCWYvT1T%2FTcMcpSEHciMwHV73oe77wyyPoSM%2Fs7fHA7JrLzIdWbSOappXPtsRsHb4Hicp9OuBDw9GT9m"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9790&min_rtt=7796&rtt_var=696&sent=46&recv=32&lost=0&retrans=0&sent_bytes=37444&recv_bytes=7485&delivery_rate=2673061&cwnd=22800&unsent_bytes=0&cid=8f3cf128ebfad254&ts=1796&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:43 GMT
content-type: text/css
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a1fbac334-EWR
accept-ranges: bytes
content-length: 1042
server: cloudflare

GET
H3 200 webpack-e30d72a36c0ae6d3.js Show response
mandor.vip/_next/static/chunks/ 7 KB
4 KB 739ms
738ms Script
text/javascript 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/chunks/webpack-e30d72a36c0ae6d3.js
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6def17b0527b9d3c34f5ec15ca9b597f4c97c2e0ceabc22766d53db5da10b067

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1b93-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbtJOVZfLuijVfm1rmNY0wytRomKyWhpHkEOFL%2FqTasWhFnjQWjoaXjxKOAtFHtbh8xH1Qg0GdVN9awBTTjVjnF5dY3A5HFvWRuzKEKikZfLV7MYIwNduUi6vQ3gddVetIfC%2BccORTN%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9790&min_rtt=7796&rtt_var=696&sent=48&recv=32&lost=0&retrans=0&sent_bytes=39220&recv_bytes=7485&delivery_rate=2673061&cwnd=22800&unsent_bytes=0&cid=8f3cf128ebfad254&ts=1799&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:43 GMT
content-type: text/javascript
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a4fcbc334-EWR
accept-ranges: bytes
content-length: 3185
server: cloudflare

GET
H3 200 1179-e1ca092b8d3f3375.js Show response
mandor.vip/_next/static/chunks/ 110 KB
28 KB 985ms
985ms Script
text/javascript 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/chunks/1179-e1ca092b8d3f3375.js
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49e6f0d87e34f7c79be5328532e02ac02e7a6cd8f7289a2b382957627d965720

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1b81d-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwXvF88YIOm%2FRCtQMntkE8BSeVC8LQiKPm5Ygtrq4kf2FhkiL9GWVEyNtXQfjxff6AGtA4a4JynUdNVQjGXH3Q8xWxbV2UpKHLzmyxfYqAh4kjYVWJLyzEWpFxNCLKurLosZWTo8Iz83"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9993&min_rtt=7796&rtt_var=1179&sent=52&recv=36&lost=0&retrans=0&sent_bytes=43199&recv_bytes=7658&delivery_rate=8820&cwnd=22800&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2044&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:43 GMT
content-type: text/javascript
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a4fccc334-EWR
accept-ranges: bytes
content-length: 28248
server: cloudflare

GET
H3 200 main-app-12309b691508e534.js Show response
mandor.vip/_next/static/chunks/ 520 B
938 B 725ms
725ms Script
text/javascript 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/chunks/main-app-12309b691508e534.js
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 035e00ade8582fa1724cc8d524df08314c19f7906ad94daa2ccfb6a2ddea0455

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "208-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wx0OuhAOKCizSjgl85THkbukQlQHRUvSgPz7vL7REXNjkPfyZazPPsXcvx6jhcYIGYJGTYo%2Fvrj4My3JbF1uc4LQYAPBxnj5v9LgsyVmMHrmpST1aJEGeXAxscuK0%2Btf2TwgmUQ8l3IE"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9790&min_rtt=7796&rtt_var=696&sent=45&recv=32&lost=0&retrans=0&sent_bytes=36483&recv_bytes=7485&delivery_rate=2673061&cwnd=22800&unsent_bytes=0&cid=8f3cf128ebfad254&ts=1785&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:43 GMT
content-type: text/javascript
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a4fcdc334-EWR
accept-ranges: bytes
content-length: 242
server: cloudflare

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 82 KB
15 KB 35ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Requested by

