Report - h.mangabat.com/read-ua398845-chap-1

Report Overview

Visited public
2023-08-12 20:05:30
Tags
URL
h.mangabat.com/read-ua398845-chap-1
Finishing URL
h.mangabat.com/read-ua398845-chap-1
IP / ASN
172.67.69.113
#13335 CLOUDFLARENET
Title
Rebirth Of The Emperor In The Reverse World Chapter 1 | M.mangabat.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
platform.bidgear.com	30367	2011-08-30	2016-07-27 13:51:48	2023-08-12 02:16:25	2.2 kB	41 kB	104.26.3.107
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-12 02:24:07	484 B	11 kB	142.250.74.106
ip2geo.pubfuture-ad.com	unknown	2022-09-30	2023-03-27 18:50:37	2023-08-12 03:18:26	433 B	1.2 kB	104.26.0.97
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-08-12 01:43:35	867 B	289 kB	142.250.74.168
v3.mkklcdnv6tempv2.com	unknown	2021-02-11	2022-03-18 19:19:54	2023-07-20 13:28:22	12 kB	4.4 MB	104.22.39.249
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-08-12 07:30:24	738 B	423 B	192.243.61.225
a.magsrv.com	unknown	2023-08-01	2023-08-04 18:18:00	2023-08-12 03:09:11	404 B	106 kB	205.185.216.42
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-08-12 03:30:41	402 B	86 kB	172.64.197.8
shortlyamusement.com	unknown	2023-04-12	2023-04-12 14:51:50	2023-08-06 02:00:09	1.3 kB	30 kB	192.243.59.20
beggingoppida.space	unknown	2023-07-28	2023-07-28 17:15:50	2023-08-03 19:28:01	415 B	1.5 kB	142.91.159.165
corpulentoverdoselucius.com	unknown	2022-07-14	2022-07-14 15:06:31	2023-08-09 04:24:36	445 B	10 kB	173.233.137.52
criticismheartbroken.com	unknown	unknown	2023-08-09 04:47:08	2023-08-12 09:34:24	8.0 kB	13 kB	192.243.61.227
platform.pubfuture.com	61071	2021-08-26	2021-10-28 21:21:03	2023-08-10 18:29:40	973 B	7.5 kB	172.67.75.110
avt.mkklcdnv6temp.com	75474	2021-02-10	2021-02-11 07:43:11	2023-08-05 19:14:06	5.4 kB	1.2 MB	172.67.5.191
simplewebanalysis.com	unknown	2022-02-15	2022-02-25 05:06:25	2023-08-12 05:43:33	1.3 kB	1.3 kB	3.72.183.229
s3t3d2y8.afcdn.net	unknown	2022-06-27	2022-08-09 00:22:56	2023-08-12 05:41:27	476 B	28 kB	185.76.9.24
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-11 18:12:14	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-12 02:24:08	2.7 kB	98 kB	216.58.207.227
s.magsrv.com	unknown	2023-08-01	2023-08-04 14:48:00	2023-08-12 02:16:28	1.3 kB	2.4 kB	95.211.229.248
goddesslevityark.com	unknown	2023-08-09	2023-08-09 04:47:59	2023-08-09 04:47:59	4.0 kB	6.5 kB	173.233.137.52
membershipimmunitysport.com	unknown	2023-08-09	2023-08-09 04:43:12	2023-08-12 07:50:19	3.1 kB	35 kB	192.243.59.12
fixedgodmother.com	unknown	2023-08-09	2023-08-09 04:39:31	2023-08-12 07:49:14	487 B	467 B	173.233.137.44
h.mangabat.com	unknown	2018-06-09	2022-08-11 09:37:24	2023-06-05 05:39:45	33 kB	467 kB	104.26.9.37
imp9.bidgear.com	34078	2011-08-30	2021-03-15 12:09:09	2023-08-12 02:16:26	2.1 kB	4.5 kB	104.26.3.107
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12 22:43:53	2023-08-12 02:14:22	1.0 kB	2.8 kB	143.204.48.16
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-08-12 03:14:24	1.9 kB	205 kB	45.133.44.10
m.mangabat.com	269216	2018-06-09	2020-04-28 14:44:40	2023-06-05 05:39:52	870 B	72 kB	104.26.9.37

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-12	medium	shortlyamusement.com	Sinkholed
2023-08-12	medium	shortlyamusement.com	Sinkholed
2023-08-12	medium	shortlyamusement.com	Sinkholed
2023-08-12	medium	goddesslevityark.com	Sinkholed
2023-08-12	medium	criticismheartbroken.com	Sinkholed
2023-08-12	medium	criticismheartbroken.com	Sinkholed
2023-08-12	medium	goddesslevityark.com	Sinkholed
2023-08-12	medium	criticismheartbroken.com	Sinkholed
2023-08-12	medium	criticismheartbroken.com	Sinkholed
2023-08-12	medium	goddesslevityark.com	Sinkholed
2023-08-12	medium	membershipimmunitysport.com	Sinkholed
2023-08-12	medium	criticismheartbroken.com	Sinkholed
2023-08-12	medium	criticismheartbroken.com	Sinkholed
2023-08-12	medium	membershipimmunitysport.com	Sinkholed
2023-08-12	medium	membershipimmunitysport.com	Sinkholed
2023-08-12	medium	fixedgodmother.com	Sinkholed
2023-08-12	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (50)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-163155093-1	ScriptElement	184 kB	2023-08-12	2023-08-12
Pretty URL www.googletagmanager.com/gtag/js?id=UA-163155093-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash 156e385730857672986c6cbbf955e81a c506a62e550fea12cc6e4b5fe8caf4aa92cd5e56 14511c613600db216565b6e248199a739959001c5bf3820762bc47fe52b40db8 Loading...

	h.mangabat.com/ads/bidgear_300x250_desktop_4.html	ScriptElement	0 B	0001-01-01	2025-05-10
Pretty URL h.mangabat.com/ads/bidgear_300x250_desktop_4.html IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-10 09:07 Times Seen4642265 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	m.mangabat.com/themes/hm/js/jquery-1.9.1.min.js	ScriptElement	93 kB	2023-03-07	2025-05-09
Pretty URL m.mangabat.com/themes/hm/js/jquery-1.9.1.min.js IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-09 14:15 Times Seen1693 Hash 383771ef1692bfcc3f2b6917ca985778 a1ce0bfa507f23cc414a9a7634bd73b994bb3b35 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734 Loading...

	unknown	ScriptElement	87 B	2023-07-01	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-01 17:50 Last Seen2024-08-21 08:56 Times Seen10 Hash 1fc9196be0de170a2ba9d01fd738956c 0093085bd0c0ba1debb3be59368158410bca2185 76d03ea5d803b052bf2431513a1c79d607ba61d664040a7dbc75a1d09e2a197d Loading...

	unknown	ScriptElement	145 B	2023-08-12	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2024-08-21 08:56 Times Seen2 Hash 02314d54761e7ecc10e1d86939605b0c dd6dd0ccecbafca62b89f85b9ac0204825bf3222 1fe843f86c30793b2864247e6de9517d7d84d994aefaa010197f589dabb00586 Loading...

	h.mangabat.com/read-ua398845-chap-1	ScriptElement	69 B	2023-03-14	2024-08-21
Pretty URL h.mangabat.com/read-ua398845-chap-1 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:43 Last Seen2024-08-21 08:56 Times Seen3 Hash 84c8dc8df6f22442b5b5e3e668602190 acb735e2a266fd20442f67691caf3ad288171b8e 26a54ca8c8c7242ce0ab71698931f3221f2fd63d6ef654631404c5acaa93f4fb Loading...

	a.magsrv.com/ad-provider.js	ScriptElement	106 kB	2023-08-04	2024-08-21
Pretty URL a.magsrv.com/ad-provider.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-04 18:18 Last Seen2024-08-21 09:44 Times Seen67 Hash 741f9bcd735a718f6dbcaf6aa4f118c0 f7b62318ccec4fda7e838ae49b0de1bc7ecf5f2e 2cc4d0da63dfd4b3a4b05666d797aa3537bc80bcf18e5bbd7afd260f68962fd5 Loading...

	h.mangabat.com/themes/hm/js/jquery.slicknav.min.js	ScriptElement	9.2 kB	2023-03-14	2025-02-01
Pretty URL h.mangabat.com/themes/hm/js/jquery.slicknav.min.js IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:43 Last Seen2025-02-01 22:17 Times Seen6 Hash 7037bb2073d73d96c5b14b6f1a09aa95 3afb044170677d48b9c4285b29aa30bbf2042e5b a63a7806f4526db61ef1c3379f406093450457301672b8288920afb5eb5ea032 Loading...

	platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5274	ScriptElement	705 B	2024-08-21	2024-08-21
Pretty URL platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5274 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 9fd43550f838b3c7ad75cb86a073e250 69eca316e9f6bc56cc6f90d2eb6e17a7f5c98002 05b2e0a36580c405196a606dc192e0c5fda4c05f0160f16cedcf72c2bfad6ac7 Loading...

	unknown	ScriptElement	359 B	2023-08-12	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2024-08-21 08:56 Times Seen2 Hash 753de93e6799e20a2db2676e829b02ea 9466694692dd720296b01a5e3ad334d0e1a42f2e 9ce24643aefbb1aa8ad5785cd87c473b7db88420e61eceae6de3c2d9d72e1039 Loading...

	membershipimmunitysport.com/d9/46/32/d94632e7aa9c3371986027866cfd2937.js	ScriptElement	86 kB	2023-08-12	2023-08-12
Pretty URL membershipimmunitysport.com/d9/46/32/d94632e7aa9c3371986027866cfd2937.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash 8885b4b249ff9f3a79de4a9b8743058b eb81622fa079e5d5e3ec4a1875f782c268782361 681944bf07f10eb15dd4fa0651c688ccc2c0f22fe51f0cfb2f22db486edc978f Loading...

	h.mangabat.com/themes/hm/js/owl.carousel.js	ScriptElement	55 kB	2023-03-14	2025-02-27
Pretty URL h.mangabat.com/themes/hm/js/owl.carousel.js IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:43 Last Seen2025-02-27 00:53 Times Seen46 Hash b8da51d56f34177fd1f664e1febd55d0 13a4afb5fb2f6df26cf2c2680c16995976c96ba5 3192e52316a72003209e67550052ddc03bb577d9ab1f8c2e5f9de364e3cd8b41 Loading...

	shortlyamusement.com/827d3e4dec7f1eaa79741d60f6b9b8a8/invoke.js	ScriptElement	25 kB	2023-08-12	2023-08-12
Pretty URL shortlyamusement.com/827d3e4dec7f1eaa79741d60f6b9b8a8/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash 9996168637bb9a5213efd97a1fb1efed 501c911952473f18bb9e0c3c28a26d5b165b3fd5 9b6b072873223af9084dcc7d91659edf752deef90bac8841fb021940bd199d55 Loading...

	corpulentoverdoselucius.com/455367cf7c186414ffa2e74aa3478dd1/invoke.js	ScriptElement	27 kB	2023-08-12	2023-08-12
Pretty URL corpulentoverdoselucius.com/455367cf7c186414ffa2e74aa3478dd1/invoke.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash cf22d282077065efa576ab3e79719796 9468c764c923db24bee3a82ab43496919706d8e1 25887e0c183db7a3b60f441b1ebb310b44c72d53a582a2cd08daebe810acf1c4 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-05-10
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-10 08:27 Times Seen54762 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	platform.pubfuture.com/v1/config/63f6d5ef5eb600002866bdaf.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=&d=b3RoZXJz&s=aC5tYW5nYWJhdC5jb20vcmVhZC11YTM5ODg0NS1jaGFwLTE=	ScriptElement	2.3 kB	2023-08-12	2024-08-21
Pretty URL platform.pubfuture.com/v1/config/63f6d5ef5eb600002866bdaf.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=&d=b3RoZXJz&s=aC5tYW5nYWJhdC5jb20vcmVhZC11YTM5ODg0NS1jaGFwLTE= IP 172.67.75.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2024-08-21 08:56 Times Seen2 Hash 62d8e045202a0081c865dc2ee58584f1 1f4146061ba90d7020d93d83f8f22de559e68f9f b11fde80737118aa167dfe02c9a6c43cd5f46a8e86fae695e711b3bccd7e14ab Loading...

	h.mangabat.com/themes/hm/js/cookie.js	ScriptElement	1.9 kB	2023-03-07	2025-02-27
Pretty URL h.mangabat.com/themes/hm/js/cookie.js IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-02-27 00:53 Times Seen211 Hash 8e55f74e37d822e25494c54c54d0b664 7c9da963f1e7445bc542747f7a54920656efa09e dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec Loading...

	beggingoppida.space/t64d7e485b4c8d/49207	ScriptElement	5 B	2023-03-07	2025-05-10
Pretty URL beggingoppida.space/t64d7e485b4c8d/49207 IP 142.91.159.165 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-10 04:34 Times Seen6004 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5275	ScriptElement	705 B	2024-08-21	2024-08-21
Pretty URL platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5275 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 58d865f046e9d9cbb8e744e2d77b928c 09fe3faae2945a39698f2400eedb812203e7b822 57441632fa2bc300537d818f49e66bcff0b00bdc4a0d57e59a109db81e6fb24d Loading...

	h.mangabat.com/read-ua398845-chap-1	ScriptElement	103 B	2024-08-21	2024-08-21
Pretty URL h.mangabat.com/read-ua398845-chap-1 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 7c9456e917938c6270b59fb13e53bc47 d744bb884d17951d039666bcd9053e9e878e1ad4 ea9ce5a3286479e6131db04780c678f1bbc1b7b38401bf0c93a6a6e7460b1811 Loading...

	shortlyamusement.com/0e14729eb17cfa776f3413e13c6a73fc/invoke.js	ScriptElement	25 kB	2023-08-12	2023-08-12
Pretty URL shortlyamusement.com/0e14729eb17cfa776f3413e13c6a73fc/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash 1e932387f761f328528acb07b45a1339 b69b329d0d6f4e694c7468680f73ea1c8f7c24ca ef46fa7460f80578db636defdcd8aaf4ec5fb7a7747b6a7cd6f138bbec54cf75 Loading...

	platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5273	ScriptElement	735 B	2023-08-12	2023-08-12
Pretty URL platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5273 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash 9c57fd927a0aa87f07ad7ecb9257f753 87daf7aefed1ec54d0daad8d3780b38789c7dc77 377661856e1579cc33f8fbd96778b4dedc07e740ed6d8b8421292e90bd8944ea Loading...

	h.mangabat.com/themes/hm/js/tooltip.js?v=08032022	ScriptElement	3.9 kB	2023-08-12	2025-02-27
Pretty URL h.mangabat.com/themes/hm/js/tooltip.js?v=08032022 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2025-02-27 00:53 Times Seen46 Hash 88a3b3ccc96a83bdc327fa582ba62212 25d35bb59054e5f814f945fadcdc7184cd31ccbb 704d1b10c0ce18ff7b617cf2428c74ec1ea6acccd1bcb19454408be6f8fd0f2f Loading...

	h.mangabat.com/read-ua398845-chap-1	ScriptElement	76 B	2023-03-14	2025-02-01
Pretty URL h.mangabat.com/read-ua398845-chap-1 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:43 Last Seen2025-02-01 22:17 Times Seen6 Hash d412e07d0a85a719359696d8c097ea0d be1a784b18db7c95fda9df0f2071e65b2a1c1bc4 be4ff14d467c2620c83fd4eb149a4e70c2a0c8dafe20145a1ea0a2431c8207dd Loading...

	h.mangabat.com/themes/hm/js/changes-mode-chapter.js?v=1.2	ScriptElement	1.6 kB	2023-03-14	2024-08-21
Pretty URL h.mangabat.com/themes/hm/js/changes-mode-chapter.js?v=1.2 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:43 Last Seen2024-08-21 08:56 Times Seen3 Hash 1005e432069294c218375e8c18779730 7d03eab6cc716f89194c64e89f8c6a6458e6fad3 87c109cf690edd19f375735ebeb27316549cb455e295168d6c60ab2b261fe82d Loading...

	platform.pubfuture.com/v1/unit/63f6d5ef5eb600002866bdaf.js?v=2	ScriptElement	2.7 kB	2023-08-12	2024-08-21
Pretty URL platform.pubfuture.com/v1/unit/63f6d5ef5eb600002866bdaf.js?v=2 IP 172.67.75.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2024-08-21 08:56 Times Seen2 Hash fd12154e0fba07cf72fadc405636aeb2 84dff42895dda7ff59bb6f4f593d4ca4fac0c2b3 524273dcd64d593c3816c839f50d4a694f42d2b5ebc60d8d1cda4240a0747ce2 Loading...

	unknown	ScriptElement	197 B	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 9967762b593105ced1424defea6cf2fa 3c4d853d26a0a80bd8739f865a756481016ea4c4 6edcc4c97214243afb4be3faad5dd81b885d4dbd79fd94f7bee951003a7dff1b Loading...

	h.mangabat.com/themes/hm/js/fsearch.js?v=08032022	ScriptElement	4.8 kB	2023-08-12	2025-01-25
Pretty URL h.mangabat.com/themes/hm/js/fsearch.js?v=08032022 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2025-01-25 20:47 Times Seen32 Hash 733933b8f3681377ddb2867a56377ff4 86860fa2b33a33d391bd313c19aeae003025bc06 a3006eda902e243c22b7ba537dd976a4f939db25ff64b2500e5d850f023f733a Loading...

	h.mangabat.com/themes/hm/js/custom-chapter.js?v=02232021	ScriptElement	1.8 kB	2023-03-14	2025-02-01
Pretty URL h.mangabat.com/themes/hm/js/custom-chapter.js?v=02232021 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:43 Last Seen2025-02-01 22:17 Times Seen6 Hash bc68de39b81d9ff9acdefe3f81731e05 367cbfcab87e9f981eb92d3bcb400e9f59886e9c 4a585d12c2ea84c53917d98c3c3ed4b1d50ebccc45d66695885ad02d17f0d9bf Loading...

	platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5276	ScriptElement	2.5 kB	2023-08-12	2023-08-12
Pretty URL platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5276 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash ee087472d5baf257c8184b17cdf24778 226c3487557e6cabf1e7956980efd92f9bb63cad 87216efe7698295aa147f72939e54a9e9b6a84d515bc53fd9f464ded800a80e4 Loading...

	h.mangabat.com/read-ua398845-chap-1	ScriptElement	369 B	2023-03-10	2025-02-27
Pretty URL h.mangabat.com/read-ua398845-chap-1 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 19:44 Last Seen2025-02-27 00:53 Times Seen76 Hash 1cbec6871926f874d22b3de6b0e6df5d 9a63307471fe088fbd4f655be1720588fba8a952 fff6b0612c9d56fc2c27ce026ca80ad0bdfadb8538a8cc7ba9633aff1875f8d3 Loading...

	h.mangabat.com/read-ua398845-chap-1	ScriptElement	155 B	2023-03-14	2024-08-21
Pretty URL h.mangabat.com/read-ua398845-chap-1 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:43 Last Seen2024-08-21 08:56 Times Seen3 Hash de4ce0d32bd561c2ac59a18b84ccff05 5519ea907f5db42fac619d93ffa8143fae49ade0 6ac964ddaefebf4659ae07af1378a65c7907cab3342fcf3e55f0539f48668717 Loading...

	www.googletagmanager.com/gtag/js?id=G-T60M656J5F&l=dataLayer&cx=c	ScriptElement	221 kB	2023-08-12	2023-08-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-T60M656J5F&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash 69650403a741b59a62704f99f0c72b28 a83cb15e50a126fb9d905aa64bc68e21598815f3 ef9b2c626f982b3ada9b38e41b841df359a7ceb98ada170eed8c89326d49264e Loading...

	shortlyamusement.com/b6681ccab2189b9400ef02ad3f74576b/invoke.js	ScriptElement	25 kB	2023-08-12	2023-08-12
Pretty URL shortlyamusement.com/b6681ccab2189b9400ef02ad3f74576b/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 22:05 Last Seen2023-08-12 22:05 Times Seen1 Hash 5624b194a390159ec496685ebe45af1a 9d60389a94a657eded2a9aa1e6e2172ae7b711af f0e9a657a3ffbb73bb147541d3fac03f3b2ee5f6a4d78537da47919a1b470a78 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-04-05	2024-08-21
Pretty URL friendshipmale.com/sfp.js IP 172.64.197.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:35 Last Seen2024-08-21 09:44 Times Seen546 Hash 8bf542db65f0ff20d510889d62e5e092 1b1b7cc04275b7641e2f07b0f4bf99b5387303bf 77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711 Loading...

	unknown	EventHandler	188 B	2023-04-15	2025-05-08
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-15 20:09 Last Seen2025-05-08 18:14 Times Seen188 Hash 839f00355ed896a007c18274ade39d94 a0d954478522fd4dcac024c995c180e7a8c58496 4af5bbd0ec136ec05a399410b4720d5cfe29a1f43cad09d4be692205b774a781 Loading...

	h.mangabat.com/themes/starrate/js/starwarsjs.js	ScriptElement	10 kB	2023-03-14	2025-02-27
Pretty URL h.mangabat.com/themes/starrate/js/starwarsjs.js IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:43 Last Seen2025-02-27 00:53 Times Seen47 Hash 3fa72e89d0591678a37b2afffd04ad7f 72516e05fdddc50481f8addfb0a1b63bf3cfd644 9ac1a5d836082405fae82109177c0e65a91f2a9acb8f8f69489f49d9f843d3cf Loading...

	h.mangabat.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-10
Pretty URL h.mangabat.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 09:06 Times Seen341616 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 09:06 Times Seen340816 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	connect.facebook.net/en_US/all.js#xfbml=1&appId=190712595201460	ScriptElement	17 kB	2023-05-05	2025-05-10
Pretty URL connect.facebook.net/en_US/all.js#xfbml=1&appId=190712595201460 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-10 08:27 Times Seen54161 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	unknown	ScriptElement	3.3 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 1aa99bfeed4b02d87cf4a6eb0ccd4edb 0f76b2f19c552aba3fb4e30c76186689ec9a8aca e731ad58d32721af22366e2afd1fda9612779532831f96705300d2cffec680f1 Loading...

	h.mangabat.com/themes/hm/js/custom.js?v=08032022	ScriptElement	5.1 kB	2023-03-14	2024-08-21
Pretty URL h.mangabat.com/themes/hm/js/custom.js?v=08032022 IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:43 Last Seen2024-08-21 08:56 Times Seen3 Hash cd43731a50d96089c88098c60fb4aa55 688250c21667beb162f4bde0ea05257173b3fcc3 8f46d4729002eaa410db1fc54ca6b21e97bcedf50fe26f620552ea08784d3dc7 Loading...

	h.mangabat.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-05-10
Pretty URL h.mangabat.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.26.9.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 07:02 Times Seen68289 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 96f4967ff638282e5c97bbb513143a1f	2.1 kB	2024-08-21 08:56	2024-08-21 08:56
Pretty Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 96f4967ff638282e5c97bbb513143a1f 21bb7ad68b4bcdb1f384ebc558dd06949a538ac1 56b9db22b7c835bffe916bb875794f52fbb64a16ced70ed6ed4ab1b50055f4be Loading...

