mandarinads.com Open in urlscan Pro
2606:4700:3032::ac43:afdf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ciakchapui.buzz/
Effective URL:
https://mandarinads.com/
Submission: On August 02 via api (August 2nd 2024, 2:02:05 am UTC) from BE — Scanned from DE

Summary HTTP 90 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3032::ac43:afdf, located in United States and belongs to CLOUDFLARENET, US. The main domain is mandarinads.com.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.

This is the only time mandarinads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:4780:22:... 2a02:4780:22:5645:4445:5d99:230e:c47f	47583 (AS-HOSTINGER) (AS-HOSTINGER)
26	2606:4700:303... 2606:4700:3032::ac43:afdf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2606:4700:303... 2606:4700:3034::ac43:a5cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2606:4700:303... 2606:4700:3034::6815:49c8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2.16.1.243 2.16.1.243	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2.17.100.232 2.17.100.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.17.100.240 2.17.100.240	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.96.191.37 172.96.191.37	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
90	10

1 2a02:4780:22:5645:4445:5d99:230e:c47f (Phoenix, United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

ciakchapui.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3032::ac43:afdf (United States)

ASN13335 (CLOUDFLARENET, US)

mandarinads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3034::ac43:a5cf (United States)

ASN13335 (CLOUDFLARENET, US)

lbstatic.winwinwin168.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3034::6815:49c8 (United States)

ASN13335 (CLOUDFLARENET, US)

924900.winwinwin168.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.1.243 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-243.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.livechat-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.17.100.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-232.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.100.240 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-240.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.96.191.37 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.37-static.reverse.arandomserver.com

mamakongbesai.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	winwinwin168.net lbstatic.winwinwin168.net — Cisco Umbrella Rank: 183424 924900.winwinwin168.net — Cisco Umbrella Rank: 170521	8 MB
26	mandarinads.com mandarinads.com	523 KB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5874 api.livechatinc.com — Cisco Umbrella Rank: 5307 secure.livechatinc.com — Cisco Umbrella Rank: 6900	33 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
1	livechat-files.com cdn.livechat-files.com — Cisco Umbrella Rank: 35420	153 KB
1	mamakongbesai.buzz mamakongbesai.buzz
1	ciakchapui.buzz 1 redirects ciakchapui.buzz	1 KB
90	8

	Domain	Requested by
28	lbstatic.winwinwin168.net	mandarinads.com
26	mandarinads.com	mandarinads.com
24	924900.winwinwin168.net	mandarinads.com
3	api.livechatinc.com	cdn.livechatinc.com
2	www.facebook.com
2	connect.facebook.net	mandarinads.com connect.facebook.net
1	cdn.livechat-files.com
1	mamakongbesai.buzz
1	secure.livechatinc.com	cdn.livechatinc.com
1	cdn.livechatinc.com	mandarinads.com
1	ciakchapui.buzz	1 redirects
90	11

This site contains links to these domains. Also see Links.

Domain
t.me
99vpn.pro
wa.me
id.wikipedia.org
app.winwinwin168.net
18.136.167.253

Subject Issuer	Validity	Valid
mandarinads.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
winwinwin168.net WE1	`2024-07-10` - `2024-10-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-11` - `2024-08-09`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh
*.mamakongbesai.buzz R10	`2024-06-23` - `2024-09-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mandarinads.com/
Frame ID: AC003AB894E90026B91E08889FBC18BD
Requests: 81 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=17491716&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 808828EF32F387B07DEB22EE50ACAF55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TOTO5000 : Situs Toto Slot Resmi, Bandar Togel 4D Online Terpercaya

Page URL History Show full URLs

https://ciakchapui.buzz/ HTTP 301
https://mandarinads.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

90
Requests

99 %
HTTPS

60 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

8784 kB
Transfer

11232 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/PREDIKSITOTO5000
Title: ROOM PREDIKSI TOTO5000

Search URL Search Domain Scan URL

URL: https://t.me/RESULTTOTO5000
Title: ROOM RESULT TOTO5000

Search URL Search Domain Scan URL

URL: https://99vpn.pro/toto5000rtp
Title: RTP Gacor TOTO5000

Search URL Search Domain Scan URL

URL: https://t.me/toto5000ofc
Title: Telegram TOTO5000

Search URL Search Domain Scan URL

URL: https://wa.me/+6281266920435
Title: Whatsapp TOTO5000

Search URL Search Domain Scan URL

URL: https://id.wikipedia.org/wiki/Toto_(permainan)
Title: toto

Search URL Search Domain Scan URL

URL: https://app.winwinwin168.net/toto5000.apk
Title: KLIK DISINI

Search URL Search Domain Scan URL

URL: https://18.136.167.253/
Title: https://18.136.167.253/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ciakchapui.buzz/ HTTP 301
https://mandarinads.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
mandarinads.com/
Redirect Chain

https://ciakchapui.buzz/
https://mandarinads.com/

13 KB
5 KB

601ms
540ms

Document
text/html

2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4947b9518de783b6b20c132009bf9842e3231aa2ef1e562ce73ae597df2403f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b60fda53a9c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 02 Aug 2024 02:01:46 GMT
last-modified: Fri, 02 Aug 2024 02:01:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7EUDm%2BnyWUBsoDt%2BWOnIddzfDYQ9hAlqHb6jU829PLNWffPPetPdmsT%2F1ZIWqDn%2FJU1IxSycHMSdYhs5Zc41xqE9OPY9UMm41upQo4KcDWN1QC%2BF0aEqbSz%2BsjcvDH6VOOLw%2BXPKb%2FRLCGXQTk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 795
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Fri, 02 Aug 2024 02:01:46 GMT
location: https://mandarinads.com
platform: hostinger
server: hcdn
x-hcdn-cache-status: MISS
x-hcdn-request-id: d26dd1619b051b4dc39b3f36c0ebeaff-phx-edge4
x-hcdn-upstream-rt: 0.630

GET
H3 200 pinkblack.js Show response
mandarinads.com/lottery-toto/colors/ 11 KB
4 KB 534ms
533ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/lottery-toto/colors/pinkblack.js?ver=cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fffd2081626b3bff5c17d312cd9cbd2681d8da94757f8a01ed3501041e08e6e2

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSVc31DXA75uE9XOqQ5YpxSFbiKH7I1WpX%2BCrFIH5%2Foj9s0leN6eAEOgInfXHIk9OAf88tDivqayIZdhB%2Fgd4vnf1NH4rtWAoeIwQVACThGpIsXPDB%2BxRZKY0ckyCUmVrDJJ2wZPv%2BzRx11NsWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b649fab3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.18ecc1a5.js Show response
mandarinads.com/static/js/ 933 KB
265 KB 1790ms
1789ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e841bdc8a8c19415eaf8596f3797dd1fe3c6db5a71c4828aa2a9cbf80160c633

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ak844zhYi0Pmi21izdLlSHzu3jZVO90IOK5NRnm44PL66hHIjKq1i1fZd%2BhZcICiU9h8akIA35yrDjg5WDReoPFJMSkHJ5jPYhdcObKK275ij7MRgInYGcvd9iyNfgk2AmDexLYEhXuGJKG9fG0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b649fac3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.ef8a0346.css
mandarinads.com/static/css/ 11 KB
3 KB 537ms
537ms Stylesheet
text/css 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/css/main.ef8a0346.css
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a4c6d96b10672f6bfae8264231e8b118b58973657a91745611fc3e34835e02

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=geJL0DGb3W3DEg8QGtVSitjJl5rOekiOIZalotqNKk0BIID%2FAoo5knN12f8Faxg9dIxb97wxAUmUhSOi8G5nEcr8SIscV8nXElHo0dyTVLtbN8LK4JO8sVxWHwjdKMw%2Be9iCcfhz62HGNh6ptwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b649fad3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 87 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63c018907512d2dcc563caf1e0fff301f7bef8911ef4e96a23c18383efbf5580

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 uxzAIGyuDmF7LB7hBsAu.jpg
lbstatic.winwinwin168.net/media/images/ 62 KB
63 KB 1080ms
1039ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/uxzAIGyuDmF7LB7hBsAu.jpg?webp=true&width=820
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f053e26da91cf6f9946fa13392b328b9b49e3e314767e8c5c21d4d8db81f087c

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:48 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 18:22:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H99yKy09bzxlJKXzCm9csfDboX%2FG88l%2FVRAocESHLFSmqbuDgWb2MsRTNuJoOVpH%2FE4akiR0Ga8Mrjs3AEM3fWQFFyrUGbBs%2FT0%2BrQyRxzb8ou0XqrPfKQ6BDawihtrf%2FeuBYyWOieplJx3C2D0nlr8KfgnCPacI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b6839879960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 63768

OPTIONS
H3 204 metadata
924900.winwinwin168.net/apipub/ Frame 0
0 571ms
530ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/metadata
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b72486b380d-FRA
date: Fri, 02 Aug 2024 02:01:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UKe8UyLc5G2yrwRY2PaTTkZWu3Nz133Zoy2yx1lmO7xbDBCzBUrBEuAD79OMTusCR1RhQ9nTeI8naEfNW%2BiKyyT1fRd1hWU09pHUF14ZiBX%2FRUhfC1Av8fWbfmi0mOUeizsY3gZO%2BCodEJMwI9Vdixblm5kbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H3 204 base
924900.winwinwin168.net/apipub/ Frame 0
0 575ms
534ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/base
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b72486c380d-FRA
date: Fri, 02 Aug 2024 02:01:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGR%2BlU1dg2m14k3aAmXF5A%2Figj6kEEgxt3lbRBsiWM6kAFUshWRullUapcUHXPcizk0gcd%2BU8oME%2BSITaAURFKstRNa9ZTaSfgT%2FxwWQoOdDnMoUPQ0g4jLTTp6btfMbw%2BmRDlXZ6OTFvHZV6GzfEUFtQECXqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 3149.cffb2d2c.chunk.js Show response
mandarinads.com/static/js/ 6 KB
3 KB 542ms
542ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/3149.cffb2d2c.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23b4803ba0743f27c04b34e2ae2a50e74a544215c3744a4804bb301148b4b98