Host: mandor.vip
URL: https://mandor.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "619c057b-3a02"
age: 633953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwOtmBeL%2B0bCZ6%2Fax7UalTqoi29iEzn5ho1C53tsQ1QYoKUnzo63d0A%2Fmf0GK635ohZ1x1a5o5Kxyv%2FQ4CngZYNTlIQttvWlfYpGgdZg5D9P%2FswVJf3pGCNo6DcPBXZqtTdX6nSNsNEzig8JlZYFisrl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 08 Dec 2025 08:57:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 08:57:42 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f3df26a3fdd3314-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14850
server: cloudflare

GET
H3 200 9169410798_picsart_24-12-06_07-43-37-945.png
mandor.vip/assets/img/ 578 KB
579 KB 1285ms
1284ms Image
image/png 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandor.vip/assets/img/9169410798_picsart_24-12-06_07-43-37-945.png
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198cf5b05259ff947c9b732964a6a46b6f6b34ebdae4950da6f482b66e3532a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "907dd-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCY2bIknL97MU9JL2UV6DRa%2B4PZXs%2F6uHHCDxfeY42loczbboMbdpnWLgaH0D%2BxkZkPVc714Emcyh8TakGtRBRBtXxaJ3oRhdOacQLFJy1zpAURwR0nbIukFoZ3lmElxO%2FW4zCnlPluk"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10109&min_rtt=7529&rtt_var=4600&sent=124&recv=66&lost=0&retrans=0&sent_bytes=123877&recv_bytes=11971&delivery_rate=300565&cwnd=44400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2317&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a1fbbc334-EWR
accept-ranges: bytes
content-length: 591837
server: cloudflare

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 71 KB
19 KB 43ms
17ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: mandor.vip
URL: https://mandor.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ebca50c94128c068a2d83f38db9bfd2588743969e1c898a4dd019ae360a03b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"11bc4-JWxMSlNSQU/4HQVbkJ20ZJ5Q7to"
age: 29846
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lh5iTenpQ%2F3lmFys1UUr69EEOV5exCEW8VvuFPqZ0eR1Zcph5J1cKkwy8DgZ%2FySoCK4LQUj4PsN4r8sikECGBvG3631JiDJ%2FB4dHf9FQQkBofTg6vO0MqPPQCPVyDuUBqpmHBvXB%2BRl0zECU%2FL0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 18 Dec 2024 08:57:42 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21966-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f3df26a6f0942e6-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18752
server: cloudflare
x-jsd-version: 11.15.2

GET
H3 200 6626326894_coollogo_com-1446887.gif
mandor.vip/assets/img/ 140 KB
140 KB 1248ms
1247ms Image
image/gif 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandor.vip/assets/img/6626326894_coollogo_com-1446887.gif
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0730330f8215be56fe5cc8572e6a0eb6d89f66899a8fc171169176041df23e2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "22e19-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzMJI4bNUsR%2FHZrIgQikP10nFnKXgDporFy3Hn%2BOq5eTHqHSC%2BIO3cnbxJjZLjh0ZuScyd0Vs7V%2Bi6L4QArrWNZeG6JG1rKEudCj1nJDl2kXXOsxaIGBnuXSejuBl3cDiHamIw0Z9wxe"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10109&min_rtt=7529&rtt_var=4600&sent=97&recv=66&lost=0&retrans=0&sent_bytes=91769&recv_bytes=11971&delivery_rate=300565&cwnd=44400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2310&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: image/gif
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a4fd0c334-EWR
accept-ranges: bytes
content-length: 142873
server: cloudflare

GET
H2 200 GatesOfOlympusM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 14 KB
14 KB 591ms
141ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/GatesOfOlympusM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 55c23f1ac60f17d62b6b4792be068e222369eb47c82af2c9333eaaa35798e57d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 14369
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:50:46 GMT
server: LiteSpeed

GET
H2 200 StarlightPrincessM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 14 KB
15 KB 667ms
218ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/StarlightPrincessM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: e8d03230cca4042abc8dcb206eac74de2411b5208f73bd10c37e9bc1e95b9931

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 14743
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:41:42 GMT
server: LiteSpeed

GET
H2 200 SantasGreatGiftsM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 15 KB
16 KB 667ms
218ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/SantasGreatGiftsM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 8448e7e17741f2ceb79870490a769cc93d684f959977127ff0c332101abf1a24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 15859
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:46:50 GMT
server: LiteSpeed