		Size	First Seen	Last Seen
	#1 Write - 39a8c5641335ab52c263c81b18f62004	679 B	2024-08-21 08:56	2024-08-21 08:56
Pretty Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 39a8c5641335ab52c263c81b18f62004 40c9761ab1d37b87dbe8239a53725be81e1c32a5 4a8b6065ac36102f658de3ead31e2719beea06fcf47384e160f7f3d08c253b29 Loading...

	#2 Write - 7064f7f722a5d680f071367e3168ce3b	708 B	2024-08-21 08:56	2024-08-21 08:56
Pretty Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 7064f7f722a5d680f071367e3168ce3b 61a0f0cd33ea6a7d36cbb6375ead976e076eefc5 7d077c984256e0f6d0eb8e516d6e466a01411969b06b1fa11b80bf32e56af42e Loading...

	#3 Write - 3e8e2323f8f27346d8add7c3e1fb13db	2.4 kB	2024-08-21 08:56	2024-08-21 08:56
Pretty Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash 3e8e2323f8f27346d8add7c3e1fb13db f147785d76bdabfa2b453a6d179177c6fe533015 441dd562c83f672acb09718ea73d1a1218c2a9eed54830cddd361920692afde7 Loading...

	#4 Write - f8fdda5514beba2320f4ab77b59ae02e	679 B	2024-08-21 08:56	2024-08-21 08:56
Pretty Observations First Seen2024-08-21 08:56 Last Seen2024-08-21 08:56 Times Seen1 Hash f8fdda5514beba2320f4ab77b59ae02e 3466311483ef4bb7ce95ef028bce2963944264d2 0f83772f94bc35b5b63389a2ffdd78bde6025270868b4a6d2ff29cff76b40b7d Loading...

	#5 Write - 1f11d9f38158abf07d405dd838b2751c	399 B	2023-08-12 22:05	2024-08-21 08:56
Pretty Observations First Seen2023-08-12 22:05 Last Seen2024-08-21 08:56 Times Seen2 Hash 1f11d9f38158abf07d405dd838b2751c d83aa34bb3100df51feb5aa3796df9d01f81a146 3729564e7827ffe985d9861be8fe71e8ff3eaaf0fa3ce0c830ca1934f53beeb9 Loading...

	#6 Write - 111217b8a91f1ce16995830c7f3efd57	125 B	2023-08-12 22:05	2024-08-21 08:56
Pretty Observations First Seen2023-08-12 22:05 Last Seen2024-08-21 08:56 Times Seen2 Hash 111217b8a91f1ce16995830c7f3efd57 2086216cd6c9dadf232ab12875aa8e5894ed51d1 cba098ada2e3516987ea136dd3574d67e4e8a41caf51f5d3349c30ca2deb1164 Loading...

HTTP Transactions (133)

URL IP Response Size

h.mangabat.com/themes/hm/images/logo.png

104.26.9.37

200 OK

5.0 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/images/logo.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 150 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5003 bytes)
Hash
6b1646943b62c104c24ddc83ee3cf7d7
dd9f4d45bd1792260f785c423b3b89c9a79a0fed
559d5f5b8d5b0e7ad909062a6264a914e11a91cb8f07b96b91f6e0cb21b7635c

HTTP Headers

GET /themes/hm/images/logo.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/png
content-length: 5003
last-modified: Tue, 28 Apr 2020 00:53:57 GMT
etag: "5ea77ea5-138b"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4bySGxxis2SaUYxaLxfP2dOBWIjXu1LiTuwL0czkqUcjfB09Wg0xS2o1WnEiDRscpG9KLhw2yGbfZKzBpU4NL4RRfJ7LTagIV5f1CoDeRWbPmCqC%2F8UVAHPgPn3oCSW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd3e2ab51b-OSL
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/49/t/29-1682663143.jpg

172.67.5.191

200 OK

66 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/49/t/29-1682663143.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x320, components 3\012- data
Size
66 kB (65906 bytes)
Hash
f7933343a0bf2643e1f8ce5858481239
9db14e472648f47c999e949b3d97ccf66f75217c
2b7102fe860c3c854e5d6464461102b0c51cc94a36e0523f0c154a6081170d74

HTTP Headers

GET /49/t/29-1682663143.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 65906
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "644b66e7-10172"
expires: Sun, 10 Sep 2023 22:11:37 GMT
last-modified: Fri, 28 Apr 2023 06:25:43 GMT
pragma: public
cf-cache-status: HIT
age: 78811
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c5d0b31-OSL
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/images/gohome.png

104.26.9.37

200 OK

32 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/images/gohome.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31950 bytes)
Hash
a9973fe7cfb9ad4ac97744360d4419f2
c5f41f75b2d80f30d8d19145b12918857b72d374
b9ca2dfe60a7e9867db007794393cc65e7db0a43a012204710001232c4277a42

HTTP Headers

GET /themes/hm/images/gohome.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/png
content-length: 31950
last-modified: Sat, 22 Feb 2020 14:59:45 GMT
etag: "5e5141e1-7cce"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuVf%2ByFY1J%2F4JOL71PLopJu22FFNkDywY4LER6hOTDGaB3idcpZ7t%2BxtVWkCS0d0zpv%2FIZ1khqazHIGQSrqQAs9G%2Fbck9paQUyNMjYjqe%2FwnvqctAzoVyip6dIowUPUC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd8e9ab51b-OSL
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/23/o/2-1583466613.jpg

172.67.5.191

200 OK

29 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/23/o/2-1583466613.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x348, components 3\012- data
Size
29 kB (28728 bytes)
Hash
45d722d5efed5ae62f80888b65db1c46
29cb0f0f751ea25e73e01c435d44d1e4ecedd2fc
3b0be02bb33524d436fb10bf4f4342829967dfeb478c95afa9e9b744822ffe76

HTTP Headers

GET /23/o/2-1583466613.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 28728
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "5e61c875-7038"
expires: Thu, 31 Aug 2023 17:10:43 GMT
last-modified: Fri, 06 Mar 2020 03:50:13 GMT
pragma: public
cf-cache-status: HIT
age: 960866
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c5b0b31-OSL
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/8/t/28-1674987406.jpg

172.67.5.191

200 OK

93 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/8/t/28-1674987406.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x324, components 3\012- data
Size
93 kB (92738 bytes)
Hash
c28d643ac5fbe7a407a3d4577875b0b3
3942d1b3c2575797cda9826918dc058fbb08a8ca
81c6d4180b22cb381723c94705a0600400ac23f1f026ee1e7c52da3bc794a689

HTTP Headers

GET /8/t/28-1674987406.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 92738
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63d6478e-16a42"
expires: Thu, 07 Sep 2023 21:30:42 GMT
last-modified: Sun, 29 Jan 2023 10:16:46 GMT
pragma: public
cf-cache-status: HIT
age: 340467
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c580b31-OSL
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/6/t/29-1678721106.jpg

172.67.5.191

200 OK

75 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/6/t/29-1678721106.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x326, components 3\012- data
Size
75 kB (75167 bytes)
Hash
6e36c97fea5e14a5fe81faf13aa877d2
bc1d4d6ab3431428c006be1b2cb1fa0a1f79d5fd
b74e78d55ea421d3239de599034762dc64c1f11483a85f444b3679756e611c3a

HTTP Headers

GET /6/t/29-1678721106.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 75167
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "640f4052-1259f"
expires: Mon, 11 Sep 2023 18:20:03 GMT
last-modified: Mon, 13 Mar 2023 15:25:06 GMT
pragma: public
cf-cache-status: HIT
age: 6306
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c620b31-OSL
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/44/b/27-1671851340.jpg

172.67.5.191

200 OK

100 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/44/b/27-1671851340.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x319, components 3\012- data
Size
100 kB (100108 bytes)
Hash
f478e4592fdeaaf6a756729b37950b77
1e1d619dacc96fbb0355d5d307dbe3af5b71b9e4
b8e3e0a1fe3c6ed4b5641d0fb907a757a9e2437a73da1a3c29147a9efe3d5ab1

HTTP Headers

GET /44/b/27-1671851340.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 100108
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63a66d4d-1870c"
expires: Mon, 11 Sep 2023 17:47:17 GMT
last-modified: Sat, 24 Dec 2022 03:09:01 GMT
pragma: public
cf-cache-status: HIT
age: 8272
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c5f0b31-OSL
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/1-o.jpg

104.22.39.249

200 OK

83 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/1-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1384, components 3\012- data
Size
83 kB (83138 bytes)
Hash
2e6451fca6cc5a988fcad0c25593575a
6ae2f69a0c975761f05d5dbbc99c3a77a4b2e58c
29e418d8b8e76cee0d5cfe8354cdaf12ac1a5672388aa727cc99e2901689d5a8

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/1-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 83138
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a2d-144c2"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:01 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbdd2d80-ARN
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/48/a/20-1585278267.jpg

172.67.5.191

200 OK

110 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/48/a/20-1585278267.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x352, components 3\012- data
Size
110 kB (110172 bytes)
Hash
b16d4323d07186c62ddccf091f8616f4
11829172344a6b58ab78b96e7f9acb6707457311
7913bbc44f42d190163a950fa1822def77de98f6a42a1dbac77f0b499f5900fb

HTTP Headers

GET /48/a/20-1585278267.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 110172
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "5e7d6d3c-1ae5c"
expires: Sun, 10 Sep 2023 12:23:54 GMT
last-modified: Fri, 27 Mar 2020 03:04:28 GMT
pragma: public
cf-cache-status: HIT
age: 114075
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c630b31-OSL
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/7-o.jpg

104.22.39.249

200 OK

133 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/7-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4118, components 3\012- data
Size
133 kB (133405 bytes)
Hash
40b92ffc3e30b9795c3340e10d317dbc
daed2a9fc5cb058710e8f024bee43592b897457f
95ea397e5f1fda90acd44530a6f318a3be53b425c821330872a7b6c8ffbaa9d4

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/7-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 133405
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a31-2091d"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:05 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbd72d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/8-o.jpg

104.22.39.249

200 OK

168 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/8-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x3582, components 3\012- data
Size
168 kB (167979 bytes)
Hash
e4cce6d0fa751489ece178f83e39293c
d8eff321a5f66cda25633ee392492756a9aa19a5
7f5e05e8ad53422b7450cb56577768cbba3216e802a2db38559e48aba84f5c65

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/8-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 167979
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a31-2902b"
expires: Tue, 05 Sep 2023 20:42:27 GMT
last-modified: Wed, 02 Nov 2022 10:45:05 GMT
pragma: public
cf-cache-status: HIT
age: 516162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbdc2d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/6-o.jpg

104.22.39.249

200 OK

219 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/6-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4384, components 3\012- data
Size
219 kB (219385 bytes)
Hash
6b7ea9cbecf89bd382b3d78bf1d49515
f3c52e886591ec964d93bd7b55c468f674269a64
8b12c264e5d8ed089fa73f97aa6f27fcdeff5239c1c91fb47a174b550d109ddc

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/6-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 219385
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a30-358f9"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:04 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbd92d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/10-o.jpg

104.22.39.249

200 OK

209 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/10-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4694, components 3\012- data
Size
209 kB (208926 bytes)
Hash
aadcc427a8edcb6ae1972263a1c20ada
3409ea8a4774e0d9c6f2bf3106b2752fa5a13c66
b3630a9b68d6c5ed20e2601891f5c2f29281e987d6fc7976e2d623f590de5b4a

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/10-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 208926
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a32-3301e"
expires: Sat, 09 Sep 2023 15:40:09 GMT
last-modified: Wed, 02 Nov 2022 10:45:06 GMT
pragma: public
cf-cache-status: HIT
age: 188700
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbde2d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/4-o.jpg

104.22.39.249

200 OK

238 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/4-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4274, components 3\012- data
Size
238 kB (238151 bytes)
Hash
7afb2464a4151692e5ac462bd284cc87
6ae024a5a6a592fb3bc15834ccffdce4704b82ba
74101d7c61b98671e043b36ce2af543f3abacbc393e14981ca1793d29776928b

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/4-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 238151
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a2f-3a247"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:03 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbd52d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/11-o.jpg

104.22.39.249

200 OK

184 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/11-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4579, components 3\012- data
Size
184 kB (183803 bytes)
Hash
da102dc6a06fa0f30ba87124be548212
402e5a3b1b1942f2749418a1e5ef1f19908c19a4
50c23f4872fa91fd8da8122f7a8d17830484bc985b03b76f0c506548a5218a20

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/11-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 183803
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a33-2cdfb"
expires: Tue, 05 Sep 2023 20:42:27 GMT
last-modified: Wed, 02 Nov 2022 10:45:07 GMT
pragma: public
cf-cache-status: HIT
age: 516162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbe12d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/2-o.jpg

104.22.39.249

200 OK

97 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/2-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x2403, components 3\012- data
Size
97 kB (97301 bytes)
Hash
0432acc377ecac313f3a2d3dbd9b7eac
9ff20a9f60babe61bf0583c6b7146ebf6be9f438
58a754c3777ccb2dceccf8ed9019361445a016b94747476ce5ef110c8e103a1b

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/2-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 97301
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a2e-17c15"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:02 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbe82d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/16-o.jpg

104.22.39.249

200 OK

198 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/16-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4360, components 3\012- data
Size
198 kB (197983 bytes)
Hash
dafcc08ddeff863ce0f40eb7792f1839
ec79b2d11cf2a3f64f9c904543abc6510539b300
7de190f5c31cf6963a1720d69f5d5063406c66af1b7013e66ff945f64cf7a0c8

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/16-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 197983
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a35-3055f"
expires: Sat, 09 Sep 2023 15:40:09 GMT
last-modified: Wed, 02 Nov 2022 10:45:09 GMT
pragma: public
cf-cache-status: HIT
age: 188700
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbed2d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/5-o.jpg

104.22.39.249

200 OK

245 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/5-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4603, components 3\012- data
Size
245 kB (245232 bytes)
Hash
2c6b5d22d375a48797ec9fad996b996f
78f7a31323b2fb93bac1542cadc7281c4f00b3bf
557779afacfb884601fb416c7b0caf6dace2121ee703e693d88b98d0f1a20d83

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/5-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 245232
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a30-3bdf0"
expires: Tue, 05 Sep 2023 20:42:27 GMT
last-modified: Wed, 02 Nov 2022 10:45:04 GMT
pragma: public
cf-cache-status: HIT
age: 516162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbd32d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/9-o.jpg

104.22.39.249

200 OK

260 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/9-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4254, components 3\012- data
Size
260 kB (260544 bytes)
Hash
4ff349eccf627a91ce66e97f41846c00
7cf03dab0e780431262a4eff9780399d2ab9bf9f
7664b2fcd917eff0137710709a8f32e46f99ff92097fef1447f158d1881655a0

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/9-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 260544
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a32-3f9c0"
expires: Tue, 05 Sep 2023 20:42:27 GMT
last-modified: Wed, 02 Nov 2022 10:45:06 GMT
pragma: public
cf-cache-status: HIT
age: 516162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbdb2d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/12-o.jpg

104.22.39.249

200 OK

250 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/12-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x5104, components 3\012- data
Size
250 kB (249694 bytes)
Hash
ea2e67d602b8cc4b47265f22cad2358a
ccb9c7e2bc42e5c4f5fb0ab4875e1081eeff4713
2fe6de4bee5cb0a2c23222da8b6b4dd4466717f61001b8b86ac1bcf1339b86ef

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/12-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 249694
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a34-3cf5e"
expires: Fri, 08 Sep 2023 19:08:10 GMT
last-modified: Wed, 02 Nov 2022 10:45:08 GMT
pragma: public
cf-cache-status: HIT
age: 262619
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbe02d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/13-o.jpg

104.22.39.249

200 OK

140 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/13-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x3276, components 3\012- data
Size
140 kB (139774 bytes)
Hash
f6975d2fb3d585eb7400b933a9c9d1b2
673ad835d7745e65e79f0015bbae7d9bd93a5505
5fe5e92fcb302fb5a6c1ffe8164c7f7e9f9147748da0aa5b475aa65b79ebef7d

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/13-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 139774
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a34-221fe"
expires: Tue, 05 Sep 2023 20:42:27 GMT
last-modified: Wed, 02 Nov 2022 10:45:08 GMT
pragma: public
cf-cache-status: HIT
age: 516162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbe62d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/15-o.jpg

104.22.39.249

200 OK

127 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/15-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x2991, components 3\012- data
Size
127 kB (126639 bytes)
Hash
3a2a48e4c7a6aee44c7936bb70c6b18f
c5983a86789aeee0feb14f18a7bfdd3a79895181
fab0736df482b0b3774603e43d4778638771e068508b37ea6fedb2a8f31e6112

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/15-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 126639
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a35-1eeaf"
expires: Sat, 09 Sep 2023 15:40:09 GMT
last-modified: Wed, 02 Nov 2022 10:45:09 GMT
pragma: public
cf-cache-status: HIT
age: 188700
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbec2d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/18-o.jpg

104.22.39.249

200 OK

102 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/18-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x3098, components 3\012- data
Size
102 kB (101841 bytes)
Hash
5ff70963a0922204956bdf8b2580000b
00f9379a05930ea35401b08a2453ce59df1ea03f
5621d938a9467b63391bd9b090fd13bc062d55cf6e9f07e8839042d3a4cc621d

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/18-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 101841
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a37-18dd1"
expires: Tue, 05 Sep 2023 20:42:27 GMT
last-modified: Wed, 02 Nov 2022 10:45:11 GMT
pragma: public
cf-cache-status: HIT
age: 516162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddec132d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/21-o.jpg

104.22.39.249

200 OK

277 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/21-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x5453, components 3\012- data
Size
277 kB (277156 bytes)
Hash
bcc41b2361eb30ff3fad13eb375388d5
ab54784c3ebbf77928ebd3fb7a6b4d48a9dff903
584679f906efcf9903d265b2c3c3892368f07ef43c11f6a271a9a9a0fa480453

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/21-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 277156
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a38-43aa4"
expires: Fri, 08 Sep 2023 19:08:10 GMT
last-modified: Wed, 02 Nov 2022 10:45:12 GMT
pragma: public
cf-cache-status: HIT
age: 262619
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddfc372d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/14-o.jpg

104.22.39.249

200 OK

241 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/14-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x5604, components 3\012- data
Size
241 kB (240869 bytes)
Hash
b4613c27e6e24c7ae67a692ecfd052de
01679d7aadf4c21bb57e342f315c2d2c405f0393
138dc0b8a048edf308b6542447c75215aefa5a226188f9cd7c83db9833ce6906

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/14-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 240869
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a35-3ace5"
expires: Tue, 05 Sep 2023 20:42:27 GMT
last-modified: Wed, 02 Nov 2022 10:45:09 GMT
pragma: public
cf-cache-status: HIT
age: 516162
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbe42d80-ARN
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/12/c/29-1679391213.jpg

172.67.5.191

200 OK

122 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/12/c/29-1679391213.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x321, components 3\012- data
Size
122 kB (122322 bytes)
Hash
79c931c21333759316e4f7cdb6dc4980
84d583b108acbee842def7fa35e6fb2a4cb7997e
18841d5941e089619c406978ed364765b5878a4657988c6bfb947e0277c35fa2

HTTP Headers

GET /12/c/29-1679391213.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 122322
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "641979ee-1ddd2"
expires: Fri, 18 Aug 2023 16:46:33 GMT
last-modified: Tue, 21 Mar 2023 09:33:34 GMT
pragma: public
cf-cache-status: HIT
age: 2085516
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c5a0b31-OSL
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/43/v/30-1689568240.jpg

172.67.5.191

200 OK

132 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/43/v/30-1689568240.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x275, components 3\012- data
Size
132 kB (131559 bytes)
Hash
3fac4ee45465e1b1e537b664981ec059
00616cc1b0c57e3463128f5e7d42ea3725111993
4a8e6d1ce530b699ab20c499998cd7c8fe51ff25d84ab8d80214a5eb4f75ff07

HTTP Headers

GET /43/v/30-1689568240.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 131559
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "64b4c3f1-201e7"
expires: Sun, 10 Sep 2023 22:22:11 GMT
last-modified: Mon, 17 Jul 2023 04:30:41 GMT
pragma: public
cf-cache-status: HIT
age: 78178
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c610b31-OSL
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/3-o.jpg

104.22.39.249

200 OK

199 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/3-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4667, components 3\012- data
Size
199 kB (198669 bytes)
Hash
7dc252dbf922d2aa9a5cb7a056260765
f7243cc434ac191a654930916d74444c86f1b54a
44ade385e7e6e01f89944ff5081f8dbb23ab66f48940309926d5635b1d9257d4

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/3-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 198669
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a2f-3080d"
expires: Fri, 08 Sep 2023 19:08:10 GMT
last-modified: Wed, 02 Nov 2022 10:45:03 GMT
pragma: public
cf-cache-status: HIT
age: 262619
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddcbeb2d80-ARN
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
865eb4c335f2adc2d9296b609e0a7ac2
51e3d8c6c27b8f9feb0ff1d81463494f9113a1d2
fa5739cbb0f40704223b16811c71c952b83057828ee52cbd02ac5401647968d2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

avt.mkklcdnv6temp.com/6/h/31-1691386096.jpg

172.67.5.191

200 OK

129 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/6/h/31-1691386096.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x312, components 3\012- data
Size
129 kB (129445 bytes)
Hash
2a40c267397d3837a7416b970e04b443
dd9a0384d10b21228f2f0cc3afe76aec5d0a2a66
0492a08505b5b107003f88de9b5bae3779a859e85ae270eb1cc426757d1877b4

HTTP Headers

GET /6/h/31-1691386096.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 129445
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "64d080f1-1f9a5"
expires: Wed, 06 Sep 2023 05:36:48 GMT
last-modified: Mon, 07 Aug 2023 05:28:17 GMT
pragma: public
cf-cache-status: HIT
age: 484101
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de2c740b31-OSL
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/17-o.jpg

104.22.39.249

200 OK

225 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/17-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4731, components 3\012- data
Size
225 kB (224765 bytes)
Hash
915a4d40c29efafc43756494a8b107ec
ef542cdd5ec54847a5bb7e4636d70e93b6ff8b23
fdcedf7b8cb258b0edaf6bb8060bad0268b6d8ef60fb2dd5dc2749f6b6047b4d

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/17-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 224765
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a36-36dfd"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:10 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54dddc0b2d80-ARN
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/17/k/30-1684490970.jpg

172.67.5.191

200 OK

82 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/17/k/30-1684490970.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x324, components 3\012- data
Size
82 kB (81672 bytes)
Hash
09518cac1f1161cbcedb1ad7498f37c6
7de0d49567bf478c9ceb90549c165b179f3d2e65
2c35420003d2a5bc312920e9893b9951aa790c33ae5ce66e07143db8f6f06dff

HTTP Headers

GET /17/k/30-1684490970.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 81672
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "64674adb-13f08"
expires: Sat, 26 Aug 2023 11:56:02 GMT
last-modified: Fri, 19 May 2023 10:09:31 GMT
pragma: public
cf-cache-status: HIT
age: 1411747
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de8cf20b31-OSL
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/30/u/26-1658163785.jpg