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fni3MGE9nzzTwMYpZS242fBwJZElNHa9qcpMjgTxzDjf%2B4n1sW3%2BqOlwfB44jjdH0lwEPWOQDS0gKvlD04UVmkx6xCKDyjVYESx3Ggn40tRmXUqZZs%2FC%2FGYLnEhV0%2ByDwZi56mzVBVkQldX1K4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71feb33a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 8195.533c4f81.chunk.js Show response
mandarinads.com/static/js/ 15 KB
6 KB 773ms
773ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/8195.533c4f81.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8199d4cfb0d201b975b5c0ee7748b3e20bc4059951618c8fe5aed309442b2bc

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeL27bytSc8s4lq1Qn5uTiJt0vQgB5A2jF9pVd5%2FR3VwiaSUPEM82H91P0dOac1aMz3iywE0dhseqbvz%2Byofp9gHeV4vZ91OwAN2jPY6fP9XaEmhjeMNXiV2G15EnPNoQKV%2FjaKSiZFcsFaycJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71feb43a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 3433.0eaf8b18.chunk.js Show response
mandarinads.com/static/js/ 294 B
685 B 544ms
544ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/3433.0eaf8b18.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f1edbbdba5542c93a1cf4b2488b013daa0098349db42ed3bdf2cf4790abe0c

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vh%2Bm4JTexka1KPPsqKh9Pspmr%2F%2BztYqKrC3%2Fk1ewrhgp4SNTeoXI2MSrvi7K8ncPID9PWvw6juKUKstuH9XPZlonIiybIBCWgcwIv4DB24inwvvlOms%2FayXJjSB6GcZs2jW3WiCZsYPTwdjC3Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71feb63a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 735.4a6675da.chunk.js Show response
mandarinads.com/static/js/ 17 KB
7 KB 787ms
786ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/735.4a6675da.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b203a2b399445ba2287efa9cca3f47c0ecff9e0162ce48d26c4f762bda27c6bd

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ru0vkVOsbatkTfRy5jCbZHOvRz9Pl1FHavpmOgPAEyKjZqc3kvw13HtTg7I6bfU76YXhp%2FiSKSaht1ybTIhEsysz8pVxoNPIft5T4qBsh4KZ5WHOOqsw1nQIleu9BhvXf3gqSSjZq2mkIFFDTug%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71feb73a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1523.ee0af999.chunk.js Show response
mandarinads.com/static/js/ 62 KB
16 KB 1044ms
1043ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/1523.ee0af999.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6f0502fac92e6efad318ee712d8fc6cae44b58620a75b2962d94ee02be21969

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xHEX%2BS503YhujvjGg1mrlf8u6BpqM1pwHraYI%2BmF9gNuJM38iB7o%2FW12IbPtw3Qhk69HUeM5NXn%2BdFqO5eHu3GGb3nwF%2FHKPvaVLlTnkfkqwVOWRpMX%2BtfAsnmbHDFXAkuZru39nXzYqBtfyq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71feb83a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 6651.45408a95.chunk.js Show response
mandarinads.com/static/js/ 11 KB
5 KB 543ms
543ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/6651.45408a95.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58a3f71b4855cbd5748c94fac3c0dd91ae2388d64f8872ee05465cf08c10147d

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whp9kRGoNnY0an8vDO1AoknwN%2B4valE%2B%2BjgpAgFgyC39HYm3tuBiBPUsI%2BqUC0nLJKYOE%2Fus1zSfbXZuvlmHpa7Oi8AQRPQleZzc6j9xi9%2BdRqB7ypyJcSwCLfnNhvXo4VLz6vkxVRdJGXUC4s4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71feb93a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 6156.ce40ae5e.chunk.js Show response
mandarinads.com/static/js/ 6 KB
2 KB 537ms
537ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/6156.ce40ae5e.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a86e0099eb2a166a8a418f5771ec4e99a8ba8e5b01e4a333c729c2aff764079

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeS6UzoEIBvj1YBZLKE83g2iIQvzTth3K%2FlZaaQTna%2B3E%2B1FMKummjaaTFc0%2BmlHVd15TUvXM0NuNiR6tyO%2F9qSMMGn37oRiQZHafexqf4mepqynhtbqZ51Iut682yiFblRZijpnPqeNmH6Ivrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71feba3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 4721.96f2249e.chunk.js Show response
mandarinads.com/static/js/ 7 KB
3 KB 547ms
547ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/4721.96f2249e.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 620b0cb9999e300ed3bb34b3030ec83bc2624c8bb21f0780804577880ca74061

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BCm4M9rJANbJM3RcHnfPSgcQmGfPt5ytcQb0lfutarVWkJ%2BKBQdzPFPUyEpa1QFDnCuBo6H%2BtwNKi4oOTp6IRFGm%2BnF0n8Nlgfi31zqx3FPe40FzgEnVV%2FpgF8%2FsYdlBhvC%2B6ROzVekmPovRkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71febb3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 5126.cc109995.chunk.css
mandarinads.com/static/css/ 20 KB
4 KB 788ms
787ms Stylesheet
text/css 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/css/5126.cc109995.chunk.css
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a1a248a8000f74c466283f90ef88b262bd116cab4b7969177d8be9a776c685e

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jcCgi0gQkVSN2uk8DSTnxOYwm6NWA8mEFklHmeylEWwzeDxiBiohgOhcj4bcb%2FTdJiLwW5P0RE11k17T3WYv5SAR34jingO6tuKtVW7tlazEsghnPbVLbtuNzzMO62x82X4SwyM9%2FStbPGs8ps%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71febc3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 3735.42478e7b.chunk.js Show response
mandarinads.com/static/js/ 73 KB
34 KB 1031ms
1030ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/3735.42478e7b.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39524e7e771d4e866a20275b23074752860c2456611bc5da0057d07059bec2cf

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hf0QxCaP4J1KvvlBqObjcpwu3XWT7656GINhd53XkM3nsCBNCsw3Gr4KVmofehJSPpLAzPzpOwaKHr%2Fdz7hI%2FvhgSb95sNCwrHsNBO5rCTYR190Dk6cdvORQ3%2FFAejpLJSnCsyGfGmRhK9yDK6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b71febd3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 260.b3daa0a1.chunk.js Show response
mandarinads.com/static/js/ 17 KB
11 KB 788ms
788ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/260.b3daa0a1.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57bc7d294ebec48caeeb49dc68b0f576e043e30cb970be33235afa2e1a5b64f3

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41OA30jgBfGsMjHDmMLAJWaK2QsItQtn2YpejTuNJGAIbHMmLPxctBsYzJu0XgiiTo1SswXfvHqSoVlf17z0EzlzrXs7TspoZmMVrp3py6Asoz7x5iYBdjCXy0F2rrd%2F%2B3Bz9BA2Zw%2BRmJPGsPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b720ebe3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 3604.1e026f4e.chunk.css
mandarinads.com/static/css/ 9 KB
5 KB 528ms
527ms Stylesheet
text/css 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/css/3604.1e026f4e.chunk.css
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f83014ba775f89c2a9112508292288e98351c9cbc9363886eef17b8922b94e72

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LaPlEtWpWK0zSpIHaKXyQZFJkgFMIeACTPrEEyNtw2CzEo6ECRPNtd76MQxvaoPHzJRkc%2FD%2F46116OPE63jmCSd06hNGbQQ0D2y1IrRKxjRTJDkGyHnSET%2FmDw81%2FqVB%2BIE%2Fds9WMEmwe%2Fp6%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b720ec23a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 3604.323121b6.chunk.js Show response
mandarinads.com/static/js/ 90 KB
32 KB 1007ms
1007ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/3604.323121b6.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e27116841802e66b80fa23096f442d549c4ba396eab5a38faddeebde8ad00807

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zo7yH6cyvSwmWxqzjobXfe%2Byk00Ei2SQNTtUuiHTCP8JShaOhAIdvDfC3IxmAwMdPs5VSpmUf2xwg8Cso9jAFrzLeLXv6b3MV4XULnF2HzwyNfn3mcjWQ541pJ2FGyOrAAG%2BX2NdixYbb8NRtOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b720ec33a9c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 metadata Show response
924900.winwinwin168.net/apipub/ 16 KB
5 KB 277ms
277ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/metadata
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15342f60057db18dab528d45b60ba86dc17bda58210ccb0abec05110dab9d2b

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:01:55 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEtRiUnJibW%2FDoMYYg0oQkItz6M1kQdUCt3xCqfDb4chSjSwlnosT1p%2BAS6OTZcbJaww%2BXnNSN%2BY54uzmwfwXEhATwWLw1LVHLIOglpMUFoNrbE6K2SeBcpDgc4IJ9idh0hfNlqNkfzs3H96aKPdCfxX8ZW7LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b759a99380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

POST
H3 200 base Show response
924900.winwinwin168.net/apipub/ 13 KB
3 KB 280ms
279ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/base
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18928ed0ffd38abae5845751ce57964a5e585eb26f1b962f2cef5256dc37d138