GET
H2 200 AncientEgyptPMM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 14 KB
14 KB 666ms
217ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/AncientEgyptPMM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 1db5fd47f6078ee86abf388e1f84e233f19e0fa9399caab6431a3bf7410c3290

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 14003
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:42:56 GMT
server: LiteSpeed

GET
H2 200 AztecGemsPMM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 12 KB
12 KB 594ms
145ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/AztecGemsPMM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 2e43afdc85f332c514a301ca09da50f19a8acba41618971c1c1ef9c8d627114f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 12140
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:42:06 GMT
server: LiteSpeed

GET
H2 200 Dragons888PMM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 15 KB
15 KB 660ms
211ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/Dragons888PMM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 6a00b70dadf226461f61fca4b4ce135eac36058aa4f7fc5088d486d09574f62d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 15314
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:43:36 GMT
server: LiteSpeed

GET
H3 200 9169410798_picsart_24-12-06_07-43-37-945.png
mandor.vip/assets/img/ 578 KB
0 240ms
240ms Image
image/png 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandor.vip/assets/img/9169410798_picsart_24-12-06_07-43-37-945.png
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198cf5b05259ff947c9b732964a6a46b6f6b34ebdae4950da6f482b66e3532a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "907dd-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCY2bIknL97MU9JL2UV6DRa%2B4PZXs%2F6uHHCDxfeY42loczbboMbdpnWLgaH0D%2BxkZkPVc714Emcyh8TakGtRBRBtXxaJ3oRhdOacQLFJy1zpAURwR0nbIukFoZ3lmElxO%2FW4zCnlPluk"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10109&min_rtt=7529&rtt_var=4600&sent=124&recv=66&lost=0&retrans=0&sent_bytes=123877&recv_bytes=11971&delivery_rate=300565&cwnd=44400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2317&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df26a1fbbc334-EWR
accept-ranges: bytes
content-length: 591837
server: cloudflare

GET
H3 200 eafabf029ad39a43-s.p.woff2
mandor.vip/_next/static/css/ 8 KB
8 KB 776ms
775ms Font
font/woff2 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/eafabf029ad39a43-s.p.woff2
Requested by: Host: mandor.vip
URL: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://mandor.vip
Referer: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1edc-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vilHdLEcXonb%2BuuPo4nK%2Fqo9vmMHYlI2zs%2FWxAhRnoQc7RjZqNwsEkGdGRYyEcLA2S1DkiQ2HD5vzCX5LbXozXMKVq5DokAoSxsJ9s930qcvE9JIh33VzFKgHutxEeZTbpeGHegOnGGu"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8841&min_rtt=7125&rtt_var=829&sent=601&recv=127&lost=0&retrans=0&sent_bytes=683157&recv_bytes=14730&delivery_rate=2135547&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2940&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: font/woff2
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bd5c334-EWR
accept-ranges: bytes
content-length: 7923
server: cloudflare

GET
H3 200 b957ea75a84b6ea7-s.p.woff2
mandor.vip/_next/static/css/ 8 KB
8 KB 758ms
756ms Font
font/woff2 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/b957ea75a84b6ea7-s.p.woff2
Requested by: Host: mandor.vip
URL: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://mandor.vip
Referer: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1ea8-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jR5G8LXhrRZuvavGixx%2BvYuP%2BFl%2BHt98GeN%2Fb4FNhPSVU3jOAOv5IbX2VXBF6%2BfcNbSP8BfumOQboi4CebsKDzGLJLtG8rB4pFpyLLFUdutqJ%2BjM99y8A60%2BwSM9LtdpLH4%2FYpmvXQDv"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9163&min_rtt=7125&rtt_var=796&sent=576&recv=124&lost=0&retrans=0&sent_bytes=656805&recv_bytes=14587&delivery_rate=910605&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2922&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: font/woff2
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bd6c334-EWR
accept-ranges: bytes
content-length: 7871
server: cloudflare