172.67.5.191

200 OK

145 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/30/u/26-1658163785.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x320, components 3\012- data
Size
145 kB (144600 bytes)
Hash
f86050767d4b294199c77c8288f2db33
7555df6453f3fe660be35deeaaf4a6f6af2a8813
063407ca3e34fe2853f4fddf55a8009638f75b9463320896171c6db10bad7bef

HTTP Headers

GET /30/u/26-1658163785.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 144600
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "62d5924b-234d8"
expires: Sun, 10 Sep 2023 22:45:32 GMT
last-modified: Mon, 18 Jul 2022 17:03:07 GMT
pragma: public
cf-cache-status: HIT
age: 76777
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de8cf80b31-OSL
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/19-o.jpg

104.22.39.249

200 OK

145 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/19-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x3639, components 3\012- data
Size
145 kB (144707 bytes)
Hash
063eb304b71e3bfaa9350d8dae03490e
8a61a3d616a209a97499b8db0f4b157d70fadaaa
b3da3b76538c7c721f506bf61112aafe2756f2f681004b8ee4a838e69ca57df1

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/19-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 144707
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a37-23543"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:11 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddec142d80-ARN
X-Firefox-Spdy: h2

avt.mkklcdnv6temp.com/45/f/30-1689671490.jpg

172.67.5.191

200 OK

152 kB

URL GET HTTP/2
avt.mkklcdnv6temp.com/45/f/30-1689671490.jpg
IP
172.67.5.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint29:DF:BF:20:6C:56:D6:A9:FC:7B:BD:C0:72:C7:A3:55:D4:C7:B5:8C
ValiditySun, 11 Dec 2022 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 225x320, components 3\012- data
Size
152 kB (151606 bytes)
Hash
7b101c125da717eb6b09a32d5cce6224
601d1001c49f88812037d5470d42ed8cd3a80b70
043fdc0e1d91738b89ce68c4d2d6b7f4d52871ebd672fa2ab2c12e6e2aed27f2

HTTP Headers

GET /45/f/30-1689671490.jpg HTTP/1.1
Host: avt.mkklcdnv6temp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 151606
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "64b65742-25036"
expires: Thu, 17 Aug 2023 09:20:02 GMT
last-modified: Tue, 18 Jul 2023 09:11:30 GMT
pragma: public
cf-cache-status: HIT
age: 2198707
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de8cfa0b31-OSL
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/20-o.jpg

104.22.39.249

200 OK

127 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/20-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x3539, components 3\012- data
Size
127 kB (126953 bytes)
Hash
a00e9dd63406a2f4b46d59f772e9d97a
f3f4e695b3c8ec9db0c680a9f6f0d166ba4472f2
6b24d156e8541c7a63d028c47825dd273fcc367410d9f2f3aaf4ed6c49b942f6

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/20-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 126953
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a37-1efe9"
expires: Fri, 08 Sep 2023 19:08:10 GMT
last-modified: Wed, 02 Nov 2022 10:45:11 GMT
pragma: public
cf-cache-status: HIT
age: 262619
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddfc362d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/22-o.jpg

104.22.39.249

200 OK

216 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/22-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4072, components 3\012- data
Size
216 kB (216178 bytes)
Hash
3c4db6acf2ca476649a407a4857b9b9e
45aa21d087472efe0efadca61a775b434de53385
965150c331673566c55d88eb78b475cd93a428f9f5bc2a119132bbc7b40f22fe

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/22-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 216178
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a39-34c72"
expires: Tue, 05 Sep 2023 20:42:28 GMT
last-modified: Wed, 02 Nov 2022 10:45:13 GMT
pragma: public
cf-cache-status: HIT
age: 516161
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de0c3f2d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/23-o.jpg

104.22.39.249

200 OK

198 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/23-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 850x4142, components 3\012- data
Size
198 kB (198061 bytes)
Hash
c272813ca1e9fee7d8cc47c72d700928
28744bc07d80858972565920082d471589e56d31
8d1acb441d1eb391ca599b6cf3a9ed3d06a4504ab3b9988eb2fe3ec2f34cd961

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/23-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 198061
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a39-305ad"
expires: Fri, 08 Sep 2023 19:08:10 GMT
last-modified: Wed, 02 Nov 2022 10:45:13 GMT
pragma: public
cf-cache-status: HIT
age: 262619
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de2c512d80-ARN
X-Firefox-Spdy: h2

v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/24-o.jpg

104.22.39.249

200 OK

136 kB

URL GET HTTP/2
v3.mkklcdnv6tempv2.com/img/tab_23/04/15/99/pv992956/chapter_1/24-o.jpg
IP
104.22.39.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:5F:C0:4B:92:B3:3A:01:B2:2D:BA:97:77:78:15:EA:B9:B4:B9:5F
ValidityMon, 12 Dec 2022 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1688, components 3\012- data
Size
136 kB (136470 bytes)
Hash
0a4c5aae3c7680ee1663d25757c4c9ab
a9f9941aabf34d36da3c5ed04360c4dcc367a012
21047719b319106c3e8596e9a25dcdecd5f3041ca4dfd61955e425de09289dd5

HTTP Headers

GET /img/tab_23/04/15/99/pv992956/chapter_1/24-o.jpg HTTP/1.1
Host: v3.mkklcdnv6tempv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: image/jpeg
content-length: 136470
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-bgj: h2pri
etag: "63624a3a-21516"
expires: Thu, 07 Sep 2023 11:28:12 GMT
last-modified: Wed, 02 Nov 2022 10:45:14 GMT
pragma: public
cf-cache-status: HIT
age: 376617
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54de2c522d80-ARN
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f6e5e69ecba29d09e0467b848f03fcd0
bb4e3515d720590e3ba81aa9aadda50b4811ddac
93c5867395765264a81efc48623950290ff388c14002423803cdebb24f89465a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 20:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

beggingoppida.space/t64d7e485b4c8d/49207

142.91.159.165

200 OK

25 B

URL GET HTTP/1.1
beggingoppida.space/t64d7e485b4c8d/49207
IP
142.91.159.165:443
ASN
#7979 SERVERS-COM

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subjectbeggingoppida.space
Fingerprint5A:21:B3:F4:89:F9:02:07:B9:D4:D3:0E:35:B1:C9:7A:11:5A:DB:68
ValidityFri, 28 Jul 2023 14:14:17 GMT - Thu, 26 Oct 2023 14:14:16 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /t64d7e485b4c8d/49207 HTTP/1.1
Host: beggingoppida.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Aug 2023 20:05:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sun, 13-Aug-2023 20:05:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIpPjAC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e6R3O; expires=Sun, 13-Aug-2023 20:05:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.googletagmanager.com/gtag/js?id=UA-163155093-1

142.250.74.168

200 OK

66 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-163155093-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintB8:00:22:F1:F1:80:E5:11:65:10:02:04:DA:9B:FA:C3:3E:F6:7A:70
ValidityMon, 17 Jul 2023 08:16:31 GMT - Mon, 09 Oct 2023 08:16:30 GMT

File type
ASCII text, with very long lines (4289)
Size
66 kB (66498 bytes)
Hash
156e385730857672986c6cbbf955e81a
c506a62e550fea12cc6e4b5fe8caf4aa92cd5e56
14511c613600db216565b6e248199a739959001c5bf3820762bc47fe52b40db8

HTTP Headers

GET /gtag/js?id=UA-163155093-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Aug 2023 20:05:10 GMT
expires: Sat, 12 Aug 2023 20:05:10 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Aug 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66498
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/js/jquery.slicknav.min.js

104.26.9.37

200 OK

2.9 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/jquery.slicknav.min.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (640)
Size
2.9 kB (2896 bytes)
Hash
7037bb2073d73d96c5b14b6f1a09aa95
3afb044170677d48b9c4285b29aa30bbf2042e5b
a63a7806f4526db61ef1c3379f406093450457301672b8288920afb5eb5ea032

HTTP Headers

GET /themes/hm/js/jquery.slicknav.min.js HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Mon, 24 Feb 2020 08:12:21 GMT
vary: Accept-Encoding
etag: W/"5e538565-2400"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8brJsfU9JHvBIerC4qhQ0KYd6T7YyhakDNhuBRpqPjc7SLXsDLxeH3WcRPyf3KtC51LJbzu8JKwnr8vF0XtseVhiHKEQSepWk7f%2B6xZW4zeteRghuLtoD1M%2BW0m2c5FD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd2e0bb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f1e05bc8656466ed7f19cbf61ce78e4
f9e5f6eefc197084c31e45173204d63ac5d1d205
b945ab01642936f842281d00a2ab1444d5541585022b74f74229ba9c7e789e9f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

h.mangabat.com/themes/hm/images/background-readpage.png

104.26.9.37

200 OK

3.7 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/images/background-readpage.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 54 x 58, 8-bit/color RGB, non-interlaced\012- data
Size
3.7 kB (3725 bytes)
Hash
2bc8430b109ff63f4e0a0a953239c36f
484df72066df0e236005ee28422f4f9ec80123c9
ee5fe1eccfbd3ddec80eaf31468bbfe7d113d1954877e058f22c29a7cfa0cae6

HTTP Headers

GET /themes/hm/images/background-readpage.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/themes/hm/css/c-style-chapter.css?v=02232021
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 3725
last-modified: Fri, 28 Feb 2020 08:40:09 GMT
etag: "5e58d1e9-e8d"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeOZVY%2FszMVOzvIp47ibMdhaEE%2Fmgq9Vj1E0Q2yK%2B%2FjYSuF0UXCQro7uWDT2KSmeJK7aJy6H00O3LOjbLzRc6EEy83HVmdID60fwRroq2vZFVIjmxrjX7lQNf1Pg1dQu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e82fcdb51b-OSL
X-Firefox-Spdy: h2

h.mangabat.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.26.9.37

200 OK

6.8 kB

URL GET HTTP/2
h.mangabat.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
6.8 kB (6800 bytes)
Hash
f391fc406b559147265e973bcf5231eb
5fbd6f1e3f9b219f290437f8249375e690c62abe
3fb82b8a722f04b84dcb93f5794c31a432fb9ba9137d4a26d414e37880d47136

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Tue, 08 Aug 2023 14:42:33 GMT
etag: W/"64d25459-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9b1c4dxGy%2BEqEk%2FUemkltlG%2Blb9vl3edQIlFMMu1TtEZkvbY%2FVZvSUhTEOw8MlHyTWOukTTd0QnHpEikkQV2En1XinXqs6chxYB8yi9HcJWeZ%2BZjRyWCFM40VczgQ00"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ddceeab51b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 14 Aug 2023 20:05:09 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/images/login-icon.png

104.26.9.37

200 OK

1.6 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/images/login-icon.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 26 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1576 bytes)
Hash
f57e56f72817be0f252d91b3f7076d24
7e9722fedd354b3a7fe2b8257ac70952744ae089
1eb3e9ee1c35a466252547222d2bb42388f36911fefa68169a621ada719bed97

HTTP Headers

GET /themes/hm/images/login-icon.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/themes/hm/css/c-style.css?v=08032022
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 1576
last-modified: Thu, 12 Sep 2019 10:00:12 GMT
etag: "5d7a172c-628"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jylmQ8Wtg5MJSKqjL9celdCOSr40n844GZakwuoflvDb%2B6Pkl7xXSPWZJiUzBbiZAoATHW7vw9%2BrSL6QPD1yCyQ155PF6BR2ikwrB4xRjDXXFX3HrhuHHxwFq0smqyFv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e84805b51b-OSL
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/images/arrow.png

104.26.9.37

200 OK

2.6 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/images/arrow.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 16 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2552 bytes)
Hash
03c0f5cf44db794587cb192e9422b714
fb504dd1d49f444099035bdcfd64b92d89dc8d10
f0009e34e5faab2d8e5c5dc112c8086c15ae8075306bbb9e9b4c068e6e9f151e

HTTP Headers

GET /themes/hm/images/arrow.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/themes/hm/css/c-style-chapter.css?v=02232021
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 2552
last-modified: Fri, 20 Sep 2019 12:07:48 GMT
etag: "5d84c114-9f8"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnVqOzSY01NHExvkovvU2P%2BLZWfQ0cEnJk2NJgbDs4DDa%2FpRNNItDeAKtl5EkZUZc0qWQQIKd0DY2PqwgmrP2KTOTh4QNnEA95wz7n%2BiCotffY17MQr4G%2FypKYGf4KnR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e84808b51b-OSL
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/images/item-bg.png

104.26.9.37

200 OK

310 B

URL GET HTTP/2
h.mangabat.com/themes/hm/images/item-bg.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 6 x 7, 8-bit/color RGBA, non-interlaced\012- data
Size
310 B (310 bytes)
Hash
194c4868261bfcf65906200d694b6794
bb0696494fcf5eb4f0916662fb8a7327864c0fb0
4e97381edf31f1672bf683728efde6db591547bcb5459370cc2452c4efec908a

HTTP Headers

GET /themes/hm/images/item-bg.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/themes/hm/css/c-style-chapter.css?v=02232021
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 310
last-modified: Wed, 18 Sep 2019 10:12:11 GMT
etag: "5d8202fb-136"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLzsR6KbzLHVb4zrLWgIJHYvt7bPygW%2F68tQKcDNoqaZhln8hh7xT3lBTD50f%2Fd7lbrSyb48DW75L1ZAJWixjUJs2D34woJxKvb4PBceR2KOJLwXySjufwX6ZovD64eI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e8480cb51b-OSL
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/images/loading.gif

104.26.9.37

200 OK

265 B

URL GET HTTP/2
h.mangabat.com/themes/hm/images/loading.gif
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 18 x 4\012- data
Size
265 B (265 bytes)
Hash
ed9cfe5378f4d6f5a0627d2c32454d67
679ddd617b7d5a773f6a8434856ea379efa44b0a
1d0b36d7bcb7c17d2192a9adfa2e18c2ecfab6198c8f40f76530695c3c661abe

HTTP Headers

GET /themes/hm/images/loading.gif HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/themes/hm/css/c-style.css?v=08032022
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/gif
content-length: 265
last-modified: Mon, 23 Sep 2019 16:04:15 GMT
etag: "5d88ecff-109"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkt0IFHxPzneHO%2FdQbhOsJln6nLBxJSynq3x%2BSj7NW12QcTJejdyHwe3zUzFQ61ay8CvfzCU01xK6tZRUz8qfYElDRktqlAgOxD3jQfUFTVImZc6IFNSILzmDdrRg%2B15"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e8480bb51b-OSL
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/js/changes-mode-chapter.js?v=1.2

104.26.9.37

200 OK

3.7 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/changes-mode-chapter.js?v=1.2
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3665 bytes)
Hash
1005e432069294c218375e8c18779730
7d03eab6cc716f89194c64e89f8c6a6458e6fad3
87c109cf690edd19f375735ebeb27316549cb455e295168d6c60ab2b261fe82d

HTTP Headers

GET /themes/hm/js/changes-mode-chapter.js?v=1.2 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Wed, 11 Mar 2020 10:50:18 GMT
vary: Accept-Encoding
etag: W/"5e68c26a-65d"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOa9yNDQmePM6%2FwavUgII%2BoQlJB7cWw5DJJD2VsDre%2F6JGj%2B6x1r7E1JcmztNwrkGSg4QgPVHfw%2BdGNy585Bnf3%2Bj111FdMi7tfPuasMMd3nNrHRB0ufPesz7BJWY%2FGB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ddceedb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
581a362d08528e96212d28474b426504
f1b6cbd22e5dd6c52860ed433b1167c3aea0c2b3
8d6be995bdce6dfc00a5d9e11e4ea97089403badcc6a0ee76622d2759bd5b91d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
581a362d08528e96212d28474b426504
f1b6cbd22e5dd6c52860ed433b1167c3aea0c2b3
8d6be995bdce6dfc00a5d9e11e4ea97089403badcc6a0ee76622d2759bd5b91d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

h.mangabat.com/themes/hm/js/tooltip.js?v=08032022

104.26.9.37

200 OK

1.9 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/tooltip.js?v=08032022
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1947 bytes)
Hash
88a3b3ccc96a83bdc327fa582ba62212
25d35bb59054e5f814f945fadcdc7184cd31ccbb
704d1b10c0ce18ff7b617cf2428c74ec1ea6acccd1bcb19454408be6f8fd0f2f

HTTP Headers

GET /themes/hm/js/tooltip.js?v=08032022 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Sat, 14 Sep 2019 08:12:03 GMT
vary: Accept-Encoding
etag: W/"5d7ca0d3-f2b"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TemWgat8z%2BslivhX7eUGG6SLFybfqB9YNVy4w35wibba%2B1znpQ95FZBU0ORy8SDQP1wE3GhEr2P3tGFzJAtPI7ix6ca2HYfkBNq0eQGmM3cFPv9pxvS%2BX7vwI3t8%2BChi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd3e1eb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v30/o-0TIpQlx3QUlC5A4PNr4Az5ZuyDzW0.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosans/v30/o-0TIpQlx3QUlC5A4PNr4Az5ZuyDzW0.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Size
13 kB (12688 bytes)
Hash
692ee7cf44634c67b93b32e35afebc9c
8d3ddb16e90463142b45158f5ce26a60a375e09e
53e5b7b1233909d699bf045a93077b5536c38490a8409e7b4d0168a1a6bee45b

HTTP Headers

GET /s/notosans/v30/o-0TIpQlx3QUlC5A4PNr4Az5ZuyDzW0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Aug 2023 00:06:49 GMT
expires: Sat, 10 Aug 2024 00:06:49 GMT
cache-control: public, max-age=31536000
age: 158302
last-modified: Thu, 27 Jul 2023 22:02:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr6zRAW_0.woff2

216.58.207.227

200 OK

40 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr6zRAW_0.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 39592, version 1.0\012- data
Size
40 kB (39592 bytes)
Hash
7da1a2ac672b31ae158cde5813fa33f9
5c51a0ddeeb133da08ab3d70c2834b600142ae4c
b22de96203399cc534a763a56f35f19d9a6e47034a0ff45900e5ea1528f1b495

HTTP Headers

GET /s/notosans/v30/o-0IIpQlx3QUlC5A4PNr6zRAW_0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Aug 2023 00:19:30 GMT
expires: Sat, 10 Aug 2024 00:19:30 GMT
cache-control: public, max-age=31536000
age: 157541
last-modified: Thu, 27 Jul 2023 22:02:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/js/cookie.js

104.26.9.37

200 OK

14 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/cookie.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
14 kB (13933 bytes)
Hash
8e55f74e37d822e25494c54c54d0b664
7c9da963f1e7445bc542747f7a54920656efa09e
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

HTTP Headers

GET /themes/hm/js/cookie.js HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Thu, 10 Jan 2019 14:06:47 GMT
vary: Accept-Encoding
etag: W/"5c375177-792"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIzi8djNJRQVUj4SKCxaP7NRBJWkDiHfpi6ndfNFVn5XQDfLokAoKapGVRYxJIYIXdBgF0fFW7V9ur95p%2F6U7oijeu1O91WJHcOyCUdoUS%2Fb8%2Bn0WSegog8xXJa9r9ec"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd2e0cb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

216.58.207.227

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14256, version 1.0\012- data
Size
14 kB (14256 bytes)
Hash
0f7d9a10be7f1a2f1a2add4dded5dae5
03184a1d29b1199670b159f72db9f134def99cb7
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54

HTTP Headers

GET /s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Aug 2023 00:06:16 GMT
expires: Sat, 10 Aug 2024 00:06:16 GMT
cache-control: public, max-age=31536000
age: 158335
last-modified: Thu, 27 Jul 2023 22:02:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/js/owl.carousel.js

104.26.9.37

200 OK

24 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/owl.carousel.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
24 kB (23566 bytes)
Hash
b8da51d56f34177fd1f664e1febd55d0
13a4afb5fb2f6df26cf2c2680c16995976c96ba5
3192e52316a72003209e67550052ddc03bb577d9ab1f8c2e5f9de364e3cd8b41

HTTP Headers

GET /themes/hm/js/owl.carousel.js HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Fri, 11 Jan 2019 05:21:13 GMT
vary: Accept-Encoding
etag: W/"5c3827c9-d731"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faG3alk2kMHwyBmaWMEIENxMlv69Sq9hd5QJVm30Jd7j0t0p2VnxWmwLJ8ivrz6zEDVfKwa0FcTU4His00o9CNN4Ns3kBZYj92HkPGrmawo5m7S92heIqQhQt5E3INpM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd2e05b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
581a362d08528e96212d28474b426504
f1b6cbd22e5dd6c52860ed433b1167c3aea0c2b3
8d6be995bdce6dfc00a5d9e11e4ea97089403badcc6a0ee76622d2759bd5b91d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

h.mangabat.com/ads/bidgear_300x250_desktop_2.html

104.26.9.37

200 OK

79 kB

URL GET HTTP/2
h.mangabat.com/ads/bidgear_300x250_desktop_2.html
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
79 kB (78571 bytes)
Hash
8928479d83b1ed93cc5acd7715a3ff54
d02dca51f12aeeae7679bafaf9b84220820aa30c
1f050601deed9d1243db69af82a73fe126ac019827f06690dc425f12eed8dcb1

HTTP Headers

GET /ads/bidgear_300x250_desktop_2.html HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: text/html
last-modified: Wed, 15 Dec 2021 09:55:27 GMT
vary: Accept-Encoding
x-powered-by: VPSSIM
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvOWwQoPpCVb2cG%2FyVdgdOBLtRlmhYRRpvmm654T6zXK7YN1HeZduxVzTIsOCOZ%2F%2F6LTfL7js6MaPTk6BkM%2BIT%2Fayo5tLnuRmqUgW6GqKILdHhutiGuDd893GxsMNFWF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e80f90b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ip2geo.pubfuture-ad.com/detail

104.26.0.97

200 OK

33 B

URL GET HTTP/2
ip2geo.pubfuture-ad.com/detail
IP
104.26.0.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
007af5ffed017e37943df31888ef8666
2877ed4c460ba9164b3625e32502a9d83a2a1d4a
bfb9d45766b6f87ee2c5f55862cdffe168aa7df0ff6ed0917b0fbcb035fdcdd2

HTTP Headers

GET /detail HTTP/1.1
Host: ip2geo.pubfuture-ad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: application/json; charset=utf-8
content-length: 33
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"21-KHftTEYLqRZLNiXjJQKp2DoqHUo"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYmxC0D0VrnKasSTe7%2BMw3tVcpnrVwnxhkdLzBDImDTJ0IoPxthNk2oWNmsjGzZMdI4lvUz0tTEk%2BYArLVjySC8ME%2BAJKFVjnuMmXuj4xD2Mo5j%2FipzM0AvbCqgid1ARpgstHNTobUgq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e94a951bfa-OSL
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/js/custom.js?v=08032022

104.26.9.37

200 OK

42 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/custom.js?v=08032022
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
42 kB (42258 bytes)
Hash
cd43731a50d96089c88098c60fb4aa55
688250c21667beb162f4bde0ea05257173b3fcc3
8f46d4729002eaa410db1fc54ca6b21e97bcedf50fe26f620552ea08784d3dc7