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:49 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:01:55 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hbq9XsKGxtIjnRZEB6J9Or%2BETOsMUSLEqdHN%2Bt2QWJCYH7BfviBY6rjA6fuvhJJ5QVnypjZL8bSHBKr%2BO4wz63VqAZugsl%2B7qIjZpGGHZXKY06L6Q68lKzG0snba9vpyNoGbs16VF%2BUxd0YKDM%2F8cQuDFhX2wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b75aa9e380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

GET
H3 200 y9IZQeHb4731hsVALXft.png
lbstatic.winwinwin168.net/media/images/ 419 KB
420 KB 1043ms
1043ms Other
image/png 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.winwinwin168.net/media/images/y9IZQeHb4731hsVALXft.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d4f2b8bb401f731e068689da5f429574afe37b7288031d467627a3e88e58a2

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2024 12:58:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RD7plVe9XpuWMZjQ4O%2F7egdYNceIMNcj3pQaFr8hGHqIpxdGPvji6%2FwTqh6Jp4iTwjBcyaFP%2FPHOJFqYu5nJNTCq%2B7kgRwDpde5AAUtDlbw8cCEVYdNNMfWkHJSkFXlpHui1ckp%2F7AtpladOglRBE3%2BBAJcb2ikh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b721db29960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 429407

GET
H3 200 3882.f05d4243.chunk.js Show response
mandarinads.com/static/js/ 10 KB
5 KB 539ms
539ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/3882.f05d4243.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73b3872ffc51abb7a1735ae81e5342900672dacaf35c8c97b54e3e4b2e12d6d

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sNiya577nF%2BIK1L9fuCuIEO0Z3suOxN0kZSbI4bnySaJWnr4xke2ScoQmsOCxIb5CHs46Ez1T5nY6WNNsesJvcr65MlXTHwC%2BP33RZ0mXXW%2Fc%2BeDeiOfoiBeKxNRg%2FP%2BkEUei%2F56L5wWRwrOtY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b78ba233a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 9463.327c6ac7.chunk.js Show response
mandarinads.com/static/js/ 5 KB
2 KB 525ms
524ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/9463.327c6ac7.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4619ea24c9908fdc8818c450302e7aa576adc4ea6009275418a655942d7f6480

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NxyXIMxv%2BNG0FgWcHX7kC3Am9eKjVfeWE%2F7ChhfRfU3CQIpcXYVEgjDwRktNx4oAREuhrIfvaHRp%2BviPlaCGHHdjIBrJlaiTLLDcF5dkrCS%2Ff0VTQx8enrCW3hswJK73azIe2TV5jeCkKFvQkQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b78ba253a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 2539.872df02d.chunk.js Show response
mandarinads.com/static/js/ 6 KB
3 KB 533ms
532ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/2539.872df02d.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 795f603c3c3a60f2a0e38f5e1ff56c8cbad6b77e67d52110bccd9e6c9ac9a843

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qlu4T7mZmjmNtioTeCBhcz5d9zj94M3achuXc7hYpbyG9tFeuCwDVxV7S2bOfokGdRC5FKZ%2BgHCDr95vhp7aXbDk1jpA3t4cTsu3qInCQ4QLjPgkyb9g%2BXTCjjo5Y6t17%2F%2F8gAOVK0GDZ%2Fg5HoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b78ba263a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 5436.d25bf561.chunk.js Show response
mandarinads.com/static/js/ 30 KB
12 KB 777ms
776ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/5436.d25bf561.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a03887f911029b2fd54ad712aa3d4b7001b6b2699b9015cf3af7e25794c50886

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Qk%2FyTpF4vkp1U%2BLzQXD74LqfcvW3xPe6dBozSHv0LDNMMXMJFQHOD1RdFyeQKM01K04XhlSTA38QvyncrW5ot23FNP0mnrRRM7Ppc6AaOhYIjoz%2Fk8ZUWDwlR89MamdVhGq30mfwL%2FyjL5H%2BDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b78ba283a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 291.d92b95bf.chunk.js Show response
mandarinads.com/static/js/ 46 KB
17 KB 1028ms
1028ms Script
text/javascript 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/js/291.d92b95bf.chunk.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e656bdd5675287a20561008016f3cfd7a6704e948466fa35e64e0a5636c100e5

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0yeTIypmx912DqayBo59NnfC0x6hG63OFwOnzDNpsyWuRKUV9TmtvszkdOMN1iLq2b1htWCuF%2FZCbEDrFWfUjng0a6%2FuGmkto2qkWvsVQQ%2BskjRBn%2B9W351J4sLHW0ziwCKTUwFJGDB4eH1Pyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8aca7b78ba293a9c-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 204 script
924900.winwinwin168.net/apipub/ Frame 0
0 282ms
282ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/script
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b78cc3e380d-FRA
date: Fri, 02 Aug 2024 02:01:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTuvvlCiVLv3CNMELnjXgf5oIvJPOLEkYXlMOgYT4QxAs7AikNPRbZHzWwsNqguNHnJAYCuRAoe0Jpdybixupr4FSIugU9Su%2Fbva1Qz5Ve4Sywdiz99g8EktZj5bQ5Sf3NGTwH7e7IXhMzIvtzaO3xTS7B40BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H3 204 lucky_spin_for_newcommer
924900.winwinwin168.net/apipub/ Frame 0
0 281ms
281ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/lucky_spin_for_newcommer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b78cc40380d-FRA
date: Fri, 02 Aug 2024 02:01:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0HJ55qZzTdgNZM%2FNDq9SYH8LzLq7MUIH%2Fnw4Hsmydutd%2FSmhhJP4tFrFKr4B5teVGxUs1L%2BYIzpK3quAr4jdLjQ0azH%2FP84Dze0Q%2BLpwgrMEp5Wbks2QlqiCqzts%2FVxpekGclhh3VlycEdht%2BHuo9Tdb1YRmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H3 200 script Show response
924900.winwinwin168.net/apipub/ 2 KB
1 KB 276ms
275ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/script
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e777af28fa0435295dcc328ff766f6e316f721e39ef678136089aa62a43e36ff

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:01:55 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PggfC%2FRkJW%2F4En2Xl1Jz5ilPgTY%2FXPk24SkwtxxDrVHChF%2FHA2AvnMeO%2Bjxp6O88d0J%2FJwKr1vEQbQw11MsULwN9aOild7kvg1ncid0zNz4yDGf3EWKGLz1O5svRnJ37eblvROv2%2Fcclt%2F2Nedzte11m22TeVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b7a8d42380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

POST
H3 200 lucky_spin_for_newcommer Show response
924900.winwinwin168.net/apipub/ 58 B
518 B 280ms
278ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/lucky_spin_for_newcommer
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8359e4cee3bc993a11d15ab8784284e2b2c27d0d0a4b65c3d78fc963b7c89813

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:02:15 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yc88ZHEGRmWEjyUNRLG72wgdb5Z1YsdKLJV6RsYOJSsp8STVGvunxWi1ME8kTuSZ%2F8amxGFYXiU9Y4z3sUgtD22m6nLAGZ6qXz9XInCXITa9sGfK1prHLDFoLqPY7nBnkSMkLdO%2FjbLy3EhTDkn9pYsU4QZlyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b7a8d44380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

GET
H3 200 y9IZQeHb4731hsVALXft.png
lbstatic.winwinwin168.net/media/images/ 419 KB
0 0ms
0ms Other
image/png 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.winwinwin168.net/media/images/y9IZQeHb4731hsVALXft.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d4f2b8bb401f731e068689da5f429574afe37b7288031d467627a3e88e58a2

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2024 12:58:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RD7plVe9XpuWMZjQ4O%2F7egdYNceIMNcj3pQaFr8hGHqIpxdGPvji6%2FwTqh6Jp4iTwjBcyaFP%2FPHOJFqYu5nJNTCq%2B7kgRwDpde5AAUtDlbw8cCEVYdNNMfWkHJSkFXlpHui1ckp%2F7AtpladOglRBE3%2BBAJcb2ikh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b721db29960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 429407

GET
H3 200 FfbhlztyreLaVlpGmaLy.gif
lbstatic.winwinwin168.net/media/images/ 1 MB
1 MB 1044ms
1043ms Image
image/gif 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/FfbhlztyreLaVlpGmaLy.gif?width=80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3872e257431230e8c15c6944e8865e77b8353869e960c6adda208929234ee66

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jul 2024 16:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWfcmxlDaw19Kb4Z65ma4N2bm%2FARRWG09M3WPv9YOrQL7rHc%2FvdC2MmfhI%2Fo8acDKB5tZacSgt4dKIAqJ4j%2FG2hvXv%2BqjVeyDoZT9xp8AvV1plH4stwkq3yF%2BwJFsTKvFhKQQPoFFiLL5ga%2FevMDphWpVOcbTLcs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b7908949960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1528557

GET
H3 200 05pBKreJja4NQi0Cq2d7.gif
lbstatic.winwinwin168.net/media/images/ 1 MB
1 MB 1025ms
1024ms Image
image/gif 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/05pBKreJja4NQi0Cq2d7.gif?width=80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8beed245c42832d787fdcff25644db92d230b2bfc01e476cfe6ecc5b76b412f6

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Jul 2024 06:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96%2Bf78irTVIOiGzwlSUulz%2FTBD2JAJEWNF%2BkK4Axv3SgJKvtb1H8%2F4oDmJlMAmbPt8oF1xcmpKJgX6i%2FvqGfA3YkwKeU5glxZh7AWrQJ5bJGIPROXcFXDroEvn3xGxxAGRqca4bNO6Gn6YFOSmiynH0ggUJ7AL%2FV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b7908969960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1413943

GET
H3 200 2sGrqPAS9EGLSKFTpn58.gif
lbstatic.winwinwin168.net/media/images/ 1 MB
1 MB 1023ms
1023ms Image
image/gif 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/2sGrqPAS9EGLSKFTpn58.gif?width=80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8001afc49d78e954f0081b2f5d771483bc3fede1aedc4e724151c8c828cf916e