GET
H3 200 4c285fdca692ea22-s.p.woff2
mandor.vip/_next/static/css/ 8 KB
8 KB 755ms
754ms Font
font/woff2 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/4c285fdca692ea22-s.p.woff2
Requested by: Host: mandor.vip
URL: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://mandor.vip
Referer: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1ea4-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QqHjrPbHATzc47D2IlYrBY5xb9Wx2Q76wKaU%2FNUWevcnGEFNzG9GpyE2CxjbB6Taym2kYIPo%2FH9rsNLVjoztg6%2BjnQLg370Rq2b77Uq7SIm1BwHsCeL7i4IaCW7oMx84txD7SzBC9ycJ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9384&min_rtt=7125&rtt_var=473&sent=568&recv=123&lost=0&retrans=0&sent_bytes=648048&recv_bytes=14541&delivery_rate=15551317&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2919&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: font/woff2
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bd7c334-EWR
accept-ranges: bytes
content-length: 7867
server: cloudflare

GET
H3 200 0484562807a97172-s.p.woff2
mandor.vip/_next/static/css/ 8 KB
9 KB 760ms
758ms Font
font/woff2 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/0484562807a97172-s.p.woff2
Requested by: Host: mandor.vip
URL: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://mandor.vip
Referer: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1f38-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTXwCZ14bAeH5w%2B33s05TtzpBIsCdnicuvnaC5E4wlNv4Rmhg1i2n3tVUqhfD6p3CB%2FGXO1B%2FGSIuIxge0qQ5pky3%2F7c5gEZvoOIO0%2FQkxC84IVZt9AqNBHcERTOxw1GcHmWUs6PvozI"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9163&min_rtt=7125&rtt_var=796&sent=584&recv=124&lost=0&retrans=0&sent_bytes=665574&recv_bytes=14587&delivery_rate=910605&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2925&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: font/woff2
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bd8c334-EWR
accept-ranges: bytes
content-length: 8015
server: cloudflare

GET
H3 200 8888a3826f4a3af4-s.p.woff2
mandor.vip/_next/static/css/ 8 KB
8 KB 766ms
765ms Font
font/woff2 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/8888a3826f4a3af4-s.p.woff2
Requested by: Host: mandor.vip
URL: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://mandor.vip
Referer: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1e3c-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jl5f8RZPsIPDIJ4mnEeRgaAAVvXSQ4SHp5fA%2B1JR5BdRhvtt4Nv4pjC578e3D4qvEkZvU5SljkJGEEYGMs%2FSsrdxfzUVhM6fi8oucDn5mBZr%2Bn7odEBDiDisSHAKBc75E1RiiizuPGeA"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9050&min_rtt=7125&rtt_var=823&sent=592&recv=125&lost=0&retrans=0&sent_bytes=674481&recv_bytes=14633&delivery_rate=1822564&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2931&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: font/woff2
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bd9c334-EWR
accept-ranges: bytes
content-length: 7763
server: cloudflare

GET
H3 200 7db6c35d839a711c-s.p.woff2
mandor.vip/_next/static/css/ 8 KB
8 KB 746ms
745ms Font
font/woff2 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/_next/static/css/7db6c35d839a711c-s.p.woff2
Requested by: Host: mandor.vip
URL: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef5511d8e7b39ae3f98ffed14d6071d7914e0c145fee5a79bb43aa962ff0fc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://mandor.vip
Referer: https://mandor.vip/_next/static/css/0a4ae62ed810513b.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1e88-628ad10b4c6c0-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZMSQ4pAaI09xeLBA%2FWVQ8qOLW9fn1uuR6tlOf8EsnEyjK5Bmj344HIgdPmbbKTVmUxFuLBHJ%2FWstUcJh9Wi4g%2FhClr1l1%2F%2FlfK7y4Drkrm2AqyVe35HCO5%2BlULE3Tyo%2B5DaUjDnEh%2FLs"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9384&min_rtt=7125&rtt_var=473&sent=560&recv=123&lost=0&retrans=0&sent_bytes=639304&recv_bytes=14541&delivery_rate=15551317&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=2910&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:44 GMT
content-type: font/woff2
last-modified: Sat, 07 Dec 2024 12:13:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bdbc334-EWR
accept-ranges: bytes
content-length: 7839
server: cloudflare