HTTP Headers

GET /themes/hm/js/custom.js?v=08032022 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Tue, 06 Oct 2020 11:31:03 GMT
vary: Accept-Encoding
etag: W/"5f7c5577-13d9"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOOiCF%2B6oxbFpJOKhOTsOefw7xVx1XzwduUwKxLzEXyyYapChCofowg34v2rZlTbD4eiT3iN%2BjzXUTFVlOcHfbxlqeakbArlfXJ7kXZLChpmMRAPfvDohNzfBfw%2B1cSW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd2e13b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

m.mangabat.com/themes/hm/js/jquery-1.9.1.min.js

104.26.9.37

200 OK

37 kB

URL GET HTTP/2
m.mangabat.com/themes/hm/js/jquery-1.9.1.min.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32089), with CRLF line terminators
Size
37 kB (36560 bytes)
Hash
383771ef1692bfcc3f2b6917ca985778
a1ce0bfa507f23cc414a9a7634bd73b994bb3b35
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

HTTP Headers

GET /themes/hm/js/jquery-1.9.1.min.js HTTP/1.1
Host: m.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: application/javascript
last-modified: Thu, 10 Jan 2019 14:06:42 GMT
vary: Accept-Encoding
etag: W/"5c375172-169d9"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRONnR1QjWOEzfwfO6G5wEmaDQM5uhzgCSSK4MbAl2Cm%2FH0AMrZfhSqoPTwLUGosFcGZdIpaxI5xqgQkEz7p30LAB6PgWDvtfBn5ufpg00xs%2BGOOUy1VQh%2F4tNtNW0SN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ea8abfb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5276

104.26.3.107

200 OK

1.5 kB

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5276
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2477), with no line terminators
Size
1.5 kB (1513 bytes)
Hash
ee087472d5baf257c8184b17cdf24778
226c3487557e6cabf1e7956980efd92f9bb63cad
87216efe7698295aa147f72939e54a9e9b6a84d515bc53fd9f464ded800a80e4

HTTP Headers

GET /ads.php?domainid=4346&sizeid=2&zoneid=5276 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOkOQ8JLYy95dUx%2FwNW%2FnVU6YwrtKTl5xEmIfqFNniE31qA%2FWV1oJpZ86wzb9eQySN2rsWPOB5i1hrgM2oahnDKVX%2FAXkP3GNHk1URrH5h94Weiyh42Z5KdpZJixaJEgUJOZDHlm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ebcc35b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5273

104.26.3.107

200 OK

34 kB

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5273
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (735), with no line terminators
Size
34 kB (33734 bytes)
Hash
9c57fd927a0aa87f07ad7ecb9257f753
87daf7aefed1ec54d0daad8d3780b38789c7dc77
377661856e1579cc33f8fbd96778b4dedc07e740ed6d8b8421292e90bd8944ea

HTTP Headers

GET /ads.php?domainid=4346&sizeid=2&zoneid=5273 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BBTbxgKra9Pwgs37nYOq6pkDT%2BmGicVapqHivaUECt%2FfOrwfce98Q%2FHw7uH2XZdLYqVPNFfeIS3I0MCF4WB9GKVi8EFKUqKm2ie14ikG90AsUfCTPNCO5yQ2ZJIi8g5v4vmKXS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ebabffb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=5276&uuid=8715076c27c643208e2c954eac0b8bb6&p=36&g=NO&token=4a44335432&tbg=1691870711

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=5276&uuid=8715076c27c643208e2c954eac0b8bb6&p=36&g=NO&token=4a44335432&tbg=1691870711
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=5276&uuid=8715076c27c643208e2c954eac0b8bb6&p=36&g=NO&token=4a44335432&tbg=1691870711 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7P6AGYJQnfByl7ubSQRQzLeuZaP2ggPbK79TN3MRTcVNkyk8EttsG7cTFDsQz%2BIHs2Ql%2BLHVuwaALLegvXHJnlr5hmzjG9sKX3cMN3j7RpEr5s3mTiEpVir4P8lK4OynCZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ed5e92b50f-OSL
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=5274&uuid=109bb63c1a1447c5822172a54a4f7aee&p=36&g=NO&token=4a44335432&tbg=1691870711

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=5274&uuid=109bb63c1a1447c5822172a54a4f7aee&p=36&g=NO&token=4a44335432&tbg=1691870711
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_2.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=5274&uuid=109bb63c1a1447c5822172a54a4f7aee&p=36&g=NO&token=4a44335432&tbg=1691870711 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3pnxkcnxpnNwMR1LwFhBv1f%2FlAyLfAQxjddhQYa4LwGmgGiS%2BceOPHoKGOr4pVpPhJw5dgbkPZcePhMHkarH%2Fa2%2B%2Fd3HfHecnWeIdsUjzYl2%2BRyGIuscmsce2x69Gc6hYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ed6ebeb50f-OSL
X-Firefox-Spdy: h2

m.mangabat.com/themes/hm/js/jquery-1.9.1.min.js

104.26.9.37

200 OK

34 kB

URL GET HTTP/2
m.mangabat.com/themes/hm/js/jquery-1.9.1.min.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32089), with CRLF line terminators
Size
34 kB (34407 bytes)
Hash
383771ef1692bfcc3f2b6917ca985778
a1ce0bfa507f23cc414a9a7634bd73b994bb3b35
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

HTTP Headers

GET /themes/hm/js/jquery-1.9.1.min.js HTTP/1.1
Host: m.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: application/javascript
last-modified: Thu, 10 Jan 2019 14:06:42 GMT
vary: Accept-Encoding
etag: W/"5c375172-169d9"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJUM%2BfeGwJCM2su6ompi0txhaDc65tWCqoc5hCbRS8A%2FixYy4ZMHWkgeS6dGxr1lFjJ8helHvi%2Bbjlu9%2F6LLsZB6lHCE1F3lvRVKbDF6ubtR3%2F78G0ijqdyuafsTiIvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ea9ad0b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/ads/bidgear_300x250_desktop_1.html

104.26.9.37

200 OK

1.4 kB

URL GET HTTP/2
h.mangabat.com/ads/bidgear_300x250_desktop_1.html
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
1.4 kB (1406 bytes)
Hash
e9b36d2bd7e74952530230f0b8bbc19e
3036ea892485bcb1c207202e1d63aeebe4e3006a
ac1e60c8404a31b9f7fed8be49ffc08e4c7dec22ee9d6ca24e26b2efe77b796c

HTTP Headers

GET /ads/bidgear_300x250_desktop_1.html HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: text/html
last-modified: Wed, 15 Dec 2021 09:55:14 GMT
vary: Accept-Encoding
x-powered-by: VPSSIM
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGb0fYL3aOls3FpP2pop%2BqLjUPF76CxWpSs80%2BT1E8OXCQwaJ0sfJr9ff%2BXOZY6Z8LD8hMmDFDfDdvmIBRvuW%2FceDApNbYzbbNOqsyDWvvR3cUDAhy23PuKqHVtffYF3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e80f80b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.248

200 OK

1.2 kB

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_1.html
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint9C:9C:8C:15:3B:65:AB:34:94:B5:CD:26:D6:67:61:2A:99:F9:0A:7B
ValidityTue, 01 Aug 2023 11:24:30 GMT - Mon, 30 Oct 2023 11:24:29 GMT

File type
JSON data\012- , ASCII text, with very long lines (1608), with no line terminators
Size
1.2 kB (1206 bytes)
Hash
1d62f90f11cc3b657656dff448f0f030
865a29a357d8c31ea563d3769d4cb732f54f4a46
1dc3b552d5039f8dbd016f7bd50a941ed1c47630daf2efac2e1721be13b028c1

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 297
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Aug 2023 20:05:12 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2264d7e5f8129a51.687905282774366450%22%3B%7D; expires=Mon, 11-Aug-2025 20:05:12 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VOy04DQQz7FX5gR4knmUfPnEEC8QGzL7hsOZRDkfzxzG6rSsSKlMSWYwjiIGVQPGk6iZ8UrBqqBENQN768vtGUW9ja+bON7SdM3xsdyFmYahUrLCVp30y8REl0zfTs0VKnNFqt2ajOSOlAJ2yfgohGeNXCnPnx/ny0doBR5AqXPu//qQJ2C8p1d5g127wiSZ0zWobJ5GX2tK5x0cXLLuTX/8ByQxAFjg/3A6NahIGDPhZjL+FBt8vveSIf8hv8boC65zXbg7KV5qPBqs/rMtmY1HQc1ZAlrorlD6QuN1lrAQAA

95.211.229.248

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA1VOy04DQQz7FX5gR4knmUfPnEEC8QGzL7hsOZRDkfzxzG6rSsSKlMSWYwjiIGVQPGk6iZ8UrBqqBENQN768vtGUW9ja+bON7SdM3xsdyFmYahUrLCVp30y8REl0zfTs0VKnNFqt2ajOSOlAJ2yfgohGeNXCnPnx/ny0doBR5AqXPu//qQJ2C8p1d5g127wiSZ0zWobJ5GX2tK5x0cXLLuTX/8ByQxAFjg/3A6NahIGDPhZjL+FBt8vveSIf8hv8boC65zXbg7KV5qPBqs/rMtmY1HQc1ZAlrorlD6QuN1lrAQAA
IP
95.211.229.248:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_1.html
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint9C:9C:8C:15:3B:65:AB:34:94:B5:CD:26:D6:67:61:2A:99:F9:0A:7B
ValidityTue, 01 Aug 2023 11:24:30 GMT - Mon, 30 Oct 2023 11:24:29 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA1VOy04DQQz7FX5gR4knmUfPnEEC8QGzL7hsOZRDkfzxzG6rSsSKlMSWYwjiIGVQPGk6iZ8UrBqqBENQN768vtGUW9ja+bON7SdM3xsdyFmYahUrLCVp30y8REl0zfTs0VKnNFqt2ajOSOlAJ2yfgohGeNXCnPnx/ny0doBR5AqXPu//qQJ2C8p1d5g127wiSZ0zWobJ5GX2tK5x0cXLLuTX/8ByQxAFjg/3A6NahIGDPhZjL+FBt8vveSIf8hv8boC65zXbg7KV5qPBqs/rMtmY1HQc1ZAlrorlD6QuN1lrAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2264d7e5f8129a51.687905282774366450%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Aug 2023 20:05:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22517.0199%22%7D; expires=Mon, 11 Aug 2025 20:05:12 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

h.mangabat.com/themes/hm/css/c-style.css?v=08032022

104.26.9.37

200 OK

34 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/css/c-style.css?v=08032022
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (481)
Size
34 kB (34406 bytes)
Hash
0c6f81fd6166f33256b76f4a1670e0b6
35971451bc43c7dd1e1c4c67a1e7b45040c91e91
018d75cf15038da6c12577074e18bdab1a717f1d2dff498db38183ec87e78e07

HTTP Headers

GET /themes/hm/css/c-style.css?v=08032022 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 15:03:05 GMT
vary: Accept-Encoding
etag: W/"62ea8e29-bd66"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VBVu0wOiNpWw4esDkk1ougJnlhQDAD228R4lKNC3O9hX3BeVKYlBW%2BuEiLcyYwC8WU%2Br3hdLS7u3D%2B5l%2F6B8Uhqm6Ert88C9Zb%2F0G5CCJOIlQomY2tcHj0wbnICeqbT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd1df6b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

shortlyamusement.com/b6681ccab2189b9400ef02ad3f74576b/invoke.js

192.243.59.20

200 OK

9.3 kB

URL GET HTTP/1.1
shortlyamusement.com/b6681ccab2189b9400ef02ad3f74576b/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerLet's Encrypt
Subject*.shortlyamusement.com
Fingerprint94:7A:94:66:E9:08:73:50:01:42:10:66:D2:F5:03:7F:1A:4C:C9:92
ValidityFri, 11 Aug 2023 07:03:56 GMT - Thu, 09 Nov 2023 07:03:55 GMT

File type
Unicode text, UTF-8 text, with very long lines (25098), with no line terminators
Size
9.3 kB (9284 bytes)
Hash
5624b194a390159ec496685ebe45af1a
9d60389a94a657eded2a9aa1e6e2172ae7b711af
f0e9a657a3ffbb73bb147541d3fac03f3b2ee5f6a4d78537da47919a1b470a78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b6681ccab2189b9400ef02ad3f74576b/invoke.js HTTP/1.1
Host: shortlyamusement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 12 Aug 2023 20:05:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd7b9eea6795dfef6b6f1fe3d4973625
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

shortlyamusement.com/827d3e4dec7f1eaa79741d60f6b9b8a8/invoke.js

192.243.59.20

200 OK

9.3 kB

URL GET HTTP/1.1
shortlyamusement.com/827d3e4dec7f1eaa79741d60f6b9b8a8/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_2.html
Certificate
IssuerLet's Encrypt
Subject*.shortlyamusement.com
Fingerprint94:7A:94:66:E9:08:73:50:01:42:10:66:D2:F5:03:7F:1A:4C:C9:92
ValidityFri, 11 Aug 2023 07:03:56 GMT - Thu, 09 Nov 2023 07:03:55 GMT

File type
Unicode text, UTF-8 text, with very long lines (25098), with no line terminators
Size
9.3 kB (9284 bytes)
Hash
9996168637bb9a5213efd97a1fb1efed
501c911952473f18bb9e0c3c28a26d5b165b3fd5
9b6b072873223af9084dcc7d91659edf752deef90bac8841fb021940bd199d55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /827d3e4dec7f1eaa79741d60f6b9b8a8/invoke.js HTTP/1.1
Host: shortlyamusement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 12 Aug 2023 20:05:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9875af40f774227120eac0e6852f244
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

shortlyamusement.com/0e14729eb17cfa776f3413e13c6a73fc/invoke.js

192.243.59.20

200 OK

9.3 kB

URL GET HTTP/1.1
shortlyamusement.com/0e14729eb17cfa776f3413e13c6a73fc/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerLet's Encrypt
Subject*.shortlyamusement.com
Fingerprint94:7A:94:66:E9:08:73:50:01:42:10:66:D2:F5:03:7F:1A:4C:C9:92
ValidityFri, 11 Aug 2023 07:03:56 GMT - Thu, 09 Nov 2023 07:03:55 GMT

File type
Unicode text, UTF-8 text, with very long lines (25082), with no line terminators
Size
9.3 kB (9277 bytes)
Hash
1e932387f761f328528acb07b45a1339
b69b329d0d6f4e694c7468680f73ea1c8f7c24ca
ef46fa7460f80578db636defdcd8aaf4ec5fb7a7747b6a7cd6f138bbec54cf75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0e14729eb17cfa776f3413e13c6a73fc/invoke.js HTTP/1.1
Host: shortlyamusement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 12 Aug 2023 20:05:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e221a856cc57acda02ba37d76ba44449
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m01.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6a623d3d824d8e10678d100208e1c4aa
ed6073ccb90efdcaa339b13751ccf7075eb83e6b
44feee5e97b54003e4f5736e4d73ca4e157ff52d7d1f543f5628fc93c90958bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 12 Aug 2023 20:05:12 GMT
Last-Modified: Sat, 12 Aug 2023 18:28:22 GMT
Server: ECAcc (ska/F757)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7SxaKoqDgL8d0eMmgfWmokwQwJWH2WhrcLHYlFYDcEoLIM8ALqZmDA==
Age: 5810

ocsp.r2m01.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6a623d3d824d8e10678d100208e1c4aa
ed6073ccb90efdcaa339b13751ccf7075eb83e6b
44feee5e97b54003e4f5736e4d73ca4e157ff52d7d1f543f5628fc93c90958bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 12 Aug 2023 20:05:12 GMT
Last-Modified: Sat, 12 Aug 2023 18:28:33 GMT
Server: ECAcc (ska/F75B)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -ePMho67GUTMSvLlOgQNY-Pd5ZdGjYUj5liG-2_ujM3ZF97Iyr5bsA==
Age: 5799

ocsp.r2m01.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6a623d3d824d8e10678d100208e1c4aa
ed6073ccb90efdcaa339b13751ccf7075eb83e6b
44feee5e97b54003e4f5736e4d73ca4e157ff52d7d1f543f5628fc93c90958bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 12 Aug 2023 20:05:12 GMT
Last-Modified: Sat, 12 Aug 2023 18:28:14 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -XaKDMmZrPnHKSx_-m-ggHEW_JfH5aEc-9cCbAWyoHwEbHdoLjch3g==
Age: 5818

simplewebanalysis.com/stats

3.72.183.229

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
3.72.183.229:443
ASN
#16509 AMAZON-02

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4f945582e1af0252c774b4205d71592c
db491487921c763cacd6e49210b4342dd19fc702
43aa2fdd0a87a7d891bf8e64ffa23d82ec5a3027cb386d4594f643403a5cec14

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://h.mangabat.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b7a3a514-372a-4496-b16c-526ca56e6403:2:1; expires=Tue, 09 Aug 2033 20:05:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.72.183.229

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
3.72.183.229:443
ASN
#16509 AMAZON-02

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
accfd688199ecd756380082483d6adad
b3cf8dbebd33dffbf84809a193ce43d31c2f5954
646e9d2f4ccc7b6985ce92e175986fa9699c9d8eb53f40c6ce843c90df8fe062

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://h.mangabat.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2b6d6cda-d0f9-437c-b098-a18e8d5947dc:2:1; expires=Tue, 09 Aug 2033 20:05:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.72.183.229

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
3.72.183.229:443
ASN
#16509 AMAZON-02

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
c8d197c140a8f5edc6d043b7edb01b1e
5cb0710c41aefa6b427fe33857296323c3fd3de0
40e2b1940796497b1c6c8c53a76b3eb138378073327db2ecbfe1ef6a324c323a

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://h.mangabat.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8:3:1; expires=Tue, 09 Aug 2033 20:05:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

corpulentoverdoselucius.com/455367cf7c186414ffa2e74aa3478dd1/invoke.js

173.233.137.52

200 OK

9.8 kB

URL GET HTTP/1.1
corpulentoverdoselucius.com/455367cf7c186414ffa2e74aa3478dd1/invoke.js
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subjectcorpulentoverdoselucius.com
FingerprintBF:0E:3F:22:63:84:30:C4:D4:16:8B:3B:82:50:43:EC:AF:11:10:33
ValidityMon, 10 Jul 2023 06:13:34 GMT - Sun, 08 Oct 2023 06:13:33 GMT

File type
exported SGML document, ASCII text, with very long lines (26994), with no line terminators
Size
9.8 kB (9813 bytes)
Hash
cf22d282077065efa576ab3e79719796
9468c764c923db24bee3a82ab43496919706d8e1
25887e0c183db7a3b60f441b1ebb310b44c72d53a582a2cd08daebe810acf1c4

HTTP Headers

GET /455367cf7c186414ffa2e74aa3478dd1/invoke.js HTTP/1.1
Host: corpulentoverdoselucius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93199eb9075d6836236637f4852b670e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

goddesslevityark.com/ntv.json?key=0e14729eb17cfa776f3413e13c6a73fc&vstc=1

173.233.137.52

200 OK

4.1 kB

URL GET HTTP/1.1
goddesslevityark.com/ntv.json?key=0e14729eb17cfa776f3413e13c6a73fc&vstc=1
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerLet's Encrypt
Subjectgoddesslevityark.com
Fingerprint91:55:A8:97:63:A9:CA:54:FF:5D:65:3B:BF:C6:8B:88:1D:47:A9:6A
ValidityWed, 09 Aug 2023 01:46:53 GMT - Tue, 07 Nov 2023 01:46:52 GMT

File type
JSON data\012- , ASCII text, with very long lines (4110), with no line terminators
Size
4.1 kB (4110 bytes)
Hash
5700a0a84a6b90bd31475f00f1f88e2f
6ed1ff1790a7c5e38df8bad2e82b0fbf69e740fc
a25df7b87523ae5c49f28a2015f83fe527e3f5375e8ccff257ab6ae405cd1655

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=0e14729eb17cfa776f3413e13c6a73fc&vstc=1 HTTP/1.1
Host: goddesslevityark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: application/json
Content-Length: 4110
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://h.mangabat.com
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15818706; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f915d52340c6e3024cf343b33fce760
Strict-Transport-Security: max-age=0; includeSubdomains

criticismheartbroken.com/ntv.json?key=b6681ccab2189b9400ef02ad3f74576b&vstc=1

192.243.61.227

200 OK

4.1 kB

URL GET HTTP/1.1
criticismheartbroken.com/ntv.json?key=b6681ccab2189b9400ef02ad3f74576b&vstc=1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerLet's Encrypt
Subjectcriticismheartbroken.com
FingerprintC9:1D:F9:1E:FE:A7:B9:9E:98:FC:75:F3:EB:E2:82:7A:F5:2C:43:C8
ValidityWed, 09 Aug 2023 01:45:22 GMT - Tue, 07 Nov 2023 01:45:21 GMT

File type
JSON data\012- , ASCII text, with very long lines (4072), with no line terminators
Size
4.1 kB (4072 bytes)
Hash
330acb77757488f62cd66a66069e55ad
6d1440759ddf1cb70131001b2454024a572dfa40
263cda23c418a05dac1d160fff197d8b6ab031fe92805b2e0834f35c414cbc03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=b6681ccab2189b9400ef02ad3f74576b&vstc=1 HTTP/1.1
Host: criticismheartbroken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: application/json
Content-Length: 4072
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://h.mangabat.com
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15818707; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59a51321eb48ab7d84db66ba444abef4
Strict-Transport-Security: max-age=0; includeSubdomains

criticismheartbroken.com/ntv.json?key=827d3e4dec7f1eaa79741d60f6b9b8a8&vstc=1

192.243.61.227

200 OK

4.1 kB

URL GET HTTP/1.1
criticismheartbroken.com/ntv.json?key=827d3e4dec7f1eaa79741d60f6b9b8a8&vstc=1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_2.html
Certificate
IssuerLet's Encrypt
Subjectcriticismheartbroken.com
FingerprintC9:1D:F9:1E:FE:A7:B9:9E:98:FC:75:F3:EB:E2:82:7A:F5:2C:43:C8
ValidityWed, 09 Aug 2023 01:45:22 GMT - Tue, 07 Nov 2023 01:45:21 GMT