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Jul 2024 06:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lJnXYkZ0fWIC8gA1nGUDDMMm%2BOiasZkl0YJPiAnlqSyji%2FD9DQD2xak7UkMl7a3xx3I%2BWibetVFLIqYDmDQeIUNljSd1y9Pbj%2FD5XljrNEdfQlfxWMpNreRR%2Fvaoj%2BWhfeOe0AunSGpetXvX1bsvbKRMWKbKYJO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b7908979960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1397490

GET
H3 200 EhOnh9O3IxZY5ziKy5zu.gif
lbstatic.winwinwin168.net/media/images/ 1 MB
1 MB 1045ms
1044ms Image
image/gif 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/EhOnh9O3IxZY5ziKy5zu.gif?width=80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe4c8fa6807d40a16e6bb660d3badedfaecdc37c5941293e295ed653a6dceb3

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Jul 2024 06:31:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbYwEUDw4kbadzcaUmRi1CkrM%2Fr3mffWjptZXDM6A3t7OEmjNKk%2FlEfrwNWJQzlldmV2iCpUxUxtLSvM3jN2%2BMrL7WE6e6acPJRl6kEhQcvLUlNfk8oxqdNTGzq3skiqXCiiGpPMXHQcFKLtQqi0SR1s5v3Sl2oL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b7908989960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1363859

GET
H3 200 GfpYGXsNQBdORHLTxNEe.gif
lbstatic.winwinwin168.net/media/images/ 2 MB
2 MB 1053ms
1052ms Image
image/gif 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/GfpYGXsNQBdORHLTxNEe.gif?width=80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b3b17d4af37631141dbe04ac87e4b9ce041124d6331eb4a571c95705a173009

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Jul 2024 06:28:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubXj5xSoRX%2BsHpO86adc8JZ2Op%2BpLQjckNweVfwhcxwj3h2bzcxJFfZXDiLRDomzFvzyKan%2F8Iruf1O10Wtc98yQO1gTfWum4bsU0QLr59hcdwDs2Pxe4D19qDee7Z0SIn3jMMBb0VFjnbFM9xlTHTtggpPudsW7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b7908999960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1703991

GET
H3 200 y9IZQeHb4731hsVALXft.png
lbstatic.winwinwin168.net/media/images/ 419 KB
0 1ms
0ms Other
image/png 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.winwinwin168.net/media/images/y9IZQeHb4731hsVALXft.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d4f2b8bb401f731e068689da5f429574afe37b7288031d467627a3e88e58a2

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:50 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2024 12:58:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RD7plVe9XpuWMZjQ4O%2F7egdYNceIMNcj3pQaFr8hGHqIpxdGPvji6%2FwTqh6Jp4iTwjBcyaFP%2FPHOJFqYu5nJNTCq%2B7kgRwDpde5AAUtDlbw8cCEVYdNNMfWkHJSkFXlpHui1ckp%2F7AtpladOglRBE3%2BBAJcb2ikh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b721db29960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 429407

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 78ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mandarinads.com
URL: https://mandarinads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Aug 2024 02:01:50 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1328, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 8NsXSIEz7DUmOoIzUZfMDWRbe81Qc3cT+32TgKuxEHs7mHtoNB1JgQ+OiSx7wXvvqIQIkZo7A3TUToSvpnQQPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 83 KB
26 KB 111ms
22ms Script
application/javascript 2.16.1.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 440c8560684a525dd92d0e9a8b1ee986bd3924dea4b6ff9fa7d4108bfe7bdaa3

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: m8XcbckJ2ezOTmegMq3Kn4tsr5KhNGZj
content-encoding: br
date: Fri, 02 Aug 2024 02:01:50 GMT
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 26691
last-modified: Tue, 30 Jul 2024 11:04:19 GMT
server: AmazonS3
etag: W/"a573357ea74bf7c06c1a97aba228c70d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: AOPX0z50HMp-SuWS8ZdX2tuDVZAVMvsErdQbe_QsSyn3EZPsv25eOg==
expires: Fri, 02 Aug 2024 10:01:50 GMT

GET
H2 200 457611627126311 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 155ms
154ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/457611627126311?v=2.9.162&r=stable&domain=mandarinads.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6895756990e0dd932c2e22f78260b7fe254e61d40a9bb88586c23771ba105a20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Aug 2024 02:01:51 GMT
document-policy: force-load-at-top
x-fb-server-load: 62
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=59, c=44, mss=1328, tbw=64229, tp=-1, tpl=-1, uplat=125, ullat=0
pragma: public
x-fb-debug: pNjgLdy+vzWCptH4qnDWi+98ammCt115FYZ4HEG9Ce3WndqtBnGE7ID0D4ICyMFIJZpHUMp6YqURXF4/HiRzZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H3 204 promo_info
924900.winwinwin168.net/apipub/ Frame 0
0 530ms
530ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/promo_info
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7f781e380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUpOr8Iv3EP0MbzahykkUhvwqeqFZBfDMF1WdjJgAXI3C1npAo9Wc126kk7oTK6w2xgseiWWXtWUTm5zkfdIIzGd6e%2BnOCOFHtFDpnlIZ4kh1NeKz0YULRuwWEdbP5NCQoLsY9v6REtci8qkZOyuf%2FKy5qrY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H3 204 mobile
924900.winwinwin168.net/apipub/ Frame 0
0 286ms
286ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/mobile
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7f781f380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sgnrHwluBGOtnjLIdCchRQs2%2FjwJrJ53kPINwY1e0DuiLi9%2BMrZUZihNf1T9gcD0UYxkhfhDxKoLJe6JiHjm4NnkkYpoI9Unm2R3xcgVw6o4MuyeEAkSojHJkI58G1jc9mQrD%2BkMabKbgeFhlMee%2BUFVQJj05A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H3 204 home
924900.winwinwin168.net/apipub/ Frame 0
0 286ms
286ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7f7820380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEZDZmxA3LJE3vtywX%2BwXyvt356m9BfekkfmIEnlsnPPFfCQfrR7UBmn6HtM71Eo15KD6UCfnXVNRTNNyeVXZcGmCHUCW%2BwuVeeqGpEujFsCSnwUKIWO%2FZeMExwUw3EVYp9A555gBeO7PrZgn23uwFdiwaupzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H3 200 promo_info Show response
924900.winwinwin168.net/apipub/ 56 B
470 B 289ms
289ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/promo_info
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80211745fca6c4c80c83f8a674008e78f0ae0250d405d2464cd7229ed0a2898e

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WbrEc95wll9hnKo0e8CnAWX7kui7bmKWE3hROD0oNCo6WpEm7LpF9PJkA%2FAAEyyKwp6f%2BzsRGDtv594CVDyYkYV%2BgDHlysWp7EcDeqjXxehdVPe3g6T8TsmEJUGLlfWM4DoBPHEbWRh8wqsxnY1%2FNkat5Siyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b82ca31380d-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 mobile Show response
924900.winwinwin168.net/apipub/ 131 B
571 B 283ms
282ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/mobile
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6630d5b1cff0ccbf480419775911dcb853dac72f73ed5b258a1a4f5dd61ae64b

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:01:56 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMd2wimxc0ctH%2Fe2m6oPekVoeOjsttKmYymCZ%2B7M79Rp7w11hYXKo7nlCUocTcjg6ueckghnN8v7txZYyKncyMkZ5FEbl%2BmS8KD7GniYDZ3D4sjNHb%2B3jvKTRr%2B5dFI8yM2yleEQbZWX6ng6jeQKoNrlumnTYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b814942380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

OPTIONS
H3 204 is_enabled
924900.winwinwin168.net/apipub/daily_spin_bonus/ Frame 0
0 536ms
536ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/daily_spin_bonus/is_enabled
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7f7821380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LNB8PQVK8MeYNqyx36boZHihlzsl0jBFMitTYxrZJ1imSWzlCxge9jZiHgYKYxEkOzucgpQ5tOsywK%2BbsE7YkBW8mncu6qv7DF4Vx6c87hq5EMj%2FzwEqbrIxQZr0DHXNZ9KyXC6z424OxHFkA4liStd8MbyceQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H3 200 home Show response
924900.winwinwin168.net/apipub/ 212 KB
24 KB 279ms
278ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/home
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59e8b01576079d03320279bfeba8a5fe3cc1b8c965eb1465e4f65c72a7caec26

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:01:57 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hz8f%2BBa8LR1iowuw4aGczPdSCXUyBt%2F5EI11GpIgPkv8sz%2Bx%2Bl6JNbIvHY0JBj0Qsav%2F3ki9XYeihw0FTl9rafF1cQKEdsUSVzFLeX2Swxn%2FpEeHuPDZGAntWuHG91Q7ot%2F4Q8vQaR8PK6s42Y2phC5nKAol4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b814943380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

POST
H3 200 is_enabled Show response
924900.winwinwin168.net/apipub/daily_spin_bonus/ 42 B
456 B 291ms
290ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/daily_spin_bonus/is_enabled
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f7c338a453386d2722e8445660219f8cd12553c757a37a2c9829fdfec570c6d

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ls0k6oSCXp3Mg2b1q2nL9b3HI8n2m4iYxDIFccTcIccJKwlBWizEHIre5VrFxRFWkW2nPBcXzcAzwVcp1MucjKTHS4Bcz2Dwvd0Lka%2FSD0CCiNBRsUrMGpLgggs0gR%2BmzDz7XyZ1oySo3mU9c%2BD%2Fc1Y1uREivA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b82da35380d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42