GET
H3 200 9145422821_banner_wd_singgasana77.jpeg
mandor.vip/assets/img/ 210 KB
211 KB 1321ms
1320ms Image
image/jpeg 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandor.vip/assets/img/9145422821_banner_wd_singgasana77.jpeg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17ff67d502f4cdbc7852a6fe1229666496ee30e94d7723176ecc3aec2692bca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "3473f-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hbzm%2BD6fenTqoHjTGJZ5N91RWeWFgW9oWBBDFS3Proq6B%2F%2BpjopxTHGW0ovOeVBoOyYHJhfhZr380BUWeJT5LEgk8q1xTIFWxkVAZ0%2BXVPKjwbU3Pp8S1ouJzPYUdgscRKAY5%2B4HEuiy"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8730&min_rtt=7125&rtt_var=1557&sent=841&recv=158&lost=0&retrans=0&sent_bytes=962450&recv_bytes=17039&delivery_rate=4351946&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=3482&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:45 GMT
content-type: image/jpeg
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bcec334-EWR
accept-ranges: bytes
content-length: 214847
server: cloudflare

GET
H3 200 5997609218_banner_wd_singgasana77.jpeg
mandor.vip/assets/img/ 210 KB
211 KB 1276ms
1273ms Image
image/jpeg 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandor.vip/assets/img/5997609218_banner_wd_singgasana77.jpeg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17ff67d502f4cdbc7852a6fe1229666496ee30e94d7723176ecc3aec2692bca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "3473f-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zCid8RO0H0uvwV%2FiTyfWG680ihse4OmhvYI53%2F7KtrY05RIgucojRyh842P%2FjN%2BMbeNGzNbhxU7bRjm1kAnFbjFB0I4GXjLqFRYYZt7119QungalF8BuizM1m4znlBQRdCysZInGZXA"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9822&min_rtt=7125&rtt_var=2319&sent=787&recv=152&lost=0&retrans=0&sent_bytes=898230&recv_bytes=16773&delivery_rate=3148&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=3437&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:45 GMT
content-type: image/jpeg
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bd0c334-EWR
accept-ranges: bytes
content-length: 214847
server: cloudflare

GET
H3 200 7036165136_banner_1jt_singgasana77.jpeg
mandor.vip/assets/img/ 103 KB
104 KB 1291ms
1287ms Image
image/jpeg 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandor.vip/assets/img/7036165136_banner_1jt_singgasana77.jpeg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b5b3763d3c86c08ee3401b8921e6b14f8cc69d445f6f91e532db52aebb8592

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "19dc3-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ldHTjqba%2BsQfgAiea03fOT%2B8YY3CoAz4vZhDM7Nz9rY1V081AX%2FEo50ifqgSI8zqFgD1DkYhanxOGZv7NtrFOHJH1AExC5JAV6SYPOTaGcBbAew4kTWwSML1F6TBp6F6i4hEq8bcIGE"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9284&min_rtt=7125&rtt_var=1766&sent=814&recv=155&lost=0&retrans=0&sent_bytes=930340&recv_bytes=16906&delivery_rate=3998652&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=3452&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:45 GMT
content-type: image/jpeg
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2712bd2c334-EWR
accept-ranges: bytes
content-length: 105923
server: cloudflare

GET
H3 200 market-popup-desktop.webp
cdn.databerjalan.com/cdn-cgi/image/width=auto,quality=75,fit=contain,format=auto//assets/images/static/v3/lottery/icons/ 25 KB
26 KB 133ms
25ms Image
image/avif 2606:4700:20::ac43:4790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.databerjalan.com/cdn-cgi/image/width=auto,quality=75,fit=contain,format=auto//assets/images/static/v3/lottery/icons/market-popup-desktop.webp

Requested by

Host: mandor.vip
URL: https://mandor.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30830bc3ce47c17625edb8d7798437e42baa000dbe6cb6fce9d489ab6abdcdc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: HIT
etag: "cfZJ1IAUfkIOGngOZFog4Hw09UU2p-9J8yECHNTtOxDQ"
cf-bgj: imgq:75,h2pri
cf-resized: internal=ok/m q=0 n=24+75 c=0+0 v=2024.10.6 l=26047 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARoYnc5hgZIDuG0wE3vtX0oamd51nfZt7r9z9g7ZThYy2fjJcBfG2tYj%2FNkA5V8Eim08VguaZPkeC7tupmAdQGKOMKHVyd19bcm8skdF4HD1jWgaYbZqh00hkB8Ih1kWHB6x%2BQ4OtJ9yRtuuxdv7yNKz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7717&min_rtt=7682&rtt_var=1680&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4357&recv_bytes=4880&delivery_rate=80697&cwnd=12000&unsent_bytes=0&cid=702139992bf441c0&ts=117&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:43 GMT
content-type: image/avif
last-modified: Tue, 10 Dec 2024 08:51:34 GMT
vary: Accept, Accept-Encoding
priority: u=1,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: max-age=2419200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8f3df271d8b41819-EWR
accept-ranges: bytes
content-length: 26047
server: cloudflare