File type
JSON data\012- , ASCII text, with very long lines (4128), with no line terminators
Size
4.1 kB (4128 bytes)
Hash
b390635c657ee66b2bd1fce27fdfe460
b67754a09da56cee730785f83af78737b79d834a
d87ed44b0952b7a685b588d3c6b42757c8ed82fab2a322e486ad67dcd473d67f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=827d3e4dec7f1eaa79741d60f6b9b8a8&vstc=1 HTTP/1.1
Host: criticismheartbroken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: application/json
Content-Length: 4128
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://h.mangabat.com
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15818708; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0230573a9272fadadb058234a82a7f83
Strict-Transport-Security: max-age=0; includeSubdomains

goddesslevityark.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHq%2Fe3P8H15L%2BDt8GDKOiku6eTmXEPYlwjwbjZP4reQnVV9aRMdVdT1TU9ySm4IHscj3rq%2BU6yQQ2LevOgSMeLLAiZi%2BRgDsLiWYQl3mQmwdEHzXvf932Hz3tdH4%2FcKfHh6MnKO3pHKkUXFpt%2B48UPguBqY01mbtAYdJY2lqKrDdN%2FNfC7Tf%2BlxluCbemF0A98P%2FCDxoo0ItGDhSAImj5kftgNml2%2FGYXNYDHCwPxXW%2BfBUg%2B8f0qeguSTK4f3I0hWI0u%2FuibsVqHzl99MnaKFNujzg%2FeyrUyXGdJ5mRgPSXZwMQ1tj1e%2Bh872Z8DQ%2FX8GYzkh3sPfEGcHF5SI%2B%2FvnoLGCyBDzJ1D2awhVQ9IaTN%2BB5McEYBzX15Gl965rU9Ltc5dO3Qm5%2FOhPyHJCLv%2F6DLL0%2FrKSg8ZtrVwhdWYxSCrIQQ3Zq5G7IxQ7lyDLI7DiI0j%2BM1l4tIYs3Vu3SkPyara8lDVkUkOJIaj14Kaf9OASDy73kPKTRptFnQ7vLHIqGAvjJOgkURJ1KfMT5re6IRyb4g1R5EMwNQQzu8jNLrbkEMb9ALtZwXIPtpgQ7%2BYu%2BrxCKQhKS1BSglISlAVB2a%2F2ubKhre5xZV0cXOTwIreqsS56I7qvi57IyCg%2FJU%2FO7vLHxgRb4qThiyBqh10RB22W0HZ7KWlFQUsELbZE262EwcoK0l6arbojJ%2BTZ4Qi5PN44Q0yPYNURmPwfqAtAy3E79EE3x1HHx072DeX2lbSZ0qxHY1o0mU7BdYW8uIxi2xupU%2FLcjOWFb3%2BHYA%2FIRYCZCrmp8KH8kaCn7o5v6ZLs3dKlJV%2Bv54VM5Q6d%2Fr%2FbBS3EY1%2B8LbZLbfjqNTv8%2FHU2Nabl4bvCFms04zLrWfLlsuRcmBVtmCDfrdr3RXzD2c1lZzKXr914Y2U1zY2wVuqsBpXH62dgckL%2Bf%2Fb87GU%2BffNxSFPDuAqpm5NKXYPlu7D5vGc1gVFzHeceSleNTRjPm0oSKDHXNK5g%2F6XjeT2yd9EzHmhxB1laoW8q9FUFqoaw7sq4yM2D1376dBqfIVbeOFbG24uVUZ%2Bcn9bKk4Zoi6VuN%2FKjNvf9OOJhGCwKRlsR7dIwTNoo7IT%2F8vCvvwEAAP%2F%2FAQAA%2F%2F99Gh91ZgQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
goddesslevityark.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHq%2Fe3P8H15L%2BDt8GDKOiku6eTmXEPYlwjwbjZP4reQnVV9aRMdVdT1TU9ySm4IHscj3rq%2BU6yQQ2LevOgSMeLLAiZi%2BRgDsLiWYQl3mQmwdEHzXvf932Hz3tdH4%2FcKfHh6MnKO3pHKkUXFpt%2B48UPguBqY01mbtAYdJY2lqKrDdN%2FNfC7Tf%2BlxluCbemF0A98P%2FCDxoo0ItGDhSAImj5kftgNml2%2FGYXNYDHCwPxXW%2BfBUg%2B8f0qeguSTK4f3I0hWI0u%2FuibsVqHzl99MnaKFNujzg%2FeyrUyXGdJ5mRgPSXZwMQ1tj1e%2Bh872Z8DQ%2FX8GYzkh3sPfEGcHF5SI%2B%2FvnoLGCyBDzJ1D2awhVQ9IaTN%2BB5McEYBzX15Gl965rU9Ltc5dO3Qm5%2FOhPyHJCLv%2F6DLL0%2FrKSg8ZtrVwhdWYxSCrIQQ3Zq5G7IxQ7lyDLI7DiI0j%2BM1l4tIYs3Vu3SkPyara8lDVkUkOJIaj14Kaf9OASDy73kPKTRptFnQ7vLHIqGAvjJOgkURJ1KfMT5re6IRyb4g1R5EMwNQQzu8jNLrbkEMb9ALtZwXIPtpgQ7%2BYu%2BrxCKQhKS1BSglISlAVB2a%2F2ubKhre5xZV0cXOTwIreqsS56I7qvi57IyCg%2FJU%2FO7vLHxgRb4qThiyBqh10RB22W0HZ7KWlFQUsELbZE262EwcoK0l6arbojJ%2BTZ4Qi5PN44Q0yPYNURmPwfqAtAy3E79EE3x1HHx072DeX2lbSZ0qxHY1o0mU7BdYW8uIxi2xupU%2FLcjOWFb3%2BHYA%2FIRYCZCrmp8KH8kaCn7o5v6ZLs3dKlJV%2Bv54VM5Q6d%2Fr%2FbBS3EY1%2B8LbZLbfjqNTv8%2FHU2Nabl4bvCFms04zLrWfLlsuRcmBVtmCDfrdr3RXzD2c1lZzKXr914Y2U1zY2wVuqsBpXH62dgckL%2Bf%2Fb87GU%2BffNxSFPDuAqpm5NKXYPlu7D5vGc1gVFzHeceSleNTRjPm0oSKDHXNK5g%2F6XjeT2yd9EzHmhxB1laoW8q9FUFqoaw7sq4yM2D1376dBqfIVbeOFbG24uVUZ%2Bcn9bKk4Zoi6VuN%2FKjNvf9OOJhGCwKRlsR7dIwTNoo7IT%2F8vCvvwEAAP%2F%2FAQAA%2F%2F99Gh91ZgQAAA%3D%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerLet's Encrypt
Subjectgoddesslevityark.com
Fingerprint91:55:A8:97:63:A9:CA:54:FF:5D:65:3B:BF:C6:8B:88:1D:47:A9:6A
ValidityWed, 09 Aug 2023 01:46:53 GMT - Tue, 07 Nov 2023 01:46:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHq%2Fe3P8H15L%2BDt8GDKOiku6eTmXEPYlwjwbjZP4reQnVV9aRMdVdT1TU9ySm4IHscj3rq%2BU6yQQ2LevOgSMeLLAiZi%2BRgDsLiWYQl3mQmwdEHzXvf932Hz3tdH4%2FcKfHh6MnKO3pHKkUXFpt%2B48UPguBqY01mbtAYdJY2lqKrDdN%2FNfC7Tf%2BlxluCbemF0A98P%2FCDxoo0ItGDhSAImj5kftgNml2%2FGYXNYDHCwPxXW%2BfBUg%2B8f0qeguSTK4f3I0hWI0u%2FuibsVqHzl99MnaKFNujzg%2FeyrUyXGdJ5mRgPSXZwMQ1tj1e%2Bh872Z8DQ%2FX8GYzkh3sPfEGcHF5SI%2B%2FvnoLGCyBDzJ1D2awhVQ9IaTN%2BB5McEYBzX15Gl965rU9Ltc5dO3Qm5%2FOhPyHJCLv%2F6DLL0%2FrKSg8ZtrVwhdWYxSCrIQQ3Zq5G7IxQ7lyDLI7DiI0j%2BM1l4tIYs3Vu3SkPyara8lDVkUkOJIaj14Kaf9OASDy73kPKTRptFnQ7vLHIqGAvjJOgkURJ1KfMT5re6IRyb4g1R5EMwNQQzu8jNLrbkEMb9ALtZwXIPtpgQ7%2BYu%2BrxCKQhKS1BSglISlAVB2a%2F2ubKhre5xZV0cXOTwIreqsS56I7qvi57IyCg%2FJU%2FO7vLHxgRb4qThiyBqh10RB22W0HZ7KWlFQUsELbZE262EwcoK0l6arbojJ%2BTZ4Qi5PN44Q0yPYNURmPwfqAtAy3E79EE3x1HHx072DeX2lbSZ0qxHY1o0mU7BdYW8uIxi2xupU%2FLcjOWFb3%2BHYA%2FIRYCZCrmp8KH8kaCn7o5v6ZLs3dKlJV%2Bv54VM5Q6d%2Fr%2FbBS3EY1%2B8LbZLbfjqNTv8%2FHU2Nabl4bvCFms04zLrWfLlsuRcmBVtmCDfrdr3RXzD2c1lZzKXr914Y2U1zY2wVuqsBpXH62dgckL%2Bf%2Fb87GU%2BffNxSFPDuAqpm5NKXYPlu7D5vGc1gVFzHeceSleNTRjPm0oSKDHXNK5g%2F6XjeT2yd9EzHmhxB1laoW8q9FUFqoaw7sq4yM2D1376dBqfIVbeOFbG24uVUZ%2Bcn9bKk4Zoi6VuN%2FKjNvf9OOJhGCwKRlsR7dIwTNoo7IT%2F8vCvvwEAAP%2F%2FAQAA%2F%2F99Gh91ZgQAAA%3D%3D HTTP/1.1
Host: goddesslevityark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Cookie: u_pl=15818706; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d55f194ba9800014e29078c551250215
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/39/11/d0/3911d0345ecf3283ab29982f3a0155c8/1606997221.jpg

45.133.44.10

200 OK

25 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/39/11/d0/3911d0345ecf3283ab29982f3a0155c8/1606997221.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintAA:0D:43:1A:D3:E4:C6:42:86:E6:B6:6B:B0:1E:22:41:C9:F8:8C:A9
ValidityThu, 27 Jul 2023 23:07:11 GMT - Wed, 25 Oct 2023 23:07:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
25 kB (25416 bytes)
Hash
ebd5cf3e3561c73fe78c497f307c40aa
527b1a10f0264be67f435ed8d522f6d1c6cbea4f
0d062ca0e65bf74397d216ba695bfdcee23f16df9a380d23d94de365185981d8

HTTP Headers

GET /cti/39/11/d0/3911d0345ecf3283ab29982f3a0155c8/1606997221.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:13 GMT
content-type: image/jpeg
content-length: 25416
server: nginx/1.17.6
last-modified: Thu, 03 Dec 2020 12:07:09 GMT
etag: "5fc8d4ed-6348"
expires: Mon, 14 Aug 2023 20:05:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

criticismheartbroken.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRfGbw3hXcy7UVHBXeNKQTtVlUp%2FOAsxjpFgnIwziuIm3K%2FqXHOrbnFvVVcnq%2BCAzLJd6qr66WSCGgZ150KRihsZFNIuJIIRhPkDRBjGnXQn2HqgOOc5z1n8zqn7wag4Iz4Kerr6utlVWtPF5abfeOadILjSWFdpMWgMOq3NVnSlYfsvBH636T%2FbeFXybbMY%2BoHvB37QWFVWxmawGARB04fKjrpBs%2Bs3o7AZLEcY2P9qV3hw1IPon5HHoMTk8tHdCIrXSJPPr0q3nZvsuVeSQtPcWPTF4VvpdmrKFMm8jK2HOD28mIZxJ6vfwKQHM2CY%2Fj%2BDTE2Id%2F93sPTwghKsf3AOyjRkCib%2Bj7JfQ%2Boaitbg5haUOCEAF7i2gTS5c83Yku6cu3TqTsjCgz%2BhyglZ%2BPVxpMndFa0GjZtGF7kyqcMgrqAGNVSvRlYcI9%2B9BFUeg%2BfvQ4kfyeKDdaTJ%2FobTBkpUs%2BWVqqHiGloOQZ2HYvopD0Xsocg8JOK00eZRpyM6y4JKzkMWB504iqMu5X7M%2FaVuiIJP8YbIsyG4HoLbPWR2D9tqCFt8C7dVwQkPLp8Q74099EWFUhKUjqCkBKUiKHOCsl8dCO1CV90R2hUsuMjhRV6qxibvjeiByXsyJaPsjDw6u8sfmz9hW542WKvVCTinLAw6XdaNfF%2FGfkjFUtyOltstBqcqKHdptuqumpAnhiNk6mTzIRg9htPH4OpJ0CIALcft0AfdGkcdH7vpl1S455NmQtMeZTRvcpNAmApZvoB8xxvpM%2FLUjOXpS19B8nvkIsBthcxWeE99R9DTt8c3TEn2b5jSkS82slwlapdO%2F9%2FNnObyf5%2B%2BJndKY8XaVTf85CU%2BNabl0ZvS5es0FSrtOfLZihJC2lVjuSRfr7m3JbteuK2VwqZFtn795dW1JLPSOWXSGlSdbDwEVxOy8Nsvs5f5yA%2FvQtkatqiQFHNSZWrwbA8um%2FecIbB6rlnmoSyqsQ3ZvKkVgZZzTVkF9y%2FN5vXI3UbPeqD5LaRJhb6t0NcVqB7CFZfHeWbvvfj9R9P4GEx7Y6att8%2B01R%2Ben9ap04Zsy1a3G%2FlRW%2Fg%2Bi0QYBsuS06WIdmkYxm3kbiJ%2Bvv%2FX3wAAAP%2F%2FAQAA%2F%2F%2B37ciaZgQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
criticismheartbroken.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRfGbw3hXcy7UVHBXeNKQTtVlUp%2FOAsxjpFgnIwziuIm3K%2FqXHOrbnFvVVcnq%2BCAzLJd6qr66WSCGgZ150KRihsZFNIuJIIRhPkDRBjGnXQn2HqgOOc5z1n8zqn7wag4Iz4Kerr6utlVWtPF5abfeOadILjSWFdpMWgMOq3NVnSlYfsvBH636T%2FbeFXybbMY%2BoHvB37QWFVWxmawGARB04fKjrpBs%2Bs3o7AZLEcY2P9qV3hw1IPon5HHoMTk8tHdCIrXSJPPr0q3nZvsuVeSQtPcWPTF4VvpdmrKFMm8jK2HOD28mIZxJ6vfwKQHM2CY%2Fj%2BDTE2Id%2F93sPTwghKsf3AOyjRkCib%2Bj7JfQ%2Boaitbg5haUOCEAF7i2gTS5c83Yku6cu3TqTsjCgz%2BhyglZ%2BPVxpMndFa0GjZtGF7kyqcMgrqAGNVSvRlYcI9%2B9BFUeg%2BfvQ4kfyeKDdaTJ%2FobTBkpUs%2BWVqqHiGloOQZ2HYvopD0Xsocg8JOK00eZRpyM6y4JKzkMWB504iqMu5X7M%2FaVuiIJP8YbIsyG4HoLbPWR2D9tqCFt8C7dVwQkPLp8Q74099EWFUhKUjqCkBKUiKHOCsl8dCO1CV90R2hUsuMjhRV6qxibvjeiByXsyJaPsjDw6u8sfmz9hW542WKvVCTinLAw6XdaNfF%2FGfkjFUtyOltstBqcqKHdptuqumpAnhiNk6mTzIRg9htPH4OpJ0CIALcft0AfdGkcdH7vpl1S455NmQtMeZTRvcpNAmApZvoB8xxvpM%2FLUjOXpS19B8nvkIsBthcxWeE99R9DTt8c3TEn2b5jSkS82slwlapdO%2F9%2FNnObyf5%2B%2BJndKY8XaVTf85CU%2BNabl0ZvS5es0FSrtOfLZihJC2lVjuSRfr7m3JbteuK2VwqZFtn795dW1JLPSOWXSGlSdbDwEVxOy8Nsvs5f5yA%2FvQtkatqiQFHNSZWrwbA8um%2FecIbB6rlnmoSyqsQ3ZvKkVgZZzTVkF9y%2FN5vXI3UbPeqD5LaRJhb6t0NcVqB7CFZfHeWbvvfj9R9P4GEx7Y6att8%2B01R%2Ben9ap04Zsy1a3G%2FlRW%2Fg%2Bi0QYBsuS06WIdmkYxm3kbiJ%2Bvv%2FX3wAAAP%2F%2FAQAA%2F%2F%2B37ciaZgQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerLet's Encrypt
Subjectcriticismheartbroken.com
FingerprintC9:1D:F9:1E:FE:A7:B9:9E:98:FC:75:F3:EB:E2:82:7A:F5:2C:43:C8
ValidityWed, 09 Aug 2023 01:45:22 GMT - Tue, 07 Nov 2023 01:45:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRfGbw3hXcy7UVHBXeNKQTtVlUp%2FOAsxjpFgnIwziuIm3K%2FqXHOrbnFvVVcnq%2BCAzLJd6qr66WSCGgZ150KRihsZFNIuJIIRhPkDRBjGnXQn2HqgOOc5z1n8zqn7wag4Iz4Kerr6utlVWtPF5abfeOadILjSWFdpMWgMOq3NVnSlYfsvBH636T%2FbeFXybbMY%2BoHvB37QWFVWxmawGARB04fKjrpBs%2Bs3o7AZLEcY2P9qV3hw1IPon5HHoMTk8tHdCIrXSJPPr0q3nZvsuVeSQtPcWPTF4VvpdmrKFMm8jK2HOD28mIZxJ6vfwKQHM2CY%2Fj%2BDTE2Id%2F93sPTwghKsf3AOyjRkCib%2Bj7JfQ%2Boaitbg5haUOCEAF7i2gTS5c83Yku6cu3TqTsjCgz%2BhyglZ%2BPVxpMndFa0GjZtGF7kyqcMgrqAGNVSvRlYcI9%2B9BFUeg%2BfvQ4kfyeKDdaTJ%2FobTBkpUs%2BWVqqHiGloOQZ2HYvopD0Xsocg8JOK00eZRpyM6y4JKzkMWB504iqMu5X7M%2FaVuiIJP8YbIsyG4HoLbPWR2D9tqCFt8C7dVwQkPLp8Q74099EWFUhKUjqCkBKUiKHOCsl8dCO1CV90R2hUsuMjhRV6qxibvjeiByXsyJaPsjDw6u8sfmz9hW542WKvVCTinLAw6XdaNfF%2FGfkjFUtyOltstBqcqKHdptuqumpAnhiNk6mTzIRg9htPH4OpJ0CIALcft0AfdGkcdH7vpl1S455NmQtMeZTRvcpNAmApZvoB8xxvpM%2FLUjOXpS19B8nvkIsBthcxWeE99R9DTt8c3TEn2b5jSkS82slwlapdO%2F9%2FNnObyf5%2B%2BJndKY8XaVTf85CU%2BNabl0ZvS5es0FSrtOfLZihJC2lVjuSRfr7m3JbteuK2VwqZFtn795dW1JLPSOWXSGlSdbDwEVxOy8Nsvs5f5yA%2FvQtkatqiQFHNSZWrwbA8um%2FecIbB6rlnmoSyqsQ3ZvKkVgZZzTVkF9y%2FN5vXI3UbPeqD5LaRJhb6t0NcVqB7CFZfHeWbvvfj9R9P4GEx7Y6att8%2B01R%2Ben9ap04Zsy1a3G%2FlRW%2Fg%2Bi0QYBsuS06WIdmkYxm3kbiJ%2Bvv%2FX3wAAAP%2F%2FAQAA%2F%2F%2B37ciaZgQAAA%3D%3D HTTP/1.1
Host: criticismheartbroken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Cookie: u_pl=15818708; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 882f25e65ffec8e18ea006df6c5141e9
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/a2/89/27/a289274b32dcc45220df81bfe1fb100d/1588183272.jpg

45.133.44.10

200 OK

22 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/a2/89/27/a289274b32dcc45220df81bfe1fb100d/1588183272.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintAA:0D:43:1A:D3:E4:C6:42:86:E6:B6:6B:B0:1E:22:41:C9:F8:8C:A9
ValidityThu, 27 Jul 2023 23:07:11 GMT - Wed, 25 Oct 2023 23:07:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
22 kB (22258 bytes)
Hash
de81e177b0682f86ff3c85eff2a18b00
cb2602f912c7eaef3f508f7ffdc74ec232765666
eb1fabb21621f7e66c033c3d2d7165418e8e1ea04de13464bbfa0e57492652a1