POST
H3 200 list Show response
924900.winwinwin168.net/apipub/bank/ 7 KB
2 KB 289ms
287ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/bank/list
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34884269b9869006b73c6835de360877b7fd2a22d1faee3524b75978780f8c7

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:01:54 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DgsQBN3Q5JUaOyyok5KVPAEFjCszg%2BlvMfeqt8A0QrEXl7qOmfPkzzUGiYu2Yim7cxmdFXF800TuR4NEDZAM%2BCHFm9tp7OSo22rsZ49C%2BADLmIPd75nK9mlkGdLW545VeGE1eEVaS9iRFXKeyMJvBnqGf67jXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b82da33380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

OPTIONS
H3 204 list
924900.winwinwin168.net/apipub/bank/ Frame 0
0 533ms
533ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/bank/list
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7f7823380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8dx7GWRHUVyewbVBnNZhtSi30RiZ0%2Fdk9ZxqWeSanwUz7nO%2B8flbhH3ttQ32pRrkLXrD2RA6Y8%2F%2B6zI7cyp4Mn%2FX7RYg9OHwY83vbP73IU58A%2FBmWLghrtOCeWya3u2OgA%2FkBbWXd7rNxoX%2FXvp6I%2BMzzBOSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H3 204 generate
924900.winwinwin168.net/apipub/captcha/ Frame 0
0 523ms
522ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/captcha/generate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7fc84e380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfr30ZJkg%2F0fNr7Gj8mhDVXoI4U74rhIWvnrhTG7NUXjl9vB4WrgSKws9M1PmWdGnQWdQyi6O2l%2BomXLbLCuktVBArjh7wTuwLf4wdw0YTaDypZQ8np36JWhBkl22l0Fg%2BXlSqDKspbSvUUJ8ToneRFm6x3bqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H3 204 app_notification
924900.winwinwin168.net/apipub/ Frame 0
0 525ms
525ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/app_notification
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7fc850380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQ2M4%2BSIYJxbKDdSmp9KU%2FvsH15cHVorBaBM0UhwDtJOM%2Bklr9AtdEnZgpe53X6SCr%2Bc%2BQ%2BaNQCpfH5CAixssYRq5yNV5tSYxH%2FdsvhMRNtdWGJM68va9SF4aIZ2EyBRWEhmQRyDDKe4nhhZmfR%2B8qILpsvEZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H3 204 list
924900.winwinwin168.net/apipub/pool/ Frame 0
0 523ms
523ms Preflight 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/pool/list
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fe-version,x-account-id
Access-Control-Request-Method: POST
Origin: https://mandarinads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,fe-version,x-account-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca7b7fc851380d-FRA
date: Fri, 02 Aug 2024 02:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXRLJ7tSgB5VVRMt4gBDayYHao2rs4bl3zs1U5YRpB%2BSeE63akoIFG2AuSGN6HaS%2BIduJLAhVX0GAmDKH%2BojxBSJ%2F8lvNs8b01GSLgVZ%2FSFSxXt8vbjKqo68e%2FuKcWCTUeig%2B2ZccfqwZUFelOyuGHPgLnjNAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 Futura-Bold.5e9aa1fe6197fcdfd604.woff
mandarinads.com/static/media/ 20 KB
21 KB 800ms
799ms Font
font/woff 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/media/Futura-Bold.5e9aa1fe6197fcdfd604.woff
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ae374c2b8e249168b3477d53e469fd955da4edc1d8ff3566757acaca51ce33d

Request headers

Referer: https://mandarinads.com/
Origin: https://mandarinads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woCxyP2Vxh%2B1KIGk%2BkJKKJEzqEmV4Z%2BD6PleZfb9RhBD%2FzT%2BkC6oCHVLd%2B0u%2BJgnyan8UmMdNySD7evT0J8iz87dxDrb%2Ba%2FJsaDA%2FibzFMQYvE5DNEcRqAymmJNkHDDBx3LT6JSv1CaJM0vKUcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b7fcd5c3a9c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20908

GET
H3 200 UTM-Helve.4a6bccf59ab7ecf4d483.ttf
mandarinads.com/static/media/ 38 KB
18 KB 777ms
776ms Font
font/ttf 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/media/UTM-Helve.4a6bccf59ab7ecf4d483.ttf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82014b827c32d3dfd61fd15130a070019fb5589e8d8766ab0673c350c9b044f4

Request headers

Referer: https://mandarinads.com/
Origin: https://mandarinads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvLEb15F91kXuXjYp6EklVt0LJBy4RuKaF70P3Skw9QOa2FNylkLODantKgf8MkMRqOdXLhhQEKEHHDW78F5ssg0ZzhPjdw%2B%2Bug35GyoXu2xTtFgTQAKCG3gBSRgDN%2FkwvR%2FOdLyBF1VzhlxfS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8aca7b7fcd5d3a9c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UTM-HelveBold.b3c1319ed9a02fce73fe.ttf
mandarinads.com/static/media/ 38 KB
18 KB 788ms
787ms Font
font/ttf 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarinads.com/static/media/UTM-HelveBold.b3c1319ed9a02fce73fe.ttf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89616ce6ea4f579c49201d3c20551bcf8e6634eef67ffc9f6f6271aa473856f

Request headers

Referer: https://mandarinads.com/
Origin: https://mandarinads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBrxNYsi4m7%2B6%2Futu41iMUiw1D8v%2FFUprUP6fUW7e0uvU0TGbJL9sVVuFubWy5pGPBXTE5n4jQ3X6eTB6IgN0mc%2B96Ui12ah4x%2FuslVagAxylxCJSaP%2Bv8dOgOMZySgEJqNpYczBkQtiLlt16uk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8aca7b7fcd5f3a9c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 generate Show response
924900.winwinwin168.net/apipub/captcha/ 1 KB
1 KB 359ms
357ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/captcha/generate
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc79e383b32dc21b08d42d6190fb7ee688aa6a9454987fa750a454f400c5df40

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=he8QRu4Gmq5WYyucsaefzqCnfPdnikOEZu4CNmLVsCAp7WOHbUFmoKFcjtfGvtlOtQKjaHUucVC2VFKYRFg%2Fi1SEcnUH67IJqqdLHK1V9Ya6bOl54BCap2nke84%2BFF4ZanYS5pWOh1Qr%2Bso65VAuR5lul5zRSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b830a5a380d-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 app_notification Show response
924900.winwinwin168.net/apipub/ 89 B
492 B 283ms
283ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/app_notification
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47680877971185a375beb8745cfc58ba96f40a75ab4a18fe96f92232435be15c

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1E4emj69kOvdjO8SIm9flw7p0L8URaSJ0JqvDeWp9szBAK2Xhg1jk8%2B1VNQHZvOsmRjMXxdZlHDjkbWcprdvlDnBZ1pN09a4w3e3KUCUD19A6mWfzozi%2BvEHZ0gNFJfnKLSRqPJPcLkJPQHyNKvEh3VAWEjW0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b830a5f380d-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 list Show response
924900.winwinwin168.net/apipub/pool/ 9 KB
2 KB 290ms
289ms XHR
application/json 2606:4700:3034::6815:49c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://924900.winwinwin168.net/apipub/pool/list
Requested by: Host: mandarinads.com
URL: https://mandarinads.com/static/js/main.18ecc1a5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:49c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f13ab2dbfa6e7b4c6cbac69667d7e8a3f58a1c4f14909417be48f0050ea4d6

Request headers

Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://mandarinads.com/
Fe-Version: cc8e0a3650e0c3b7d955e74c2b5b83b6c95771af
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-ACCOUNT-ID: 4811769

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
content-encoding: br
cached-valid-util: Fri, 02 Aug 2024 09:02:17 SERVER_TZ
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxYUr9ifndhgK9r%2FTaWt%2BUwwPyfJFgMBTMF40g1oSw2Eh9tIadO%2F55t%2FzrNEtBRYA6HSa9mrcx6JZx2Y%2FjWUzUtYDRyP4in0I5iiaxB%2Fqfmn06V4nbh%2B9sorq0apOKqcuLEtjI6lg9kY5GJ3D9PcVlf6m2g27w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aca7b830a5e380d-FRA
alt-svc: h3=":443"; ma=86400
cached: true

GET
H3 200 BG-min.webp
mandarinads.com/lottery-toto/assets/pink/ 23 KB
23 KB 797ms
797ms Image
image/webp 2606:4700:3032::ac43:afdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mandarinads.com/lottery-toto/assets/pink/BG-min.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:afdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef46037bcb73deda80d305fc6c73bda75d703efae6717b2ee70e71017d53af65

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jul 2024 07:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ka13%2BAFQhNnIo8cfzrN7h%2BtTK0sUSEUx05DaINKhONM2a5BGH5I6oBkyX3QmoWVgbUGShYdXHvQTNAiILmAi6p1NdcJyheLBlbUz9yw3Zczf7U26R3d8Wn1qrgU%2Bpnafy%2FHN38Mr6rN7wzqtsec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b7fcd593a9c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23378

GET
DATA 200
OK truncated
/ 554 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41d9ea874b89586266e0ce638d1f4686e4132dea8329e790232add5d7e81138c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 CBpeEjJRKeyLdqY6OyV5.png
lbstatic.winwinwin168.net/media/images/ 6 KB
7 KB 541ms
540ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/CBpeEjJRKeyLdqY6OyV5.png?webp=true&width=280
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b43fb196e61c964e3fb5f1e6299cbcb84d1a5a12b6200e1bb479f2ff0105b3e