GET
H3 200 main-icon.webp
cdn.databerjalan.com/cdn-cgi/image/width=auto,quality=75,fit=contain,format=auto//assets/images/static/v3/jackpot/ 36 KB
37 KB 141ms
34ms Image
image/avif 2606:4700:20::ac43:4790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.databerjalan.com/cdn-cgi/image/width=auto,quality=75,fit=contain,format=auto//assets/images/static/v3/jackpot/main-icon.webp

Requested by

Host: mandor.vip
URL: https://mandor.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2587d8e3e157fdf3959366637bff9bc9c82f35754b04568ce845658527340050

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: HIT
etag: "cf14xZPg_MuMruLUr_raTkxAgYU2p-9J8yECHNTtOxDQ"
cf-bgj: imgq:75,h2pri
cf-resized: internal=ram/- q=0 n=0+0 c=0+0 v=2024.10.6 l=36595
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExGlXYJgr9iFsVdS09f7ASMIfEdP4Nyxy7L%2F18hsOt4WBUBrt4KlgBQ3ohqkuweqdyA8ubiVO%2BCveDdS3%2BvuDlz8lmTirfOhtn8yk79p9YPj%2BTofUEKN6BetIUncZsjQPA6BQHIWNMtWPK8JUK9B6F02"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7717&min_rtt=7682&rtt_var=1680&sent=24&recv=11&lost=0&retrans=0&sent_bytes=16329&recv_bytes=4880&delivery_rate=80697&cwnd=12000&unsent_bytes=0&cid=702139992bf441c0&ts=118&x=1", cfExtPri, cfHdrFlush;dur=7
date: Wed, 18 Dec 2024 08:57:43 GMT
content-type: image/avif
last-modified: Tue, 10 Dec 2024 08:51:37 GMT
vary: Accept, Accept-Encoding
priority: u=1,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: max-age=2419200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8f3df271d8b51819-EWR
accept-ranges: bytes
content-length: 36595
server: cloudflare

GET
H2 200 GatesOfOlympusM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 14 KB
0 3ms
3ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/GatesOfOlympusM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 55c23f1ac60f17d62b6b4792be068e222369eb47c82af2c9333eaaa35798e57d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 14369
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:50:46 GMT
server: LiteSpeed

GET
H2 200 StarlightPrincessM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 14 KB
0 4ms
4ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/StarlightPrincessM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: e8d03230cca4042abc8dcb206eac74de2411b5208f73bd10c37e9bc1e95b9931

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 14743
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:41:42 GMT
server: LiteSpeed

GET
H2 200 SantasGreatGiftsM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 15 KB
0 4ms
4ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/SantasGreatGiftsM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 8448e7e17741f2ceb79870490a769cc93d684f959977127ff0c332101abf1a24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 15859
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:46:50 GMT
server: LiteSpeed

GET
H2 200 AncientEgyptPMM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 14 KB
0 6ms
6ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/AncientEgyptPMM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 1db5fd47f6078ee86abf388e1f84e233f19e0fa9399caab6431a3bf7410c3290

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 14003
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:42:56 GMT
server: LiteSpeed

GET
H2 200 AztecGemsPMM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 12 KB
0 6ms
6ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/AztecGemsPMM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 2e43afdc85f332c514a301ca09da50f19a8acba41618971c1c1ef9c8d627114f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 12140
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:42:06 GMT
server: LiteSpeed

GET
H2 200 Dragons888PMM.jpg
cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/ 15 KB
0 7ms
7ms Image
image/jpeg 66.29.148.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cxfteams-games-cloning-slots-gambling.top/frontend/Default/ico/Dragons888PMM.jpg
Requested by: Host: mandor.vip
URL: https://mandor.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.148.78 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server27-1.shared.spaceship.host
Software: LiteSpeed /
Resource Hash: 6a00b70dadf226461f61fca4b4ce135eac36058aa4f7fc5088d486d09574f62d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 08:57:43 GMT
accept-ranges: bytes
content-length: 15314
date: Wed, 18 Dec 2024 08:57:43 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sat, 20 May 2023 04:43:36 GMT
server: LiteSpeed