HTTP Headers

GET /cti/a2/89/27/a289274b32dcc45220df81bfe1fb100d/1588183272.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:13 GMT
content-type: image/jpeg
content-length: 22258
server: nginx/1.17.6
last-modified: Wed, 29 Apr 2020 18:01:15 GMT
etag: "5ea9c0eb-56f2"
expires: Mon, 14 Aug 2023 20:05:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

criticismheartbroken.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq0PwsF5UVPA2eFLQSfek55d7EOMaCcbNuqsoXkL96kmZ6q6mqnt6klNwQfY4HvXU851kgxoW9eZBkY4XWRQyHiSCEYT9A0RY1pvMJDjug%2Ba97%2Fu%2Bw%2Be9ro9G%2BRnxkdPT1TfNrtKaLjXrfu2594Lgcm1dJfmgNui0Nlvh5ZrtvxT43br%2FfO11ybfNUsMPfD%2Fwg9qqsjIyg6UgCOo%2BVHrUDepdvx426kEzxMA%2BrF3uwVEPon9GnoASk0tHd0IoXiGJv7wi3XZm0hdei3NNM2PRF4fvJNuJKRLE8zKyHqLk8GIaxp2sfgeTHMyAYfr%2FDTI1Id69P8GSwwtKsP7BOSjTkAmYeBRFv4LUFRStwM1NKHFCAC5wdQNJfPuqsQXdOXfp1J2Qxft%2FQxUTsvj7k0jiOytaDWo3jM4zZRKHQVRCDSqoXoU0P0a2uwBVHINnH0KJn8nS%2FXUk8f6G0wZKlLPllaqgogpaDkGdh3z6KQ955CFPPcTitNbmYacjOk1BJecNFgWdKIzCLuV%2BxP3lbgM5n%2BINkaVDcD0Et3tI7R621RA2%2Fx5uq4QTHlw2Id5be%2BiLEoUkKBxBQQkKRVBkBEW%2FPBDaNVx5W2iXs%2BAiNy7ycjk2WW9ED0zWkwkZpWfk8dld%2Ftr8BdvytMZarU7AOWWNoNNl3dD3ZeQ3qFiO2mGz3WJwqoRyC7NVd9WEPDUcIVUnmw%2FA6DGcPgZXT4PmAWgxbjd80K1x2PGxm3xNhXsxrsc06VFGszo3MYQpkWaLyHa8kT4jz8xYnl34BpLfJRcBbkuktsQH6geCnr41vm4Ksn%2FdFI58tZFmKla7dPr%2FbmQ0k498%2FobcKYwVa1fc8LNX%2BNSYlkdvS5et00SopOfIFytKCGlXjeWSfLvm3pXsWu62VnKb5On6tVdX1%2BLUSueUSSpQdbLxAFxNyOIfv81e5mM%2FvQ9lK9i8RJzPSZWpwNM9uHTec4bA6rlmqYciL8e2weZNrQi0nGvKSrj%2FaTavR%2B4WetYDzW4iiUv0bYm%2BLkH1EC6%2FNM5Se%2FflHz%2BZxqdg2hszbb19pq3%2B%2BPy0Tp3WOPclDVg7kFLI5jLnYYt3WCtaDtuy0xRNZG4ifr33z78AAAD%2F%2FwEAAP%2F%2FSMpgimYEAAA%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
criticismheartbroken.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq0PwsF5UVPA2eFLQSfek55d7EOMaCcbNuqsoXkL96kmZ6q6mqnt6klNwQfY4HvXU851kgxoW9eZBkY4XWRQyHiSCEYT9A0RY1pvMJDjug%2Ba97%2Fu%2Bw%2Be9ro9G%2BRnxkdPT1TfNrtKaLjXrfu2594Lgcm1dJfmgNui0Nlvh5ZrtvxT43br%2FfO11ybfNUsMPfD%2Fwg9qqsjIyg6UgCOo%2BVHrUDepdvx426kEzxMA%2BrF3uwVEPon9GnoASk0tHd0IoXiGJv7wi3XZm0hdei3NNM2PRF4fvJNuJKRLE8zKyHqLk8GIaxp2sfgeTHMyAYfr%2FDTI1Id69P8GSwwtKsP7BOSjTkAmYeBRFv4LUFRStwM1NKHFCAC5wdQNJfPuqsQXdOXfp1J2Qxft%2FQxUTsvj7k0jiOytaDWo3jM4zZRKHQVRCDSqoXoU0P0a2uwBVHINnH0KJn8nS%2FXUk8f6G0wZKlLPllaqgogpaDkGdh3z6KQ955CFPPcTitNbmYacjOk1BJecNFgWdKIzCLuV%2BxP3lbgM5n%2BINkaVDcD0Et3tI7R621RA2%2Fx5uq4QTHlw2Id5be%2BiLEoUkKBxBQQkKRVBkBEW%2FPBDaNVx5W2iXs%2BAiNy7ycjk2WW9ED0zWkwkZpWfk8dld%2Ftr8BdvytMZarU7AOWWNoNNl3dD3ZeQ3qFiO2mGz3WJwqoRyC7NVd9WEPDUcIVUnmw%2FA6DGcPgZXT4PmAWgxbjd80K1x2PGxm3xNhXsxrsc06VFGszo3MYQpkWaLyHa8kT4jz8xYnl34BpLfJRcBbkuktsQH6geCnr41vm4Ksn%2FdFI58tZFmKla7dPr%2FbmQ0k498%2FobcKYwVa1fc8LNX%2BNSYlkdvS5et00SopOfIFytKCGlXjeWSfLvm3pXsWu62VnKb5On6tVdX1%2BLUSueUSSpQdbLxAFxNyOIfv81e5mM%2FvQ9lK9i8RJzPSZWpwNM9uHTec4bA6rlmqYciL8e2weZNrQi0nGvKSrj%2FaTavR%2B4WetYDzW4iiUv0bYm%2BLkH1EC6%2FNM5Se%2FflHz%2BZxqdg2hszbb19pq3%2B%2BPy0Tp3WOPclDVg7kFLI5jLnYYt3WCtaDtuy0xRNZG4ifr33z78AAAD%2F%2FwEAAP%2F%2FSMpgimYEAAA%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerLet's Encrypt
Subjectcriticismheartbroken.com
FingerprintC9:1D:F9:1E:FE:A7:B9:9E:98:FC:75:F3:EB:E2:82:7A:F5:2C:43:C8
ValidityWed, 09 Aug 2023 01:45:22 GMT - Tue, 07 Nov 2023 01:45:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq0PwsF5UVPA2eFLQSfek55d7EOMaCcbNuqsoXkL96kmZ6q6mqnt6klNwQfY4HvXU851kgxoW9eZBkY4XWRQyHiSCEYT9A0RY1pvMJDjug%2Ba97%2Fu%2Bw%2Be9ro9G%2BRnxkdPT1TfNrtKaLjXrfu2594Lgcm1dJfmgNui0Nlvh5ZrtvxT43br%2FfO11ybfNUsMPfD%2Fwg9qqsjIyg6UgCOo%2BVHrUDepdvx426kEzxMA%2BrF3uwVEPon9GnoASk0tHd0IoXiGJv7wi3XZm0hdei3NNM2PRF4fvJNuJKRLE8zKyHqLk8GIaxp2sfgeTHMyAYfr%2FDTI1Id69P8GSwwtKsP7BOSjTkAmYeBRFv4LUFRStwM1NKHFCAC5wdQNJfPuqsQXdOXfp1J2Qxft%2FQxUTsvj7k0jiOytaDWo3jM4zZRKHQVRCDSqoXoU0P0a2uwBVHINnH0KJn8nS%2FXUk8f6G0wZKlLPllaqgogpaDkGdh3z6KQ955CFPPcTitNbmYacjOk1BJecNFgWdKIzCLuV%2BxP3lbgM5n%2BINkaVDcD0Et3tI7R621RA2%2Fx5uq4QTHlw2Id5be%2BiLEoUkKBxBQQkKRVBkBEW%2FPBDaNVx5W2iXs%2BAiNy7ycjk2WW9ED0zWkwkZpWfk8dld%2Ftr8BdvytMZarU7AOWWNoNNl3dD3ZeQ3qFiO2mGz3WJwqoRyC7NVd9WEPDUcIVUnmw%2FA6DGcPgZXT4PmAWgxbjd80K1x2PGxm3xNhXsxrsc06VFGszo3MYQpkWaLyHa8kT4jz8xYnl34BpLfJRcBbkuktsQH6geCnr41vm4Ksn%2FdFI58tZFmKla7dPr%2FbmQ0k498%2FobcKYwVa1fc8LNX%2BNSYlkdvS5et00SopOfIFytKCGlXjeWSfLvm3pXsWu62VnKb5On6tVdX1%2BLUSueUSSpQdbLxAFxNyOIfv81e5mM%2FvQ9lK9i8RJzPSZWpwNM9uHTec4bA6rlmqYciL8e2weZNrQi0nGvKSrj%2FaTavR%2B4WetYDzW4iiUv0bYm%2BLkH1EC6%2FNM5Se%2FflHz%2BZxqdg2hszbb19pq3%2B%2BPy0Tp3WOPclDVg7kFLI5jLnYYt3WCtaDtuy0xRNZG4ifr33z78AAAD%2F%2FwEAAP%2F%2FSMpgimYEAAA%3D HTTP/1.1
Host: criticismheartbroken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Cookie: u_pl=15818708; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68c8eacbbbaf200f5626f1532446490f
Strict-Transport-Security: max-age=0; includeSubdomains

goddesslevityark.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSTWgkRRTHq9couJ78OngbPIiCTrpnejIz7kGMayQYN%2Fuh6C1UV1VPylR3NVVd05Ocgguyx%2FGop57%2FJBvUsKg3D4p0vMiCkLlIDuYgLJ5FWOJNZhIc90Hx3v%2B9d%2Fi99%2BrTkTslPhw9WXlP70il6GKr7tde%2FigIrtTWZOoGtUFnaWMpvFIz%2FdcDv1v3X6m9I9iWXmz4ge8HflBbkUbEerAYBEHdh8wOu0G969fDRj1ohRiYR7V1Hiz1wPun5BlIPrl8eC%2BEZBXS5Jurwm7lOnv17cQpmmuDPj%2F4IN1KdZEimYex8RCnBxfd0PZ45UfodH8GDN3%2FrzGSE%2BI9%2BANRenBBiai%2Ffw4aKYgUEX8KRb%2BCUBUkrcD0bUh%2BTADGcW0daXL3mjYF3T6v0ml1QhYe%2Fg1ZTMjC788hTe4tKzmo3dLK5VKnFoO4hBxUkL0KmTtCvnMJsjgCyz%2BB5L%2BSxYdrSJO9das0JC9nw0tZQcYVlBiCWg9u%2BqQHF3twmYeEn9TaLOx0eKfFqWCsEcVBJw7jsEuZHzO%2F2W3AsSneEHk2BFNDMLOLzOxiSw5h3E%2BwmyUs92DzCfFu7KLPSxSCoLAEBSUoJEGRExT9cp8r27DlXa6si4IL37jwzXKs896I7uu8J1Iyyk7J07O9%2FLUxwZY4qfkiCNuNroiCNotpu70UN8OgKYImW6LtZsxgZQlpL81G3ZET8vxwhEweb5whokew6ghMPgbqAtBi3G74oJvjsONjJ%2F2OcvtaUk9o2qMRzetMJ%2BC6RJYvIN%2F2RuqUvDBjeen7PyHYfXJhYKZEZkp8LH8m6Kk745u6IHs3dWHJt%2BtZLhO5Q6f3u5XTXDzx1btiu9CGr161wy%2FfZNPCNDx8X9h8jaZcpj1Lvl6WnAuzog0T5IdV%2B6GIrju7uexM6rK162%2BtrCaZEdZKnVag8nj9DExOyONnL85%2B5rM3noQ0FYwrkbg5qdQVWLYLm81zVhMYNddR5qFw5dg0onlSSQIl5ppGJez%2FdDSPR%2FYOesYDzW8jTUr0TYm%2BKkHVENZdHueZuf%2FGL59P7QtEyhtHynh7kTLqs%2FPVWnlSY8wXNIjagRBctJqMhUusE02P3RadFm8htxP%2B24N%2F%2FgUAAP%2F%2FAQAA%2F%2F%2BCPbdlZgQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
goddesslevityark.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSTWgkRRTHq9couJ78OngbPIiCTrpnejIz7kGMayQYN%2Fuh6C1UV1VPylR3NVVd05Ocgguyx%2FGop57%2FJBvUsKg3D4p0vMiCkLlIDuYgLJ5FWOJNZhIc90Hx3v%2B9d%2Fi99%2BrTkTslPhw9WXlP70il6GKr7tde%2FigIrtTWZOoGtUFnaWMpvFIz%2FdcDv1v3X6m9I9iWXmz4ge8HflBbkUbEerAYBEHdh8wOu0G969fDRj1ohRiYR7V1Hiz1wPun5BlIPrl8eC%2BEZBXS5Jurwm7lOnv17cQpmmuDPj%2F4IN1KdZEimYex8RCnBxfd0PZ45UfodH8GDN3%2FrzGSE%2BI9%2BANRenBBiai%2Ffw4aKYgUEX8KRb%2BCUBUkrcD0bUh%2BTADGcW0daXL3mjYF3T6v0ml1QhYe%2Fg1ZTMjC788hTe4tKzmo3dLK5VKnFoO4hBxUkL0KmTtCvnMJsjgCyz%2BB5L%2BSxYdrSJO9das0JC9nw0tZQcYVlBiCWg9u%2BqQHF3twmYeEn9TaLOx0eKfFqWCsEcVBJw7jsEuZHzO%2F2W3AsSneEHk2BFNDMLOLzOxiSw5h3E%2BwmyUs92DzCfFu7KLPSxSCoLAEBSUoJEGRExT9cp8r27DlXa6si4IL37jwzXKs896I7uu8J1Iyyk7J07O9%2FLUxwZY4qfkiCNuNroiCNotpu70UN8OgKYImW6LtZsxgZQlpL81G3ZET8vxwhEweb5whokew6ghMPgbqAtBi3G74oJvjsONjJ%2F2OcvtaUk9o2qMRzetMJ%2BC6RJYvIN%2F2RuqUvDBjeen7PyHYfXJhYKZEZkp8LH8m6Kk745u6IHs3dWHJt%2BtZLhO5Q6f3u5XTXDzx1btiu9CGr161wy%2FfZNPCNDx8X9h8jaZcpj1Lvl6WnAuzog0T5IdV%2B6GIrju7uexM6rK162%2BtrCaZEdZKnVag8nj9DExOyONnL85%2B5rM3noQ0FYwrkbg5qdQVWLYLm81zVhMYNddR5qFw5dg0onlSSQIl5ppGJez%2FdDSPR%2FYOesYDzW8jTUr0TYm%2BKkHVENZdHueZuf%2FGL59P7QtEyhtHynh7kTLqs%2FPVWnlSY8wXNIjagRBctJqMhUusE02P3RadFm8htxP%2B24N%2F%2FgUAAP%2F%2FAQAA%2F%2F%2BCPbdlZgQAAA%3D%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerLet's Encrypt
Subjectgoddesslevityark.com
Fingerprint91:55:A8:97:63:A9:CA:54:FF:5D:65:3B:BF:C6:8B:88:1D:47:A9:6A
ValidityWed, 09 Aug 2023 01:46:53 GMT - Tue, 07 Nov 2023 01:46:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSTWgkRRTHq9couJ78OngbPIiCTrpnejIz7kGMayQYN%2Fuh6C1UV1VPylR3NVVd05Ocgguyx%2FGop57%2FJBvUsKg3D4p0vMiCkLlIDuYgLJ5FWOJNZhIc90Hx3v%2B9d%2Fi99%2BrTkTslPhw9WXlP70il6GKr7tde%2FigIrtTWZOoGtUFnaWMpvFIz%2FdcDv1v3X6m9I9iWXmz4ge8HflBbkUbEerAYBEHdh8wOu0G969fDRj1ohRiYR7V1Hiz1wPun5BlIPrl8eC%2BEZBXS5Jurwm7lOnv17cQpmmuDPj%2F4IN1KdZEimYex8RCnBxfd0PZ45UfodH8GDN3%2FrzGSE%2BI9%2BANRenBBiai%2Ffw4aKYgUEX8KRb%2BCUBUkrcD0bUh%2BTADGcW0daXL3mjYF3T6v0ml1QhYe%2Fg1ZTMjC788hTe4tKzmo3dLK5VKnFoO4hBxUkL0KmTtCvnMJsjgCyz%2BB5L%2BSxYdrSJO9das0JC9nw0tZQcYVlBiCWg9u%2BqQHF3twmYeEn9TaLOx0eKfFqWCsEcVBJw7jsEuZHzO%2F2W3AsSneEHk2BFNDMLOLzOxiSw5h3E%2BwmyUs92DzCfFu7KLPSxSCoLAEBSUoJEGRExT9cp8r27DlXa6si4IL37jwzXKs896I7uu8J1Iyyk7J07O9%2FLUxwZY4qfkiCNuNroiCNotpu70UN8OgKYImW6LtZsxgZQlpL81G3ZET8vxwhEweb5whokew6ghMPgbqAtBi3G74oJvjsONjJ%2F2OcvtaUk9o2qMRzetMJ%2BC6RJYvIN%2F2RuqUvDBjeen7PyHYfXJhYKZEZkp8LH8m6Kk745u6IHs3dWHJt%2BtZLhO5Q6f3u5XTXDzx1btiu9CGr161wy%2FfZNPCNDx8X9h8jaZcpj1Lvl6WnAuzog0T5IdV%2B6GIrju7uexM6rK162%2BtrCaZEdZKnVag8nj9DExOyONnL85%2B5rM3noQ0FYwrkbg5qdQVWLYLm81zVhMYNddR5qFw5dg0onlSSQIl5ppGJez%2FdDSPR%2FYOesYDzW8jTUr0TYm%2BKkHVENZdHueZuf%2FGL59P7QtEyhtHynh7kTLqs%2FPVWnlSY8wXNIjagRBctJqMhUusE02P3RadFm8htxP%2B24N%2F%2FgUAAP%2F%2FAQAA%2F%2F%2BCPbdlZgQAAA%3D%3D HTTP/1.1
Host: goddesslevityark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Cookie: u_pl=15818706; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9fd8e22419034f3c8150c6e6bd4bcaa
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/35/f6/b0/35f6b0fc0bb60b9e124479d167ad467d/1673517618.jpg

45.133.44.10

200 OK

12 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/35/f6/b0/35f6b0fc0bb60b9e124479d167ad467d/1673517618.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_2.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintAA:0D:43:1A:D3:E4:C6:42:86:E6:B6:6B:B0:1E:22:41:C9:F8:8C:A9
ValidityThu, 27 Jul 2023 23:07:11 GMT - Wed, 25 Oct 2023 23:07:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
12 kB (12063 bytes)
Hash
1d069a42ab310d5589fbddc496c3310b
bf812df75cadec473e93ac740a7c92d88a1434e0
3135ae51c5583d22aaadfc24aa25ee9361a3c0b74d8a707e4a4a5777b202b43b

HTTP Headers

GET /cti/35/f6/b0/35f6b0fc0bb60b9e124479d167ad467d/1673517618.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:13 GMT
content-type: image/jpeg
content-length: 12063
server: nginx/1.17.6
last-modified: Thu, 12 Jan 2023 10:00:26 GMT
etag: "63bfda3a-2f1f"
expires: Mon, 14 Aug 2023 20:05:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

192.243.59.12

307 Temporary Redirect

0 B

URL GET HTTP/1.1
membershipimmunitysport.com/watch.762553828499.js?key=455367cf7c186414ffa2e74aa3478dd1&kw=%5B%22rebirth%22%2C%22of%22%2C%22the%22%2C%22emperor%22%2C%22in%22%2C%22the%22%2C%22reverse%22%2C%22world%22%2C%22chapter%22%2C%221%22%2C%22m%22%2C%22mangabat%22%2C%22com%22%5D&refer=&tz=0&dev=e&res=12.2079&uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subjectmembershipimmunitysport.com
Fingerprint0B:90:09:24:2D:07:A9:05:9A:41:03:AB:60:FD:4D:7B:C3:B2:34:AA
ValidityWed, 09 Aug 2023 01:42:19 GMT - Tue, 07 Nov 2023 01:42:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.762553828499.js?key=455367cf7c186414ffa2e74aa3478dd1&kw=%5B%22rebirth%22%2C%22of%22%2C%22the%22%2C%22emperor%22%2C%22in%22%2C%22the%22%2C%22reverse%22%2C%22world%22%2C%22chapter%22%2C%221%22%2C%22m%22%2C%22mangabat%22%2C%22com%22%5D&refer=&tz=0&dev=e&res=12.2079&uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8%3A3%3A1 HTTP/1.1
Host: membershipimmunitysport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://h.mangabat.com
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Credentials: true
Location: https://membershipimmunitysport.com/watch.762553828499.js?key=455367cf7c186414ffa2e74aa3478dd1&kw=%5B%22rebirth%22%2C%22of%22%2C%22the%22%2C%22emperor%22%2C%22in%22%2C%22the%22%2C%22reverse%22%2C%22world%22%2C%22chapter%22%2C%221%22%2C%22m%22%2C%22mangabat%22%2C%22com%22%5D&refer=&tz=0&dev=e&res=12.2079&uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8%3A3%3A1&shu=af411fc98a9b44d9174b5cb00ac582af6df8283ac1b64e8430adfa89c4c9abadc25f7b1b802bfd0552ec065d3473be67e7bdfdaeae6fa3a9f9c504e8b1d4d8075193f5fcf6761cc34983d4c45c1481bbdc7af9ec&pst=1691870773&rmtc=t
Set-Cookie: u_pl=18459625; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ1OTYyNSwiayI6IjQ1NTM2N2NmN2MxODY0MTRmZmEyZTc0YWEzNDc4ZGQxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjU1NDE3LCJwaWQiOjQyODA4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ2YWJ0cmhmcmYiLCJjcGtzIjp7ICIyOCI6ImQ5NDYzMmU3YWE5YzMzNzE5ODYwMjc4NjZjZmQyOTM3In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vaC5tYW5nYWJhdC5jb20vIn19.OQzHDjBigpe4Ww6Ly1D4jGh51aNopVWDi1D79KYy0AM; expires=Sat, 12 Aug 2023 20:06:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d258e43daacc79ec3dee9b113d064a61
Strict-Transport-Security: max-age=0; includeSubdomains

criticismheartbroken.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq%2FeXn4f1pOjBWx8VdNI96ZnpMYIY10gwbtZdRW%2Bhuqp6Uqa6q63qnp7kFFyQPY4HD3rq%2BU6yQQ2Lelek40UWhAyC5GAOwv4BIiwreJCZDI4%2BaN77vu87fN7r%2BmhUXBAPBT1ff1PvS6Xocqvhuc%2B%2B5%2Fur7qZMi4E7CNvb7WDVNf0Xfa%2Fb8J5zXxdsVy83Pd%2FzfM9316URsR4s%2B77f8CCzk67f6HqNoNnwWwEG5r%2FaFg4sdcD7F%2BRJSD65enIvgGQ10uSra8Lu5jp7%2FrWkUDTXBn1%2B%2FE66m%2BoyRbIoY%2BMgTo%2Fn09D2bP076PRoBgzd%2F2cwkhPiPPgNUXo8p0TUP7oEjRREiog%2FjrJfQ6gaktZg%2BjYkPyMA47i%2BhTS5e12bku5dunTqTsjSwz8gywlZ%2BvUppMm9NSUH7i2tilzq1GIQV5CDGrJXIytOke9fgSxPwfIPIflPZPnhJtLkcMsqDcmr2fJS1pBxDSWGoNZBMf2kgyJ2UGQOEn7udlgQhjxscSoYa0axH8ZBHHQp82LmrXSbKNgUb4g8G4KpIZg5QGYOsCuHMMX3sDsVLHdg8wlx3jpAn1coBUFpCUpKUEqCMico%2B9URV7Zpq7tc2SLy57k5zyvVWOe9ET3SeU%2BkZJRdkCdmd%2Fl9%2B2fsinM3bHb4igi4YJ3YF5R2up3A520vbkfdKKQhrKwg7ZXZqvtyQp4ejpDJs%2B1HiOgprDoFk%2F8DLXzQctxpeqA74yD0sJ9%2BQ7l9IWkkNO3RiOYNphNwXSHLl5DvOSN1QZ6ZsaxOPoBg98k8wEyFzFR4X%2F5A0FN3xjd1SQ5v6tKSr7eyXCZyn07%2F362c5uKxL94Qe6U2fOOaHX7%2BCpsa0%2FLkbWHzTZpymfYs%2BXJNci7MujZMkG837LsiulHYnbXCpEW2eePV9Y0kM8JaqdMaVJ5tPQKTE%2FL%2Fvz6ZvUzXfwnS1DBFhaRYkEpdg2UHsNmiZzWBUQsdZQ7KohqbZrRoKkmgxELTqIL9l44W9cjeQc84oPltpEmFvqnQVxWoGsIWV8d5Zu6%2F%2FOOn0%2FgMkXLGkTLOYaSM%2BvjytFaeu4x5gvpRxxeCi9YKY0GbhVE7Xgk6ImzxFnI74b88%2BPNvAAAA%2F%2F8BAAD%2F%2F5eHklZmBAAA