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2024 12:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BybwwPk7yP4orYNfP7UMLiYNRUT5luAqxG7T9bBpwmyCoZqrQ6CZAzMi7ltQW7jbXMJDQKXu%2F3mBJix6ME9lDaSMWn4GLm%2FjVlLPi5TK7HSorT3JMe5P8MB8sK85DNQKAUALFi%2FPkKPU5jh%2FGt9NiDpZSuiv8KQe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b800b449960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6464

GET
H3 200 uxzAIGyuDmF7LB7hBsAu.jpg
lbstatic.winwinwin168.net/media/images/ 62 KB
0 0ms
0ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/uxzAIGyuDmF7LB7hBsAu.jpg?webp=true&width=820
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f053e26da91cf6f9946fa13392b328b9b49e3e314767e8c5c21d4d8db81f087c

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:48 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 18:22:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H99yKy09bzxlJKXzCm9csfDboX%2FG88l%2FVRAocESHLFSmqbuDgWb2MsRTNuJoOVpH%2FE4akiR0Ga8Mrjs3AEM3fWQFFyrUGbBs%2FT0%2BrQyRxzb8ou0XqrPfKQ6BDawihtrf%2FeuBYyWOieplJx3C2D0nlr8KfgnCPacI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b6839879960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 63768

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 94ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=457611627126311&ev=PageView&dl=https%3A%2F%2Fmandarinads.com%2F&rl=&if=false&ts=1722564111483&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722564111480.143944386780568927&cs_est=true&ler=empty&cdl=API_unavailable&it=1722564111249&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1328, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Aug 2024 02:01:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 313ms
245ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=457611627126311&ev=PageView&dl=https%3A%2F%2Fmandarinads.com%2F&rl=&if=false&ts=1722564111483&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722564111480.143944386780568927&cs_est=true&ler=empty&cdl=API_unavailable&it=1722564111249&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 02 Aug 2024 02:01:51 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398356523992756462", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=14, mss=1328, tbw=3144, tp=-1, tpl=-1, uplat=217, ullat=0
pragma: no-cache
x-fb-debug: FhV/z2485Z0P1gl9juhFLB2u4bNK2gcfP7XHp3bLb2yhI1m8wl2VvPoR+7bcoed6IEJFf6OqAomjPmYtneajeQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398356523992756462"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 385 B
601 B 325ms
187ms Script
application/javascript 2.17.100.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17491716&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fmandarinads.com%2F&channel_type=code&origin=livechat&implementation_type=manual_channels&jsonp=__q9fgtxnfjb

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

3eae3b8514a94fc9a0dac64a8ed9f59cad7134476ef05a699754bb8de6200a6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://mandarinads.com/;
X-Frame-Options	allow-from https://mandarinads.com/

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://mandarinads.com/;
date: Fri, 02 Aug 2024 02:01:51 GMT
cross-origin-resource-policy: cross-origin
content-length: 385
vary: Accept-Encoding
x-frame-options: allow-from https://mandarinads.com/
content-type: application/javascript; charset=UTF-8

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 5 KB
2 KB 45ms
45ms Script
application/javascript 2.17.100.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=57b77bcb-c88b-4917-b43b-2c06ada7c1f1&version=147.0.1.68.167.108.1.7.1.1.1.15.6&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0806b31f3bd8bf197ea79cb10511fac2e72c3e1bef5b496a6d519065c4f1ec6c

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=595
cross-origin-resource-policy: cross-origin
content-length: 1819
expires: Fri, 02 Aug 2024 02:11:46 GMT

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 8088 0
0 167ms
57ms Document
text/html 2.17.100.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=17491716&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://mandarinads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 743
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Aug 2024 02:01:52 GMT
Vary: Accept-Encoding
cross-origin-resource-policy: cross-origin

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 12 KB
4 KB 46ms
45ms Script
application/javascript 2.17.100.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=57b77bcb-c88b-4917-b43b-2c06ada7c1f1&version=470b74842e9d45ce9f156d1d5a957bad_14660d009b4eaa42e30333f51dca5d5b&language=id&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6b21e8ad3dcd51c0b4610361e7933b9465410dc896734c688d916b28c453c314

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:51 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=595
cross-origin-resource-policy: cross-origin
content-length: 4219
expires: Fri, 02 Aug 2024 02:11:46 GMT

GET
DATA 200
OK truncated
/ 886 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5177933e55b6c1b91b5577d2484c19922829ff3b4bd8b508af81a7d0df717429

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AWeDiHhTRnIircZjsAv6.png
lbstatic.winwinwin168.net/media/images/ 1 KB
2 KB 534ms
533ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/AWeDiHhTRnIircZjsAv6.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 802f960a9c78fcea02e1392160b67619fe107bab48f8f5a5aa4a4c504649166d

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Jun 2024 17:58:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDPGZBIdcfUE%2F7bqNf6%2FjBYzDTL%2FX%2FgtJl49gUXmvSPvmAY%2B3mMO%2BxZqUEZmQniUFbrrVjz6TYHTVBGHX66wJuuEdZHGuVwU2NlBF0FQZcoyA2z627BHWULkvOv0vcCgW0wL5jCwU%2BedFde6%2Fv695Nn%2FfyJ9%2BOR8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b855d5f9960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1428

GET
H3 200 80ObcFyuQ5I39sf5txBO.png
lbstatic.winwinwin168.net/media/images/ 1 KB
2 KB 540ms
539ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/80ObcFyuQ5I39sf5txBO.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2c5db95bebecf91de46e70a0efe28ed010e67a3976872c20bd8d213a0d7269

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Jun 2024 18:05:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ScsywwLTKxPDb9BJ4Adjva3LDIPvP4qF6zcobu%2FOxT5BsmT9q21b7fJc%2FCJaPIEkoogK0VFjwngcPKuUrKce8dKkRKjQpA7d3myrudxX8TEF8OoWtLuwAlYZ9JeCf89xCyycC5%2BE2GHyug4itSc1ROsVnCGDd%2BFP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b855d629960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1250

GET
H3 200 4hB0zCTC2c9YfYbcbGru.png
lbstatic.winwinwin168.net/media//images/ 3 KB
3 KB 546ms
545ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/4hB0zCTC2c9YfYbcbGru.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d138d4dbe285a694c366d7e1f5b7d3248edd2a1fd936677c077d0f72f31aae

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:15:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWJc%2FFoXGvvjnpNfm0cRQmxTJ71nGvbBhf1681bXzWlaFxfzJ6LQPEhmIDTNGkP8bFB3KplLFMWBc%2BgOGwZQRiJuOIUQc0ZQAmefJOxvy2RL6Ufo6GLa3MzazsobddU7H7PJd6kMozrksxHJsnbG7%2FxcQ6CUqkTi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b855d639960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2582

GET
H3 200 C7LvrttF3UTU1JIhKSIt.png
lbstatic.winwinwin168.net/media//images/ 2 KB
2 KB 528ms
527ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/C7LvrttF3UTU1JIhKSIt.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c76da162786c31bf7dafd501f269f2c25d675f5a256fb0a583f6fb968bdf3acf

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:17:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AS2JGGasX6SUs6ljBzVN1c%2BcTqDnJZsyNlmsedFaxLaigoEWolHO0%2Frv4%2Bdr7fjX0NFvl22e9662oROr2iNyxaXmafORoYs9Td4ymgatqPur7vDBY7WfVsVLp6d59jojVsegcMpEgsPxPnKDLgnVIw7hBpU%2Fw71O"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b855d649960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1806

GET
H3 200 BWrunMiqkXKELVsRBDSJ.png
lbstatic.winwinwin168.net/media//images/ 3 KB
3 KB 540ms
540ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/BWrunMiqkXKELVsRBDSJ.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8603ae42b01a5f88795fa4887d12a8f2de33546b84e5814047328739572e414

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:17:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xX%2FkQ8SUxAPG8NK7NSNdutVfO%2FadKynoI2IJeeEz7PrMzZN%2FIPaiKSraFsNzecimRE0NVk7XyoevgtQtcVQ%2FCmnFZmXXJNkDwE6tS5Pb%2Fzr%2BdEPyRrqXtE4Q3yBXtK5X3Z596v%2FFpV44ioy3X%2B9q%2Fe0zOcQSJ8CT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b856d659960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2848

GET
H3 200 3oZmNkM6ySHckADxlIox.png
lbstatic.winwinwin168.net/media/images/ 2 KB
2 KB 542ms
541ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/3oZmNkM6ySHckADxlIox.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6272e2f1274d06fb54c743222f54172b52ed1cd8aae403ab5eb7170dcbbb66b3

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:52 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 17:06:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONobSVzZsHW4yu9RLnGKoRYt80%2FZRIIjrmfSSogPjmF3Q%2Fbg0v3rGkemAVop0hUHojmOon8GLkn0NIugsfAcr20FNfGr5jGd9O0aPzVNNA6jScqM5u81%2FkQiFCJn0wctWzJubfMyvcY18g3ud4Ze%2BPbvgyeTGwge"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b856d669960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1870

GET
H2 200 apk.jpg
mamakongbesai.buzz/ 64 KB
0 593ms
189ms Image
image/jpeg 172.96.191.37
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamakongbesai.buzz/apk.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.37 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.37-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:53 GMT
last-modified: Wed, 26 Jun 2024 11:05:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 230683
expires: Fri, 09 Aug 2024 02:01:53 GMT

GET
H3 200 Q76VmRjg0LW6digY5Bwp.jpg
lbstatic.winwinwin168.net/media/images/ 37 KB
38 KB 784ms
784ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/Q76VmRjg0LW6digY5Bwp.jpg?webp=true&width=500
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad4c700c13ce1f99959d054ee070f28fa05ff6457edce7a83fd45b9b86f4f90