GET
H3

200

update_saldo Show response
mandor.vip/
Redirect Chain

https://mandor.vip/update_saldo.php
https://mandor.vip/update_saldo

20 B
759 B

282ms
281ms

Fetch
text/html

2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/update_saldo
Protocol: H3
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d3e76269868fce8f73062f15244daf20c11878495f6d6fe9cfb8a7a4389bbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvb32uuLo7h%2BRrjWtDZYu%2BMn9YsyfVaOE10wKM0COWAs%2BwJN7poPmPh1Nzmwr3VxakhwwLJ1%2BlslKCP8TLZs4WpItbXm0e0MYx4l2ODpLQtqW%2B%2FVyJbz30ayfDqrF2UR85UVa4ieTqEt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f3df2786f9ec334-EWR
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8472&min_rtt=7125&rtt_var=482&sent=924&recv=164&lost=0&retrans=0&sent_bytes=1061566&recv_bytes=17311&delivery_rate=3976066&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=3607&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://mandor.vip/update_saldo
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xf7Hh2GuBh0rl2WIayAX%2B1UodTJs7DWn%2FJjiw1iXWEEvxc683yU8pIOmtwH6W8gSAZjCBBWhZZ4Y7djQanqKAbOM%2B%2B4ROZeVPw4K7ti6z%2B%2FYXXXHeY3YG0PHBa1Pd9w7AAJ0KPaIUyze"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f3df276dedac334-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10527&min_rtt=7125&rtt_var=1926&sent=784&recv=149&lost=0&retrans=0&sent_bytes=897182&recv_bytes=16355&delivery_rate=6225750&cwnd=152400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=3325&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:45 GMT
content-type: text/html; charset=iso-8859-1
server: cloudflare
priority: u=1,i

GET
H3 200 4065110882_picsart_24-12-06_07-43-37-945.png
mandor.vip/assets/img/ 578 KB
579 KB 1270ms
1270ms Other
image/png 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/assets/img/4065110882_picsart_24-12-06_07-43-37-945.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198cf5b05259ff947c9b732964a6a46b6f6b34ebdae4950da6f482b66e3532a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "907dd-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVijjzbXhw%2BttdM4ykHhBpHNPQJzJSOv%2BTPdf3L4WQybxBMcgteaLkIyGtFmZHeW09WCIu%2FVfGTEtKsZeV20ngrvSgFEuCLyzSptMAwKh%2FqFeN3sYcJXj%2FBIs1sNH1e6efW3c1rH3GrN"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8477&min_rtt=7125&rtt_var=314&sent=1251&recv=203&lost=0&retrans=0&sent_bytes=1448725&recv_bytes=19078&delivery_rate=6351755&cwnd=164400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=4403&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:46 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2773f06c334-EWR
accept-ranges: bytes
content-length: 591837
server: cloudflare

GET
H3 200 4065110882_picsart_24-12-06_07-43-37-945.png
mandor.vip/assets/img/ 578 KB
0 0ms
0ms Other
image/png 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandor.vip/assets/img/4065110882_picsart_24-12-06_07-43-37-945.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198cf5b05259ff947c9b732964a6a46b6f6b34ebdae4950da6f482b66e3532a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "907dd-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVijjzbXhw%2BttdM4ykHhBpHNPQJzJSOv%2BTPdf3L4WQybxBMcgteaLkIyGtFmZHeW09WCIu%2FVfGTEtKsZeV20ngrvSgFEuCLyzSptMAwKh%2FqFeN3sYcJXj%2FBIs1sNH1e6efW3c1rH3GrN"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8477&min_rtt=7125&rtt_var=314&sent=1251&recv=203&lost=0&retrans=0&sent_bytes=1448725&recv_bytes=19078&delivery_rate=6351755&cwnd=164400&unsent_bytes=0&cid=8f3cf128ebfad254&ts=4403&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:46 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2773f06c334-EWR
accept-ranges: bytes
content-length: 591837
server: cloudflare