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
criticismheartbroken.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq%2FeXn4f1pOjBWx8VdNI96ZnpMYIY10gwbtZdRW%2Bhuqp6Uqa6q63qnp7kFFyQPY4HD3rq%2BU6yQQ2Lelek40UWhAyC5GAOwv4BIiwreJCZDI4%2BaN77vu87fN7r%2BmhUXBAPBT1ff1PvS6Xocqvhuc%2B%2B5%2Fur7qZMi4E7CNvb7WDVNf0Xfa%2Fb8J5zXxdsVy83Pd%2FzfM9316URsR4s%2B77f8CCzk67f6HqNoNnwWwEG5r%2FaFg4sdcD7F%2BRJSD65enIvgGQ10uSra8Lu5jp7%2FrWkUDTXBn1%2B%2FE66m%2BoyRbIoY%2BMgTo%2Fn09D2bP076PRoBgzd%2F2cwkhPiPPgNUXo8p0TUP7oEjRREiog%2FjrJfQ6gaktZg%2BjYkPyMA47i%2BhTS5e12bku5dunTqTsjSwz8gywlZ%2BvUppMm9NSUH7i2tilzq1GIQV5CDGrJXIytOke9fgSxPwfIPIflPZPnhJtLkcMsqDcmr2fJS1pBxDSWGoNZBMf2kgyJ2UGQOEn7udlgQhjxscSoYa0axH8ZBHHQp82LmrXSbKNgUb4g8G4KpIZg5QGYOsCuHMMX3sDsVLHdg8wlx3jpAn1coBUFpCUpKUEqCMico%2B9URV7Zpq7tc2SLy57k5zyvVWOe9ET3SeU%2BkZJRdkCdmd%2Fl9%2B2fsinM3bHb4igi4YJ3YF5R2up3A520vbkfdKKQhrKwg7ZXZqvtyQp4ejpDJs%2B1HiOgprDoFk%2F8DLXzQctxpeqA74yD0sJ9%2BQ7l9IWkkNO3RiOYNphNwXSHLl5DvOSN1QZ6ZsaxOPoBg98k8wEyFzFR4X%2F5A0FN3xjd1SQ5v6tKSr7eyXCZyn07%2F362c5uKxL94Qe6U2fOOaHX7%2BCpsa0%2FLkbWHzTZpymfYs%2BXJNci7MujZMkG837LsiulHYnbXCpEW2eePV9Y0kM8JaqdMaVJ5tPQKTE%2FL%2Fvz6ZvUzXfwnS1DBFhaRYkEpdg2UHsNmiZzWBUQsdZQ7KohqbZrRoKkmgxELTqIL9l44W9cjeQc84oPltpEmFvqnQVxWoGsIWV8d5Zu6%2F%2FOOn0%2FgMkXLGkTLOYaSM%2BvjytFaeu4x5gvpRxxeCi9YKY0GbhVE7Xgk6ImzxFnI74b88%2BPNvAAAA%2F%2F8BAAD%2F%2F5eHklZmBAAA
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_2.html
Certificate
IssuerLet's Encrypt
Subjectcriticismheartbroken.com
FingerprintC9:1D:F9:1E:FE:A7:B9:9E:98:FC:75:F3:EB:E2:82:7A:F5:2C:43:C8
ValidityWed, 09 Aug 2023 01:45:22 GMT - Tue, 07 Nov 2023 01:45:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq%2FeXn4f1pOjBWx8VdNI96ZnpMYIY10gwbtZdRW%2Bhuqp6Uqa6q63qnp7kFFyQPY4HD3rq%2BU6yQQ2Lelek40UWhAyC5GAOwv4BIiwreJCZDI4%2BaN77vu87fN7r%2BmhUXBAPBT1ff1PvS6Xocqvhuc%2B%2B5%2Fur7qZMi4E7CNvb7WDVNf0Xfa%2Fb8J5zXxdsVy83Pd%2FzfM9316URsR4s%2B77f8CCzk67f6HqNoNnwWwEG5r%2FaFg4sdcD7F%2BRJSD65enIvgGQ10uSra8Lu5jp7%2FrWkUDTXBn1%2B%2FE66m%2BoyRbIoY%2BMgTo%2Fn09D2bP076PRoBgzd%2F2cwkhPiPPgNUXo8p0TUP7oEjRREiog%2FjrJfQ6gaktZg%2BjYkPyMA47i%2BhTS5e12bku5dunTqTsjSwz8gywlZ%2BvUppMm9NSUH7i2tilzq1GIQV5CDGrJXIytOke9fgSxPwfIPIflPZPnhJtLkcMsqDcmr2fJS1pBxDSWGoNZBMf2kgyJ2UGQOEn7udlgQhjxscSoYa0axH8ZBHHQp82LmrXSbKNgUb4g8G4KpIZg5QGYOsCuHMMX3sDsVLHdg8wlx3jpAn1coBUFpCUpKUEqCMico%2B9URV7Zpq7tc2SLy57k5zyvVWOe9ET3SeU%2BkZJRdkCdmd%2Fl9%2B2fsinM3bHb4igi4YJ3YF5R2up3A520vbkfdKKQhrKwg7ZXZqvtyQp4ejpDJs%2B1HiOgprDoFk%2F8DLXzQctxpeqA74yD0sJ9%2BQ7l9IWkkNO3RiOYNphNwXSHLl5DvOSN1QZ6ZsaxOPoBg98k8wEyFzFR4X%2F5A0FN3xjd1SQ5v6tKSr7eyXCZyn07%2F362c5uKxL94Qe6U2fOOaHX7%2BCpsa0%2FLkbWHzTZpymfYs%2BXJNci7MujZMkG837LsiulHYnbXCpEW2eePV9Y0kM8JaqdMaVJ5tPQKTE%2FL%2Fvz6ZvUzXfwnS1DBFhaRYkEpdg2UHsNmiZzWBUQsdZQ7KohqbZrRoKkmgxELTqIL9l44W9cjeQc84oPltpEmFvqnQVxWoGsIWV8d5Zu6%2F%2FOOn0%2FgMkXLGkTLOYaSM%2BvjytFaeu4x5gvpRxxeCi9YKY0GbhVE7Xgk6ImzxFnI74b88%2BPNvAAAA%2F%2F8BAAD%2F%2F5eHklZmBAAA HTTP/1.1
Host: criticismheartbroken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Cookie: u_pl=15818708; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e726c07122f9ec000ac4404dd5040441
Strict-Transport-Security: max-age=0; includeSubdomains

criticismheartbroken.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq%2Fe3Pw%2FrSdGDtz4q6KS708nMuIIY10gwbtZdRW%2Bhuqp6Uqa6q63qmp7kFFyQPY4HD3rq%2BU6yQQ2Lelek40UWhAyC5GAOwv4BIiwreJCZBEcfNO993%2FcdPu91fTRyZySAo6erb%2BpdqRRdWGoF%2FrPvheFVf13mbuAPOsuby%2FFV3%2FRfDINuK3jOf12wbb0QBWEQhEHor0ojUj1YCMOwFUAWR92w1Q1acdQKl2IMzH%2B1dR4s9cD7Z%2BRJSD65cnQvhmQN8uyra8Jul7p4%2FrXMKVpqgz4%2FfCffznWVI5uXqfGQ5ocX09D2ZPU76PxgBgzd%2F2cwkRPiPfgNSX54QYmkf3AOmiiIHAl%2FHFW%2FgVANJG3A9G1IfkIAxnF9A3l297o2Fd05d%2BnUnZDLD%2F%2BArCbk8q9PIc%2FurSg58G9p5Uqpc4tBWkMOGsheg8Ido9y9BFkdg5UfQvKfyMLDdeTZ%2FoZVGpLXs%2BWlbCDTBkoMQa0HN%2F2kB5d6cIWHjJ%2F6bRZ3OryzxKlgLErSsJPGadylLEhZsNiN4NgUb4iyGIKpIZjZQ2H2sC2HMO572K0alnuw5YR4b%2B2hz2tUgqCyBBUlqCRBVRJU%2FfqAKxvZ%2Bi5X1iXhRY4u8mI91mVvRA902RM5GRVn5InZXX7f%2FBnb4tTvRG2%2BKGIuWDsNBaXtbjsO%2BXKQLifdpEM7sLKGtJdmq%2B7KCXl6OEIhTzYfIaHHsOoYTP4P1IWg1bgdBaBb47gTYDf%2FhnL7QtbKaN6jCS1bTGfgukZRXka5443UGXlmxnJ18gEEu08uAszUKEyN9%2BUPBD11Z3xTV2T%2Fpq4s%2BXqjKGUmd%2Bn0%2F90qaSke%2B%2BINsVNpw9eu2eHnr7CpMS2P3ha2XKc5l3nPki9XJOfCrGrDBPl2zb4rkhvObq04k7ti%2Fcarq2tZYYS1UucNqDzZeAQmJ%2BT%2Ff30ye5l%2B%2BBKkaWBcjczNSaVuwIo92GLes5rAqLlOCg%2BVq8cmSuZNJQmUmGua1LD%2F0sm8Htk76BkPtLyNPKvRNzX6qgZVQ1h3ZVwW5v7LP346jc%2BQKG%2BcKOPtJ8qoj89Pa%2BWpL9piuduNg7jNgyCJeRSFS4LRxZh2aRSlbZR2wn958OffAAAA%2F%2F8BAAD%2F%2F2igOkZmBAAA

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
criticismheartbroken.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq%2Fe3Pw%2FrSdGDtz4q6KS708nMuIIY10gwbtZdRW%2Bhuqp6Uqa6q63qmp7kFFyQPY4HD3rq%2BU6yQQ2Lelek40UWhAyC5GAOwv4BIiwreJCZBEcfNO993%2FcdPu91fTRyZySAo6erb%2BpdqRRdWGoF%2FrPvheFVf13mbuAPOsuby%2FFV3%2FRfDINuK3jOf12wbb0QBWEQhEHor0ojUj1YCMOwFUAWR92w1Q1acdQKl2IMzH%2B1dR4s9cD7Z%2BRJSD65cnQvhmQN8uyra8Jul7p4%2FrXMKVpqgz4%2FfCffznWVI5uXqfGQ5ocX09D2ZPU76PxgBgzd%2F2cwkRPiPfgNSX54QYmkf3AOmiiIHAl%2FHFW%2FgVANJG3A9G1IfkIAxnF9A3l297o2Fd05d%2BnUnZDLD%2F%2BArCbk8q9PIc%2FurSg58G9p5Uqpc4tBWkMOGsheg8Ido9y9BFkdg5UfQvKfyMLDdeTZ%2FoZVGpLXs%2BWlbCDTBkoMQa0HN%2F2kB5d6cIWHjJ%2F6bRZ3OryzxKlgLErSsJPGadylLEhZsNiN4NgUb4iyGIKpIZjZQ2H2sC2HMO572K0alnuw5YR4b%2B2hz2tUgqCyBBUlqCRBVRJU%2FfqAKxvZ%2Bi5X1iXhRY4u8mI91mVvRA902RM5GRVn5InZXX7f%2FBnb4tTvRG2%2BKGIuWDsNBaXtbjsO%2BXKQLifdpEM7sLKGtJdmq%2B7KCXl6OEIhTzYfIaHHsOoYTP4P1IWg1bgdBaBb47gTYDf%2FhnL7QtbKaN6jCS1bTGfgukZRXka5443UGXlmxnJ18gEEu08uAszUKEyN9%2BUPBD11Z3xTV2T%2Fpq4s%2BXqjKGUmd%2Bn0%2F90qaSke%2B%2BINsVNpw9eu2eHnr7CpMS2P3ha2XKc5l3nPki9XJOfCrGrDBPl2zb4rkhvObq04k7ti%2Fcarq2tZYYS1UucNqDzZeAQmJ%2BT%2Ff30ye5l%2B%2BBKkaWBcjczNSaVuwIo92GLes5rAqLlOCg%2BVq8cmSuZNJQmUmGua1LD%2F0sm8Htk76BkPtLyNPKvRNzX6qgZVQ1h3ZVwW5v7LP346jc%2BQKG%2BcKOPtJ8qoj89Pa%2BWpL9piuduNg7jNgyCJeRSFS4LRxZh2aRSlbZR2wn958OffAAAA%2F%2F8BAAD%2F%2F2igOkZmBAAA
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_2.html
Certificate
IssuerLet's Encrypt
Subjectcriticismheartbroken.com
FingerprintC9:1D:F9:1E:FE:A7:B9:9E:98:FC:75:F3:EB:E2:82:7A:F5:2C:43:C8
ValidityWed, 09 Aug 2023 01:45:22 GMT - Tue, 07 Nov 2023 01:45:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq%2Fe3Pw%2FrSdGDtz4q6KS708nMuIIY10gwbtZdRW%2Bhuqp6Uqa6q63qmp7kFFyQPY4HD3rq%2BU6yQQ2Lelek40UWhAyC5GAOwv4BIiwreJCZBEcfNO993%2FcdPu91fTRyZySAo6erb%2BpdqRRdWGoF%2FrPvheFVf13mbuAPOsuby%2FFV3%2FRfDINuK3jOf12wbb0QBWEQhEHor0ojUj1YCMOwFUAWR92w1Q1acdQKl2IMzH%2B1dR4s9cD7Z%2BRJSD65cnQvhmQN8uyra8Jul7p4%2FrXMKVpqgz4%2FfCffznWVI5uXqfGQ5ocX09D2ZPU76PxgBgzd%2F2cwkRPiPfgNSX54QYmkf3AOmiiIHAl%2FHFW%2FgVANJG3A9G1IfkIAxnF9A3l297o2Fd05d%2BnUnZDLD%2F%2BArCbk8q9PIc%2FurSg58G9p5Uqpc4tBWkMOGsheg8Ido9y9BFkdg5UfQvKfyMLDdeTZ%2FoZVGpLXs%2BWlbCDTBkoMQa0HN%2F2kB5d6cIWHjJ%2F6bRZ3OryzxKlgLErSsJPGadylLEhZsNiN4NgUb4iyGIKpIZjZQ2H2sC2HMO572K0alnuw5YR4b%2B2hz2tUgqCyBBUlqCRBVRJU%2FfqAKxvZ%2Bi5X1iXhRY4u8mI91mVvRA902RM5GRVn5InZXX7f%2FBnb4tTvRG2%2BKGIuWDsNBaXtbjsO%2BXKQLifdpEM7sLKGtJdmq%2B7KCXl6OEIhTzYfIaHHsOoYTP4P1IWg1bgdBaBb47gTYDf%2FhnL7QtbKaN6jCS1bTGfgukZRXka5443UGXlmxnJ18gEEu08uAszUKEyN9%2BUPBD11Z3xTV2T%2Fpq4s%2BXqjKGUmd%2Bn0%2F90qaSke%2B%2BINsVNpw9eu2eHnr7CpMS2P3ha2XKc5l3nPki9XJOfCrGrDBPl2zb4rkhvObq04k7ti%2Fcarq2tZYYS1UucNqDzZeAQmJ%2BT%2Ff30ye5l%2B%2BBKkaWBcjczNSaVuwIo92GLes5rAqLlOCg%2BVq8cmSuZNJQmUmGua1LD%2F0sm8Htk76BkPtLyNPKvRNzX6qgZVQ1h3ZVwW5v7LP346jc%2BQKG%2BcKOPtJ8qoj89Pa%2BWpL9piuduNg7jNgyCJeRSFS4LRxZh2aRSlbZR2wn958OffAAAA%2F%2F8BAAD%2F%2F2igOkZmBAAA HTTP/1.1
Host: criticismheartbroken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Cookie: u_pl=15818708; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10ef6534302056776b24d90927f6b6bd
Strict-Transport-Security: max-age=0; includeSubdomains

membershipimmunitysport.com/d9/46/32/d94632e7aa9c3371986027866cfd2937.js

192.243.59.12

200 OK

29 kB

URL GET HTTP/1.1
membershipimmunitysport.com/d9/46/32/d94632e7aa9c3371986027866cfd2937.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subjectmembershipimmunitysport.com
Fingerprint0B:90:09:24:2D:07:A9:05:9A:41:03:AB:60:FD:4D:7B:C3:B2:34:AA
ValidityWed, 09 Aug 2023 01:42:19 GMT - Tue, 07 Nov 2023 01:42:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28769 bytes)
Hash
8885b4b249ff9f3a79de4a9b8743058b
eb81622fa079e5d5e3ec4a1875f782c268782361
681944bf07f10eb15dd4fa0651c688ccc2c0f22fe51f0cfb2f22db486edc978f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /d9/46/32/d94632e7aa9c3371986027866cfd2937.js HTTP/1.1
Host: membershipimmunitysport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c435d9e7098a212af50161cca1d06305
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

membershipimmunitysport.com/watch.762553828499.js?key=455367cf7c186414ffa2e74aa3478dd1&kw=%5B%22rebirth%22%2C%22of%22%2C%22the%22%2C%22emperor%22%2C%22in%22%2C%22the%22%2C%22reverse%22%2C%22world%22%2C%22chapter%22%2C%221%22%2C%22m%22%2C%22mangabat%22%2C%22com%22%5D&refer=&tz=0&dev=e&res=12.2079&uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8%3A3%3A1&shu=af411fc98a9b44d9174b5cb00ac582af6df8283ac1b64e8430adfa89c4c9abadc25f7b1b802bfd0552ec065d3473be67e7bdfdaeae6fa3a9f9c504e8b1d4d8075193f5fcf6761cc34983d4c45c1481bbdc7af9ec&pst=1691870773&rmtc=t

192.243.59.12

200 OK

2.1 kB

URL GET HTTP/1.1
membershipimmunitysport.com/watch.762553828499.js?key=455367cf7c186414ffa2e74aa3478dd1&kw=%5B%22rebirth%22%2C%22of%22%2C%22the%22%2C%22emperor%22%2C%22in%22%2C%22the%22%2C%22reverse%22%2C%22world%22%2C%22chapter%22%2C%221%22%2C%22m%22%2C%22mangabat%22%2C%22com%22%5D&refer=&tz=0&dev=e&res=12.2079&uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8%3A3%3A1&shu=af411fc98a9b44d9174b5cb00ac582af6df8283ac1b64e8430adfa89c4c9abadc25f7b1b802bfd0552ec065d3473be67e7bdfdaeae6fa3a9f9c504e8b1d4d8075193f5fcf6761cc34983d4c45c1481bbdc7af9ec&pst=1691870773&rmtc=t
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subjectmembershipimmunitysport.com
Fingerprint0B:90:09:24:2D:07:A9:05:9A:41:03:AB:60:FD:4D:7B:C3:B2:34:AA
ValidityWed, 09 Aug 2023 01:42:19 GMT - Tue, 07 Nov 2023 01:42:18 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2622)
Size
2.1 kB (2091 bytes)
Hash
547b6e826cb5635f7f2d60c48aa71fb8
a3ed98c3e184ec145ca8211663f15d06f1a36705
03cfe64aabb4224db10b4270e0b84fd95c6ded045d8295dde378c3ed111bc512

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.762553828499.js?key=455367cf7c186414ffa2e74aa3478dd1&kw=%5B%22rebirth%22%2C%22of%22%2C%22the%22%2C%22emperor%22%2C%22in%22%2C%22the%22%2C%22reverse%22%2C%22world%22%2C%22chapter%22%2C%221%22%2C%22m%22%2C%22mangabat%22%2C%22com%22%5D&refer=&tz=0&dev=e&res=12.2079&uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8%3A3%3A1&shu=af411fc98a9b44d9174b5cb00ac582af6df8283ac1b64e8430adfa89c4c9abadc25f7b1b802bfd0552ec065d3473be67e7bdfdaeae6fa3a9f9c504e8b1d4d8075193f5fcf6761cc34983d4c45c1481bbdc7af9ec&pst=1691870773&rmtc=t HTTP/1.1
Host: membershipimmunitysport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h.mangabat.com
Referer: https://h.mangabat.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18459625; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ1OTYyNSwiayI6IjQ1NTM2N2NmN2MxODY0MTRmZmEyZTc0YWEzNDc4ZGQxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjU1NDE3LCJwaWQiOjQyODA4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ2YWJ0cmhmcmYiLCJjcGtzIjp7ICIyOCI6ImQ5NDYzMmU3YWE5YzMzNzE5ODYwMjc4NjZjZmQyOTM3In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vaC5tYW5nYWJhdC5jb20vIn19.OQzHDjBigpe4Ww6Ly1D4jGh51aNopVWDi1D79KYy0AM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 12 Aug 2023 20:05:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://h.mangabat.com
Access-Control-Allow-Origin: https://h.mangabat.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8:3:1; expires=Sat, 19 Aug 2023 20:05:13 GMT; secure; SameSite=None
iprc41cc01834309bec82d6bef73735bc123=3569806; expires=Sun, 13 Aug 2023 00:05:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 13 Aug 2023 20:05:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61b71aad7dc9e757bfa269bca21b7e2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.10

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintAA:0D:43:1A:D3:E4:C6:42:86:E6:B6:6B:B0:1E:22:41:C9:F8:8C:A9
ValidityThu, 27 Jul 2023 23:07:11 GMT - Wed, 25 Oct 2023 23:07:10 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:13 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Mon, 14 Aug 2023 20:05:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fixedgodmother.com/pixel/purst?dl=0&th=0&sc=0&rs=1492&rd=1492&fd=804&bv=22.10.v.10&tmpl=136

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
fixedgodmother.com/pixel/purst?dl=0&th=0&sc=0&rs=1492&rd=1492&fd=804&bv=22.10.v.10&tmpl=136
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subjectfixedgodmother.com
FingerprintA0:11:E7:DA:5B:30:51:68:CB:22:63:E8:9A:5C:70:31:8B:93:88:90
ValidityWed, 09 Aug 2023 01:37:18 GMT - Tue, 07 Nov 2023 01:37:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1492&rd=1492&fd=804&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: fixedgodmother.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=1&pk=d94632e7aa9c3371986027866cfd2937&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=1&pk=d94632e7aa9c3371986027866cfd2937&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintFA:C0:C8:59:8F:DC:3E:30:9F:0B:7A:DF:A6:77:BD:B0:3B:A2:44:AC
ValidityTue, 25 Jul 2023 07:34:40 GMT - Mon, 23 Oct 2023 07:34:39 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=72ff60e7-3464-4ed8-a9ae-96a0bf5c7cc8&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=1&pk=d94632e7aa9c3371986027866cfd2937&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 12 Aug 2023 20:05:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 252601641f17aa2a67000b4507d38b24
Strict-Transport-Security: max-age=0; includeSubdomains

h.mangabat.com/themes/hm/js/custom-chapter.js?v=02232021

104.26.9.37

200 OK

1.8 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/custom-chapter.js?v=02232021
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1851), with no line terminators
Size
1.8 kB (1763 bytes)
Hash
fe6ab27e351ab5977ec85fda4ad18d13
6f22d9d0afc6517b1e79b569c59154cf7b8911ef
9f138cd188dec60b5e37b75ef6ad6e7f9d6fca9c1e62712626ca35096ffa46a6

HTTP Headers

GET /themes/hm/js/custom-chapter.js?v=02232021 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Mon, 08 Feb 2021 12:10:25 GMT
vary: Accept-Encoding
etag: W/"60212a31-6e3"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTCJjK7aQEYxAA30L%2F9gyFh5eIZwa2YA1H5mG7svx%2BVsG36ReUViH%2FWhV6Je3l4%2BI0Sae%2F100g%2FrTrslVH3m5VotYBMsdLeeWZIIW%2F3fl3BS9ZB%2F%2BDUM4vFcQBUziK%2BC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd3e29b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/css/owl.carousel.css