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:53 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 18:25:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGBVB4MTp2HCpXKhWv00%2FAjaaXSaha1rT2pEDh%2F0ShpsJDhNuGhrgPV5C55ijSkoe2daO8wFfw6T%2BDYjyWzsLqFv2RI3l1%2BpUc3C7nlHjgbiEHNuIP0FVtvmCC6p8NMCuT0t7mHMCJuILtb96qt2yNcOYuxz75IT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b895ee29960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38348

GET
H3 200 XtoHpt5NAsqI4UaNJF4M.jpg
lbstatic.winwinwin168.net/media/images/ 20 KB
20 KB 785ms
784ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/XtoHpt5NAsqI4UaNJF4M.jpg?webp=true&width=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50087e58fb678f5992cba647c945475e188d0725b36ec35bff678453ddc1307e

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:53 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 18:25:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHVRmIxLvfhKxGgAivLqjHHShhbtKEX3PhjPQC92kLj3uhuWAGC%2BrIP5kjz0whc5vRB1yvLrypUXZ7qGJJA2JNXdE1NWPYs3d7xahGLBqK1j7aLFg0k0uTJPRy7IfJ3r6U2RawJDlPWpa1DeVLTuqEL5fZhihyHM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b896eea9960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20500

GET
H3 200 51MTNUGVeTSyUPdgMIHD.jpg
lbstatic.winwinwin168.net/media/images/ 17 KB
18 KB 788ms
788ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/51MTNUGVeTSyUPdgMIHD.jpg?webp=true&width=360
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faed7378fec165cb4ad8fa33f4f1ef3e02a55750568b103b089495ff74ae9804

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:53 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 18:55:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xU5Vdo9CLeV%2FrxyRWjGVIvvsUuZfih8gLXB3yNR%2FOy5b8E5XbM0IP8qat2Bh%2FpGc8%2Ff2lrZG0Fz1e%2FwDWKCJ1l4w54pr4qhpKs5nMtk%2F9JfXs%2FpkcBAH8rLrTHESbsgo4RUkVaav1IsPJ8oJAi1yXPakEFqRVq0F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b896eec9960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17532

GET
H2 200 eca84e1bbdb12f23cdc6437a0b65cf30.gif
cdn.livechat-files.com/api/file/lc/main/17491716/0/ec/ 153 KB
153 KB 42ms
29ms Image
image/gif 2.16.1.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livechat-files.com/api/file/lc/main/17491716/0/ec/eca84e1bbdb12f23cdc6437a0b65cf30.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8b12c03dec1f5f760d5915b9ae2ac9580baa6c0674912c48f1a6cfe4c4e85715

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Aug 2024 02:01:55 GMT
cache-control: private, max-age=86376
content-length: 156876
content-type: image/gif

GET
H3 200 yfk1pn0SKSWtcjRSpAHl.jpg
lbstatic.winwinwin168.net/media/images/ 70 KB
70 KB 779ms
779ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/yfk1pn0SKSWtcjRSpAHl.jpg?webp=true&width=820
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c623b21a6c6685ee130b011b5c2d85b9f5f12fe17fa24a4b8301d23b622a00aa

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:56 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 18:22:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e039p3qo1PirMlMv4svsTh1hm9IazCMgy1SpcE6l1IJLFmGYGbLDx%2FPsiywpcpwmNwK1zaI2kVBiLnsG3f%2F%2Bd0NEeyV0nqihDEHTVXKHR%2BxF%2FPZaTgMS8DtRvV7kfjKwennSNohb5S2ZtvM1V%2FqSHkke7Fg5u3pb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7b9cbe9e9960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 71360

GET
H3 200 5y81VYGcaGy15gMUvIo6.png
lbstatic.winwinwin168.net/media/images/ 1 KB
2 KB 539ms
539ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/5y81VYGcaGy15gMUvIo6.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508d896dc01dcd7f0fa7b86eccd66450f0138bd834be2d6be4406966b29c278e

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:59 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 19:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGE4nN7EEYYlOHwaNhFKvz8hqwEAJhJBdG5HH%2F8wgVQINglmjK%2BZFBwy5PgjhjsJ11P9GQpfrqObPuLokd1Z6CWw0E%2B8yPQWUGL8j2enEbZ74d6PN9UPPQ5QP5E6%2B%2FljFYMz1SP0VcGXmRVTo7QigVJoj8w2%2FbxL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7baefdb89960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1342

GET
H3 200 jCHN2fLHi3nuQfXv5NZu.png
lbstatic.winwinwin168.net/media//images/ 1 KB
2 KB 544ms
544ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/jCHN2fLHi3nuQfXv5NZu.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048732ade5d26caab98916e2cd7e5c281134fcd77978cc99c88e16e68cbd9740

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:01:59 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:25:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkGSZcvmp1pn9nZnq8slMOqSf3qVAIuuuLpubEM%2FLb9U8umBVLKrT3UfjFQ2l3nFTdcHiium9t4NyqSiJGApYfsonXTE70%2FebIictxPzftvY0vfMA72O74I76j9BKXDMVHcuUUdsVbCV5sRn6lZZ44Cw4jnYHX0r"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7baefdb99960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1402

GET
H3 200 CJS49ChqKvEqCRPMLxaa.jpg
lbstatic.winwinwin168.net/media/images/ 57 KB
58 KB 1043ms
1042ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/CJS49ChqKvEqCRPMLxaa.jpg?webp=true&width=820
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 385fd26ec61c9692de716b8592b9ad20003253ee66cdaef16544e6648e1efe27

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:02:01 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 18:24:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQLs1%2FzY1PYuxwkLRqSEh4SV7ZHURejYX03DqSwhaYy%2FX24fGr508m4qUggEIbPUuGfh72zjTV7inxMnxJ8kTrL40FDZ6R7%2FHhkNMjhcCBaP5P5Tg0eQ%2FHtsHVN9gPyWrSnKROQX3I974cEh4xt9%2FMPPQuxqxY11"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7bb889629960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 58474

GET
H3 200 0lL7ug46QDzY2ynjDZsR.png
lbstatic.winwinwin168.net/media//images/ 1 KB
2 KB 544ms
543ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/0lL7ug46QDzY2ynjDZsR.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61715efeacfda4bbda41c9291879f09012527e8ba541ce927afbcf21880f45fc

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:02:02 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:14:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8I%2BeVcdAE34rLkWWTDyMZt8RluCL4sjHsNeMq4ifb695HBMMFZNlmr9l%2BjCBIOvRB2B%2BcQwTOb%2BwnfkzvpiBRAh%2BVuYO57DIPS1itjS53EQR0ziTbVIX%2BkRFiuiGQZsRRVFN2ZJlegFDLXPCzoAYwVtxJd1D9Obc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7bc17ce69960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1504

GET
H3 200 vWua3uXF0ApXlm3zBr8C.png
lbstatic.winwinwin168.net/media//images/ 1 KB
2 KB 293ms
292ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/vWua3uXF0ApXlm3zBr8C.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54f5554779c1d8692d4fcff811cf0ecb0ddb234ffd121896297f2e1f27024335

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:02:02 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:28:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxUGiqfYU2ykJ25AQSNqqW6YDTZJNBfYj1MtqGgob38FTDWzYJtMyVgtuYNI0cpafX2BnUx2tXc75YG%2Bge7cUdCYYAx7p%2BWJlVElrjfH9EurrYysu9sm4DayXESXEtmU%2BNgwKT8jMNBDk3byPFSC37T0xzv29Szt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7bc17ce89960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1510

GET
H3 200 MrGKZ2qGeqAQpKUD8eeS.png
lbstatic.winwinwin168.net/media//images/ 1 KB
2 KB 533ms
532ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/MrGKZ2qGeqAQpKUD8eeS.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6878055c6e2dfcc3ff574e593ec83f5f1f95548f92a90fd95b41e8ce5167b2d4

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:02:05 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:19:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8iZboVNO89eBeCmOI6GgdhFOl7SUw1dtKAUmk9uzkggaw1oZufmHnfdYE9i95P2ZZOVsZLK0gBjWCsJHyaeZtv4kE9g6ItVnktaGRs4sAd%2FQBdMliRwGu%2FVvfb3KugUodq6VrBPQKoxNkX910XRwcS8u5nFuQDj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7bd36c069960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1280

GET
H3 200 yDDMDcYWgAsGiUhmZN5y.png
lbstatic.winwinwin168.net/media//images/ 2 KB
2 KB 534ms
534ms Image
image/webp 2606:4700:3034::ac43:a5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media//images/yDDMDcYWgAsGiUhmZN5y.png?webp=true&width=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0554ae233be585fcef0995118ccf4f1dd59f32591345585e31e848b70fbf0d84

Request headers

Referer: https://mandarinads.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 02:02:05 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 05:29:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ft0TwNDojssUVwccEi6Z1aIKcVD4OKSgfUNiJlIX9uh3XdNxRePKpOEfkNtAJBR2i5Fmkb2Ws3PfecA%2FOWXklYy1OLUSC0G8sLVmGndA72c6XzmD5PLJkMhE2PX6yc7JlNtn1lbIixQSbfMQh7x%2FvQv3QCyt5ruQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8aca7bd36c089960-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2052

GET LyUN67HisFziFl681f6t.jpg
lbstatic.winwinwin168.net/media/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lbstatic.winwinwin168.net
URL: https://lbstatic.winwinwin168.net/media/images/LyUN67HisFziFl681f6t.jpg?webp=true&width=820