GET
H3 200 6452595105_banner_1jt_singgasana77.jpeg
mandor.vip/assets/img/ 103 KB
104 KB 1240ms
1236ms Image
image/jpeg 2606:4700:3037::ac43:b1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandor.vip/assets/img/6452595105_banner_1jt_singgasana77.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mandor.vip/

Response headers

cf-cache-status: MISS
etag: "19dc3-628ad10a58480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZFAQxUlFbBWgOLQs4e9hoff6qtad0rT0ocSfddPn2H0%2BXmFTdtlBYT%2FWRHpqglQvMudNoqGSc9cunpkg1TdqTWC0ZTJcYk2%2Fde9e9zGWbcIoR%2BIKTfl2bA3bABp4W%2B1uaROMdJLCoUo"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9767&min_rtt=7125&rtt_var=490&sent=1802&recv=262&lost=40&retrans=40&sent_bytes=2102125&recv_bytes=22132&delivery_rate=8811599&cwnd=123479&unsent_bytes=0&cid=8f3cf128ebfad254&ts=8681&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 08:57:50 GMT
content-type: image/jpeg
last-modified: Sat, 07 Dec 2024 12:13:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3df2922ec5c334-EWR
accept-ranges: bytes
content-length: 105923
server: cloudflare

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mandor.vip/	1969-12-31 23:59:59	Name: PHPSESSID Value: g2s6l9knmk1kqf0b1ofn7iu5h0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.databerjalan.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cxfteams-games-cloning-slots-gambling.top
mandor.vip
2606:4700:20::ac43:4790
2606:4700:3037::ac43:b1cc
2606:4700::6811:180e
2606:4700::6812:ba1f
66.29.148.78
035e00ade8582fa1724cc8d524df08314c19f7906ad94daa2ccfb6a2ddea0455
0730330f8215be56fe5cc8572e6a0eb6d89f66899a8fc171169176041df23e2f
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
198cf5b05259ff947c9b732964a6a46b6f6b34ebdae4950da6f482b66e3532a5
1db5fd47f6078ee86abf388e1f84e233f19e0fa9399caab6431a3bf7410c3290
2587d8e3e157fdf3959366637bff9bc9c82f35754b04568ce845658527340050
289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2
2e43afdc85f332c514a301ca09da50f19a8acba41618971c1c1ef9c8d627114f
30830bc3ce47c17625edb8d7798437e42baa000dbe6cb6fce9d489ab6abdcdc6
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
49e6f0d87e34f7c79be5328532e02ac02e7a6cd8f7289a2b382957627d965720
4ebca50c94128c068a2d83f38db9bfd2588743969e1c898a4dd019ae360a03b1
4ef5511d8e7b39ae3f98ffed14d6071d7914e0c145fee5a79bb43aa962ff0fc4
55c23f1ac60f17d62b6b4792be068e222369eb47c82af2c9333eaaa35798e57d
57b5b3763d3c86c08ee3401b8921e6b14f8cc69d445f6f91e532db52aebb8592
6328963b2262f23c457055adeabaca27241479471e65c63851bfc85a3d13dd5e
643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354
6a00b70dadf226461f61fca4b4ce135eac36058aa4f7fc5088d486d09574f62d
6def17b0527b9d3c34f5ec15ca9b597f4c97c2e0ceabc22766d53db5da10b067
8448e7e17741f2ceb79870490a769cc93d684f959977127ff0c332101abf1a24
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
a17ff67d502f4cdbc7852a6fe1229666496ee30e94d7723176ecc3aec2692bca
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
bfbe74bf835f5f68961b88556e40ebc553dd6bdca9d33bab412cdef892abc58c
d4d3e76269868fce8f73062f15244daf20c11878495f6d6fe9cfb8a7a4389bbe
d6c6d749b751d9206525858c2a7fe66dee082c504a3630de2a68c4d198fb8b33
e8d03230cca4042abc8dcb206eac74de2411b5208f73bd10c37e9bc1e95b9931

mandor.vip Open in urlscan Pro 2606:4700:3037::ac43:b1cc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

1 Countries

2244 kBTransfer

3893 kBSize

1 Cookies

4 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mandor.vip Open in urlscan Pro
2606:4700:3037::ac43:b1cc Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

2244 kB
Transfer

3893 kB
Size

1
Cookies

38 HTTP transactions
0 data transactions