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 08:05:24	Name: __lc_cid Value: 34f1c7ed-9dc3-4d87-a328-fc089111229b
.accounts.livechatinc.com/v2/customer/token	1970-01-21 08:05:24	Name: __lc_cst Value: 5e7b4ab239faf1df6a26b98dcd1a2084d1b4b11dfb7a3c1d8b4b91866196611ad3aeb768e1fb0a36c9b1f0961a5a6560266db755cbbbe374c8b92d713732
.accounts.livechatinc.com/customer/token	1970-01-21 08:05:24	Name: __lc_cid Value: 34f1c7ed-9dc3-4d87-a328-fc089111229b
.accounts.livechatinc.com/customer/token	1970-01-21 08:05:24	Name: __lc_cst Value: 5e7b4ab239faf1df6a26b98dcd1a2084d1b4b11dfb7a3c1d8b4b91866196611ad3aeb768e1fb0a36c9b1f0961a5a6560266db755cbbbe374c8b92d713732
.mandarinads.com/	1970-01-21 00:39:00	Name: _fbp Value: fb.1.1722564111480.143944386780568927
accounts.livechatinc.com/	1970-01-20 22:29:24	Name: __oauth_redirect_detector Value: counter=1&t=1722564144&tag=0f836d15c6da2a107332aaab8078c2a94d1087ee

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://mandarinads.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

924900.winwinwin168.net
api.livechatinc.com
cdn.livechat-files.com
cdn.livechatinc.com
ciakchapui.buzz
connect.facebook.net
lbstatic.winwinwin168.net
mamakongbesai.buzz
mandarinads.com
secure.livechatinc.com
www.facebook.com
lbstatic.winwinwin168.net
172.96.191.37
2.16.1.243
2.17.100.232
2.17.100.240
2606:4700:3032::ac43:afdf
2606:4700:3034::6815:49c8
2606:4700:3034::ac43:a5cf
2a02:4780:22:5645:4445:5d99:230e:c47f
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
048732ade5d26caab98916e2cd7e5c281134fcd77978cc99c88e16e68cbd9740
0554ae233be585fcef0995118ccf4f1dd59f32591345585e31e848b70fbf0d84
0806b31f3bd8bf197ea79cb10511fac2e72c3e1bef5b496a6d519065c4f1ec6c
18928ed0ffd38abae5845751ce57964a5e585eb26f1b962f2cef5256dc37d138
2b43fb196e61c964e3fb5f1e6299cbcb84d1a5a12b6200e1bb479f2ff0105b3e
36d4f2b8bb401f731e068689da5f429574afe37b7288031d467627a3e88e58a2
385fd26ec61c9692de716b8592b9ad20003253ee66cdaef16544e6648e1efe27
39524e7e771d4e866a20275b23074752860c2456611bc5da0057d07059bec2cf
3eae3b8514a94fc9a0dac64a8ed9f59cad7134476ef05a699754bb8de6200a6b
41d9ea874b89586266e0ce638d1f4686e4132dea8329e790232add5d7e81138c
440c8560684a525dd92d0e9a8b1ee986bd3924dea4b6ff9fa7d4108bfe7bdaa3
4619ea24c9908fdc8818c450302e7aa576adc4ea6009275418a655942d7f6480
47680877971185a375beb8745cfc58ba96f40a75ab4a18fe96f92232435be15c
4947b9518de783b6b20c132009bf9842e3231aa2ef1e562ce73ae597df2403f8
4e2c5db95bebecf91de46e70a0efe28ed010e67a3976872c20bd8d213a0d7269
4f7c338a453386d2722e8445660219f8cd12553c757a37a2c9829fdfec570c6d
50087e58fb678f5992cba647c945475e188d0725b36ec35bff678453ddc1307e
508d896dc01dcd7f0fa7b86eccd66450f0138bd834be2d6be4406966b29c278e
5177933e55b6c1b91b5577d2484c19922829ff3b4bd8b508af81a7d0df717429
54f5554779c1d8692d4fcff811cf0ecb0ddb234ffd121896297f2e1f27024335
57bc7d294ebec48caeeb49dc68b0f576e043e30cb970be33235afa2e1a5b64f3
58a3f71b4855cbd5748c94fac3c0dd91ae2388d64f8872ee05465cf08c10147d
59e8b01576079d03320279bfeba8a5fe3cc1b8c965eb1465e4f65c72a7caec26
61715efeacfda4bbda41c9291879f09012527e8ba541ce927afbcf21880f45fc
620b0cb9999e300ed3bb34b3030ec83bc2624c8bb21f0780804577880ca74061
6272e2f1274d06fb54c743222f54172b52ed1cd8aae403ab5eb7170dcbbb66b3
63c018907512d2dcc563caf1e0fff301f7bef8911ef4e96a23c18383efbf5580
6630d5b1cff0ccbf480419775911dcb853dac72f73ed5b258a1a4f5dd61ae64b
6878055c6e2dfcc3ff574e593ec83f5f1f95548f92a90fd95b41e8ce5167b2d4
6895756990e0dd932c2e22f78260b7fe254e61d40a9bb88586c23771ba105a20
6a86e0099eb2a166a8a418f5771ec4e99a8ba8e5b01e4a333c729c2aff764079
6b21e8ad3dcd51c0b4610361e7933b9465410dc896734c688d916b28c453c314
76a4c6d96b10672f6bfae8264231e8b118b58973657a91745611fc3e34835e02
795f603c3c3a60f2a0e38f5e1ff56c8cbad6b77e67d52110bccd9e6c9ac9a843
79f13ab2dbfa6e7b4c6cbac69667d7e8a3f58a1c4f14909417be48f0050ea4d6
7a1a248a8000f74c466283f90ef88b262bd116cab4b7969177d8be9a776c685e
8001afc49d78e954f0081b2f5d771483bc3fede1aedc4e724151c8c828cf916e
80211745fca6c4c80c83f8a674008e78f0ae0250d405d2464cd7229ed0a2898e
802f960a9c78fcea02e1392160b67619fe107bab48f8f5a5aa4a4c504649166d
82014b827c32d3dfd61fd15130a070019fb5589e8d8766ab0673c350c9b044f4
8359e4cee3bc993a11d15ab8784284e2b2c27d0d0a4b65c3d78fc963b7c89813
8ad4c700c13ce1f99959d054ee070f28fa05ff6457edce7a83fd45b9b86f4f90
8ae374c2b8e249168b3477d53e469fd955da4edc1d8ff3566757acaca51ce33d
8b12c03dec1f5f760d5915b9ae2ac9580baa6c0674912c48f1a6cfe4c4e85715
8beed245c42832d787fdcff25644db92d230b2bfc01e476cfe6ecc5b76b412f6
9b3b17d4af37631141dbe04ac87e4b9ce041124d6331eb4a571c95705a173009
a03887f911029b2fd54ad712aa3d4b7001b6b2699b9015cf3af7e25794c50886
a8199d4cfb0d201b975b5c0ee7748b3e20bc4059951618c8fe5aed309442b2bc
a8603ae42b01a5f88795fa4887d12a8f2de33546b84e5814047328739572e414
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b15342f60057db18dab528d45b60ba86dc17bda58210ccb0abec05110dab9d2b
b203a2b399445ba2287efa9cca3f47c0ecff9e0162ce48d26c4f762bda27c6bd
b23b4803ba0743f27c04b34e2ae2a50e74a544215c3744a4804bb301148b4b98
c34884269b9869006b73c6835de360877b7fd2a22d1faee3524b75978780f8c7
c3872e257431230e8c15c6944e8865e77b8353869e960c6adda208929234ee66
c623b21a6c6685ee130b011b5c2d85b9f5f12fe17fa24a4b8301d23b622a00aa
c76da162786c31bf7dafd501f269f2c25d675f5a256fb0a583f6fb968bdf3acf
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
d8f1edbbdba5542c93a1cf4b2488b013daa0098349db42ed3bdf2cf4790abe0c
dbe4c8fa6807d40a16e6bb660d3badedfaecdc37c5941293e295ed653a6dceb3
dc79e383b32dc21b08d42d6190fb7ee688aa6a9454987fa750a454f400c5df40
e27116841802e66b80fa23096f442d549c4ba396eab5a38faddeebde8ad00807
e656bdd5675287a20561008016f3cfd7a6704e948466fa35e64e0a5636c100e5
e6d138d4dbe285a694c366d7e1f5b7d3248edd2a1fd936677c077d0f72f31aae
e6f0502fac92e6efad318ee712d8fc6cae44b58620a75b2962d94ee02be21969
e777af28fa0435295dcc328ff766f6e316f721e39ef678136089aa62a43e36ff
e841bdc8a8c19415eaf8596f3797dd1fe3c6db5a71c4828aa2a9cbf80160c633
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef46037bcb73deda80d305fc6c73bda75d703efae6717b2ee70e71017d53af65
f053e26da91cf6f9946fa13392b328b9b49e3e314767e8c5c21d4d8db81f087c
f73b3872ffc51abb7a1735ae81e5342900672dacaf35c8c97b54e3e4b2e12d6d
f83014ba775f89c2a9112508292288e98351c9cbc9363886eef17b8922b94e72
f89616ce6ea4f579c49201d3c20551bcf8e6634eef67ffc9f6f6271aa473856f
faed7378fec165cb4ad8fa33f4f1ef3e02a55750568b103b089495ff74ae9804
fffd2081626b3bff5c17d312cd9cbd2681d8da94757f8a01ed3501041e08e6e2

mandarinads.com Open in urlscan Pro 2606:4700:3032::ac43:afdf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

99 %HTTPS

60 %IPv6

8 Domains

11 Subdomains

10 IPs

3 Countries

8784 kBTransfer

11232 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mandarinads.com Open in urlscan Pro
2606:4700:3032::ac43:afdf Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

99 %
HTTPS

60 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

8784 kB
Transfer

11232 kB
Size

6
Cookies

90 HTTP transactions
4 data transactions