104.26.9.37

200 OK

1.5 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/css/owl.carousel.css
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1648), with no line terminators
Size
1.5 kB (1473 bytes)
Hash
c5fe09f90c147a0110cfd458f59ce5ae
06fe50157d479ba8169403a52baf253d53f0388d
2fac84c5b83cf81c65ff9aab873f4510a4cb6277ea88875ac3522682a6fd898d

HTTP Headers

GET /themes/hm/css/owl.carousel.css HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Fri, 11 Jan 2019 05:26:42 GMT
vary: Accept-Encoding
etag: W/"5c382912-5c1"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NdAoT4J5LGaufhIlJu7XQ3%2FYVsTAb1Xhb9jBSXSBtYFFgB%2F8aF3NfFFCNQWTZ%2Fx72Df4G13ElWlgh4OV7j0L9hdxbalyYhwrphfZpsziwMwcwjAeiC2zA5rvKWR1%2BAx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd1dfdb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/js/jquery-1.9.1.min.js

104.26.9.37

200 OK

93 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/jquery-1.9.1.min.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32089), with CRLF line terminators
Size
93 kB (92633 bytes)
Hash
383771ef1692bfcc3f2b6917ca985778
a1ce0bfa507f23cc414a9a7634bd73b994bb3b35
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

HTTP Headers

GET /themes/hm/js/jquery-1.9.1.min.js HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Thu, 10 Jan 2019 14:06:42 GMT
vary: Accept-Encoding
etag: W/"5c375172-169d9"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUIkg%2FL2stW4v6NjuGIP8K9TAvxDqlRwSLdw2wqHBZ%2BLnJtZdI1NoB3JaPL5mwiLeyhJcyrVsbSOfvYncaG6%2BUWtUtNdZlSuBbg87%2Bzg67ckAFWmZ0f2DivJIpnHsoku"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd1e01b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.pubfuture.com/v1/unit/63f6d5ef5eb600002866bdaf.js?v=2

172.67.75.110

200 OK

2.7 kB

URL GET HTTP/2
platform.pubfuture.com/v1/unit/63f6d5ef5eb600002866bdaf.js?v=2
IP
172.67.75.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint11:B8:54:A9:63:30:9C:C0:B9:A3:AD:E7:BB:F8:A2:EE:80:FF:C3:3F
ValidityMon, 20 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2834), with no line terminators
Size
2.7 kB (2736 bytes)
Hash
5553198259ab1b94e03f06c832dc1bb5
c55aa8ccf1ee50ef323953b612b148da3e2d7dde
0441794bc2288956bfaeb83d7ee6827584d41c837f7d30c6044931ba80cb6086

HTTP Headers

GET /v1/unit/63f6d5ef5eb600002866bdaf.js?v=2 HTTP/1.1
Host: platform.pubfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
cache-control: public, max-age=7200
etag: W/"ab0-hN/0KJXdp/9Zu29PWT1MpPrAwrM"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPolNCs3KeLIC12Sne85Z3r1RlwRGQqRyY1kFSDOQCcCb1o1BQyK04ToiN7q866w39gihZ97CERJi7d4PMEfzmPfkZ1s%2BLPcwqWqpT2m16IT5eJvxD4ssbAhIGtxGrXX39aLgf5Z9KY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dda94e1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/images/sun-moon.png

104.26.9.37

200 OK

6.1 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/images/sun-moon.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 77 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
6.1 kB (6145 bytes)
Hash
99fee22e033397d5bcd482117cbd1a82
2b8a91e851833513a4f8c39db778b470b7132153
d565d3ce393663ea134a41556d17e7e61dea7aa44602dc87ec3dc61b88b9a0cc

HTTP Headers

GET /themes/hm/images/sun-moon.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/themes/hm/css/c-style.css?v=08032022
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 6145
last-modified: Mon, 24 Feb 2020 10:02:48 GMT
etag: "5e539f48-1801"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP%2FwV0qX%2B%2F9nWzHyP8UHchhnHfmnusF2GYyPSUKegQ4%2FOuj5frIoK7p0VnoC1PVDywymprb8YecxbdTa6Se7fSl53JWDAEuxh9PaRrUtBhZ4z5n%2Fi1P1M5fmYj51PpoN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e84807b51b-OSL
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=5275&uuid=91276beb9d3048c7a6fa07a9f40bb456&p=36&g=NO&token=4a44335432&tbg=1691870711

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=5275&uuid=91276beb9d3048c7a6fa07a9f40bb456&p=36&g=NO&token=4a44335432&tbg=1691870711
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=5275&uuid=91276beb9d3048c7a6fa07a9f40bb456&p=36&g=NO&token=4a44335432&tbg=1691870711 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu9tMrmxGHHF80%2FFkkwB5UgiCPOKoPVKoMDP1YG5TBFPFMVsYpH%2Bfc%2FQVpFYbEoDOyOl4nI6BEEeHuF2nDzmNjOYF6nuCZ0yoJ0qztEF6E9YQVQtSFcxfkiUE8MuCklU6Dw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ed5e89b50f-OSL
X-Firefox-Spdy: h2

h.mangabat.com/ads/bidgear_300x250_desktop_3.html

104.26.9.37

200 OK

1.2 kB

URL GET HTTP/2
h.mangabat.com/ads/bidgear_300x250_desktop_3.html
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1265), with no line terminators
Size
1.2 kB (1185 bytes)
Hash
56bda617dcf225df4e6bc0e6ad4f749e
3bcef161c025f1971b960d8c1fecf42eb71db063
8dec6ed7f413432574168e88efe5d3f87f2204e9fec0b6a8b8a9e025d7d26fa3

HTTP Headers

GET /ads/bidgear_300x250_desktop_3.html HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: text/html
last-modified: Wed, 15 Dec 2021 09:55:37 GMT
vary: Accept-Encoding
x-powered-by: VPSSIM
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0Gre%2FZMUuqK6UnjNJg2DWiPiGKkYKuiCzDaVQ%2B44dcadehOm0w%2F4WMIoYstxP8%2BK%2BuJ3ylZaKdH6u8x%2FUlUBheWmTyvR4oFQ66Vi7ej%2BSyC2piFxw620QXMleutCNKa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e80f92b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/favicon-16x16.png

104.26.9.37

200 OK

2.5 kB

URL GET HTTP/2
h.mangabat.com/favicon-16x16.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2466 bytes)
Hash
1069629a92992507954b7a9816fd4b08
196cc4105fec499e95d2efb483e72f0a11fba404
ab76c115bcd612f686e00d53eb3d9edfbd062c02d9da5a89b3087eca00b0c817

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df; panel-fb-comment=fb-comment-title-show; _ga_T60M656J5F=GS1.1.1691870707.1.0.1691870707.0.0.0; _ga=GA1.1.1768089873.1691870708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 2466
last-modified: Tue, 28 Apr 2020 00:48:37 GMT
etag: "5ea77d65-9a2"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IABq8Go34MvGvUWQEj6HIKqdlnRovkLJs571bwoWuHDQtDf9RHhvclroAgzSDwWXS74ugXZxQyUKfVHX1tqKr31bScR8OXzUDb%2Bw76DxSWjI3H09sjlZxia2QD82mDFE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ebdd1ab51b-OSL
X-Firefox-Spdy: h2

h.mangabat.com/favicon-96x96.png

104.26.9.37

200 OK

6.5 kB

URL GET HTTP/2
h.mangabat.com/favicon-96x96.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6519 bytes)
Hash
f42a5b0bd4b2e8ac1a3841db24aaef2b
734da07e87a6612f9450df42f2c7d0cf5650fd53
edbb307214d99c279c17e4467018fb499e2771f759103f4bd01652d10b02a330

HTTP Headers

GET /favicon-96x96.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df; panel-fb-comment=fb-comment-title-show; _ga_T60M656J5F=GS1.1.1691870707.1.0.1691870707.0.0.0; _ga=GA1.1.1768089873.1691870708
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 6519
last-modified: Tue, 28 Apr 2020 00:47:45 GMT
etag: "5ea77d31-1977"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKuqBFTjAbQtwkl3PF9N%2FicrPBus9mgLia%2Ff%2BV%2FzYsNkIBxIMf04iKnPZKClP6Pw9SEnHee4JKISM4ubmBUPykmJPMd%2BkRpNFTzHh7KMb1o66GfN5cgjmZZ9s1WavETS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ebdd17b51b-OSL
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5274

104.26.3.107

200 OK

705 B

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5274
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_2.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (734), with no line terminators
Size
705 B (705 bytes)
Hash
9314c5092a3b04a018add9f79d09bec3
bc67d4eba58ea16b3e479ea0d94ec1ba6223c296
eaa7ca6bf875d12668adf5c02ad0ade5c2fd453fb098fab89a6cf40e23d7ec6c

HTTP Headers

GET /ads.php?domainid=4346&sizeid=2&zoneid=5274 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bg8t6ZdLZqvDhEEk9IUddfQt6VaMnDBT2BhTOouoV4Txc%2FpnMC6K6wmn0CgCxhYGUl9LaSTVN7z38PqlsU7rBJkkEmS4ItDpKvelg7cF4TN%2F73rZ3EdV9f1JVgy0uddPpUckupfb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ebdc5cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.bidgear.com/media/img/b15.png

104.26.3.107

200 OK

649 B

URL GET HTTP/2
platform.bidgear.com/media/img/b15.png
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_4.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
649 B (649 bytes)
Hash
d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943

HTTP Headers

GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Thu, 17 Aug 2023 17:29:50 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2024364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBTmCTUMheZ5fjvCg1t7S0IjWi%2BC%2FR6lT%2Fcj1asvRKPP9rD5yFqlv%2Bx3ZBoHcOrj%2BymUFtHGwnNzpK8p3pgeLByjbVTB4VfoY1cXCHjZSjjbl5KphhhBVIgSh25TEe%2BcBlgNQJna"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54ed5ea3b50f-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Noto+Sans:400,400italic,700,700italic&subset=latin,vietnamese

142.250.74.106

200 OK

10 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Noto+Sans:400,400italic,700,700italic&subset=latin,vietnamese
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintC1:FC:47:2F:E4:8D:DA:F2:E6:C0:AB:89:40:FB:3F:E4:E0:C5:04:42
ValidityMon, 17 Jul 2023 08:21:35 GMT - Mon, 09 Oct 2023 08:21:34 GMT

File type
ASCII text
Size
10 kB (10020 bytes)
Hash
36209a208645a7d1dafb865cbf6049b5
b842e1907dff05638433b2c57e2a09d1e430cc1a
ef59349e0e0bc8f1fafbf9e6f3f945b2fc645ec541289484ab9994ab58938125

HTTP Headers

GET /css?family=Noto+Sans:400,400italic,700,700italic&subset=latin,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Aug 2023 20:05:10 GMT
date: Sat, 12 Aug 2023 20:05:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/css/slicknav.min.css

104.26.9.37

200 OK

2.3 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/css/slicknav.min.css
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2273), with no line terminators
Size
2.3 kB (2261 bytes)
Hash
36734c6752dd5b8e977d5bc8d482db37
a5aeaeab521fa12e5787b3cb1a84ecedc4adee50
5abf6eb6073926d7837e7ee4b6256b609320a3eaff95e38be0e82fe233742860

HTTP Headers

GET /themes/hm/css/slicknav.min.css HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Sun, 23 Feb 2020 15:30:29 GMT
vary: Accept-Encoding
etag: W/"5e529a95-8d5"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoVzmvuBzneLtQCy4tW3m%2BXMQVUvehJ4W3K0qMGfq2otqvenY8t45TEFnXukQqZOviqU8FYEc7H33%2Fqax398q6WkRKXGbw%2Be1mGCho1O36ZhljO2ca3A64XH5f5vQkFP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd1df8b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-T60M656J5F&l=dataLayer&cx=c

142.250.74.168

200 OK

221 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-T60M656J5F&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintB8:00:22:F1:F1:80:E5:11:65:10:02:04:DA:9B:FA:C3:3E:F6:7A:70
ValidityMon, 17 Jul 2023 08:16:31 GMT - Mon, 09 Oct 2023 08:16:30 GMT

File type
ASCII text, with very long lines (5857)
Size
221 kB (220841 bytes)
Hash
69650403a741b59a62704f99f0c72b28
a83cb15e50a126fb9d905aa64bc68e21598815f3
ef9b2c626f982b3ada9b38e41b841df359a7ceb98ada170eed8c89326d49264e

HTTP Headers

GET /gtag/js?id=G-T60M656J5F&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Aug 2023 20:05:11 GMT
expires: Sat, 12 Aug 2023 20:05:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78154
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

platform.pubfuture.com/v1/config/63f6d5ef5eb600002866bdaf.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=&d=b3RoZXJz&s=aC5tYW5nYWJhdC5jb20vcmVhZC11YTM5ODg0NS1jaGFwLTE=

172.67.75.110

200 OK

2.3 kB

URL GET HTTP/2
platform.pubfuture.com/v1/config/63f6d5ef5eb600002866bdaf.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=&d=b3RoZXJz&s=aC5tYW5nYWJhdC5jb20vcmVhZC11YTM5ODg0NS1jaGFwLTE=
IP
172.67.75.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint11:B8:54:A9:63:30:9C:C0:B9:A3:AD:E7:BB:F8:A2:EE:80:FF:C3:3F
ValidityMon, 20 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2321), with no line terminators
Size
2.3 kB (2261 bytes)
Hash
c13a0fa7266ef657045d637e318ba41c
650aa0b91d59ff9882f362c30898372525a6ebe9
9dbdd17ac6297d4dc4568fc0f12720f63e5047ea7cac757b42353fbd9c233fa7

HTTP Headers

GET /v1/config/63f6d5ef5eb600002866bdaf.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=&d=b3RoZXJz&s=aC5tYW5nYWJhdC5jb20vcmVhZC11YTM5ODg0NS1jaGFwLTE= HTTP/1.1
Host: platform.pubfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"8d5-H0FGBhupDXAg2T2D+PIt5Vnmj58"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stuNvCnw1JDvuyAMlT6%2Fwpyx1FxfzSxbNwuqdR9uanz6yFMOhx1et7B%2B3SoLepFF%2F4fqDKQtIV3XlnOoBo5o%2BT0UQvR3OFvHQZEtGwUAOC21GhI06ZuvMHlsiz%2F9gOkPWk9eCVWeFfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ed5b201c06-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/css/owl.theme.css

104.26.9.37

200 OK

2.5 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/css/owl.theme.css
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2770), with no line terminators
Size
2.5 kB (2544 bytes)
Hash
ae4c33b8eafde71aaa6723ef99ba8a4d
16b720a322e242b7d8cb0ff464c4e1a3c2036128
d06c81dca5261ca0f3941d85f3418db95616282415f6961301c1a3a797c79013

HTTP Headers

GET /themes/hm/css/owl.theme.css HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Sat, 14 Sep 2019 07:33:00 GMT
vary: Accept-Encoding
etag: W/"5d7c97ac-9f0"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhPC1HgNDKaMpjJ1OeU49KmYwF7IR0xanXpB2J1KmYLNYjNW7Cb54zXJ8TEnEnq%2BNVP2IonXOrhBctW%2FHE3Q7G6Cx8w%2B7sqxtss06FvuH1Gj6U4Xq19D9Xr04G29nQl7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd1dfbb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5275

104.26.3.107

200 OK

705 B

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=4346&sizeid=2&zoneid=5275
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_3.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (734), with no line terminators
Size
705 B (705 bytes)
Hash
d2988a6f9bcca8f0669df8566187a554
d30e6f4299ac32768aebacbeb5f20dc2bde2193d
bbb86192365a9e9f8d5e301d51fdc734425abccae11c219460c63dbe08200556

HTTP Headers

GET /ads.php?domainid=4346&sizeid=2&zoneid=5275 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZRH5zVjZ2RPf4DI4rvRoaSUktdgihoUPhQ9f0q0hLhVpZVQEjPYL5m8YW%2B5K8IOO8CeqYQpnKzg%2FEWKLdvTgI6rS4DJ8e28R8yEXVoevB5utgfmDXsYa4gMyiALHoATd%2FR7nFlk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ebbc2cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

a.magsrv.com/ad-provider.js

205.185.216.42

200 OK

106 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_1.html
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint9C:9C:8C:15:3B:65:AB:34:94:B5:CD:26:D6:67:61:2A:99:F9:0A:7B
ValidityTue, 01 Aug 2023 11:24:30 GMT - Mon, 30 Oct 2023 11:24:29 GMT

File type
ASCII text, with very long lines (33829)
Size
106 kB (105833 bytes)
Hash
741f9bcd735a718f6dbcaf6aa4f118c0
f7b62318ccec4fda7e838ae49b0de1bc7ecf5f2e
2cc4d0da63dfd4b3a4b05666d797aa3537bc80bcf18e5bbd7afd260f68962fd5

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-encoding: gzip
content-length: 33301
content-type: application/javascript
accept-ranges: bytes
server: nginx
etag: W/"f7b62318ccec4fda7e838ae49b0"
accept-ch: 
cache-control: max-age=10800
x-hw: 1691870711.dop021.sk1.t,1691870711.cds216.sk1.hn,1691870711.cds257.sk1.c
access-control-allow-origin: *, *
X-Firefox-Spdy: h2

h.mangabat.com/themes/starrate/css/style.css

104.26.9.37

200 OK

1.4 kB

URL GET HTTP/2
h.mangabat.com/themes/starrate/css/style.css
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1474), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
f6a1e6e9670d8ced7fe071f01d173a9f
836c3b818f23fa5f6706613480d22abdb049431a
bace91e09336e0a6ac66a9815fdb05d88081ffc7acbc359152d09f13a9882b14

HTTP Headers

GET /themes/starrate/css/style.css HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Tue, 24 Sep 2019 08:39:45 GMT
vary: Accept-Encoding
etag: W/"5d89d651-582"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=151IqpieLtdD3yCx2IBbe2qHPcmTtGOWUClL0Hdu%2FOma0WdNpQvRJJBrC5saDxH%2FhwtcTtR%2B4oARsrHcSUImgnsQ8q%2FCZmedXFKLZOIpcJbva1iFa60whGE6xKcXP9TD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd3e20b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.197.8

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.197.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85467 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:14 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a9934feeb3b8736492bd6680fccfc8fe
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 12 Aug 2023 20:05:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C9jpNOkl%2B4sm0N%2BcG2QJyg4BU9GY3WvZLHxSZeULwI83xjP4GkDRJHm7zUNqvsE%2BN39fvAqUB%2B74kB0NCkmrcFonswA8clF62I7xsHbzmFssOJBtU3OtKJkw%2BvOvrIjMVvAtt8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5b54faaf1d3d8e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/522770/7665900e3a6688f00d13484a825eba5119e81924.gif

185.76.9.24

200 OK

27 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/522770/7665900e3a6688f00d13484a825eba5119e81924.gif
IP
185.76.9.24:443
ASN
#60068 Datacamp Limited

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_1.html
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
FingerprintCA:9B:AA:FE:AE:52:F5:06:6F:3C:E5:8C:B7:0F:9A:60:0B:A7:00:C2
ValiditySun, 23 Jul 2023 14:03:50 GMT - Sat, 21 Oct 2023 14:03:49 GMT

File type
GIF image data, version 87a, 300 x 250\012- data
Size
27 kB (27072 bytes)
Hash
f1e022a28c4270f6ebc6925afbd49468
7665900e3a6688f00d13484a825eba5119e81924
20f202ddf4ddb31cb3d50175c66c7cee3be744d3765362fae046646ee4a9a68d

HTTP Headers

GET /library/522770/7665900e3a6688f00d13484a825eba5119e81924.gif HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: image/gif
content-length: 27072
last-modified: Tue, 22 Jun 2021 15:10:18 GMT
etag: "60d1fd5a-69c0"
expires: Tue, 24 Oct 2023 20:49:53 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRSOx13/MNZCAQ
x-77-nzt-ray: af5856305daf6bb9f8e5d76446f7440d
x-accel-expires: @1702249288
x-accel-date: 1670713288
x-cache: HIT
x-age: 21157424
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

h.mangabat.com/read-ua398845-chap-1

104.26.9.37

200 OK

37 kB

URL User Request GET HTTP/2
h.mangabat.com/read-ua398845-chap-1
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type

Size
37 kB (37278 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /read-ua398845-chap-1 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df; expires=Mon, 11-Aug-2025 20:05:08 GMT; Max-Age=63072000; path=/
x-powered-by: VPSSIM
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MS2WZ8DxM%2BrBlPNpdKYcag1ngDt8vQ9NiYqejIJv6HuykJx0lrQhC%2F%2BhXLp2IdGEY2b1Hd6imLksiwm4UxefUmNHoxu7lOfk9xEgvAIeB4ykVzn917CVly%2BZLjJV%2B9u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54d9e99ab51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/css/c-style-chapter.css?v=02232021

104.26.9.37

200 OK

6.4 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/css/c-style-chapter.css?v=02232021
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7022), with no line terminators
Size
6.4 kB (6358 bytes)
Hash
3f9c0e7a2e2c45fcff1e513a6147ba3d
83e1e0e90298d50b5430fe7c87a4e261c9fad52e
2f5f89611c29a215e96744b4182eccb36e88d648054f33bb3a471ab61b5c8a59

HTTP Headers

GET /themes/hm/css/c-style-chapter.css?v=02232021 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Mon, 08 Feb 2021 12:07:34 GMT
vary: Accept-Encoding
etag: W/"60212986-18d6"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr3wtgfbkuf%2F%2BFQMtlnBRmsLhCqqAKT0FJSL%2FTEyVCnY133VTM4QrlW1QUvAw2s2NNOXQ%2FfTDWPH2SIYDWs3LTnxSg3kzV%2BoZL7YxHm7m5Ie00fcxlKd8LyrZ6GO72Qe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd3e28b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v30/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

216.58.207.227

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosans/v30/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14100, version 1.0\012- data
Size
14 kB (14100 bytes)
Hash
c7a65b5f9af2c8afbceed5fd6dacb46c
54f3895b08438523a402ad5cf3c0be2168f99d30
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7

HTTP Headers

GET /s/notosans/v30/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Aug 2023 11:02:28 GMT
expires: Sun, 11 Aug 2024 11:02:28 GMT
cache-control: public, max-age=31536000
age: 32563
last-modified: Thu, 27 Jul 2023 22:02:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/css/tooltip.css?v=08032022

104.26.9.37

200 OK

1.7 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/css/tooltip.css?v=08032022
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1840), with no line terminators
Size
1.7 kB (1686 bytes)
Hash
2cb406571632e53ac476ccf5fb5db013
19c8a1bb2b4766bbd39125b0df8f22528ce7fbb3
e267604d78e091935ed99f0933422bcd378f0c807ba3b8e23ccec32031d61d3e

HTTP Headers

GET /themes/hm/css/tooltip.css?v=08032022 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Mon, 05 Oct 2020 04:37:47 GMT
vary: Accept-Encoding
etag: W/"5f7aa31b-696"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNmY9tpD9oQJlT6fMa87u8TowG%2Bj0Vtkz1xCuTSULtIFM1%2Ba9UTYS4GwbNdCD2aMbgHDu%2BbN1B61UaEdt7kXiz5EqEDACEG%2FA0lJkThBmbKej5MSIX%2FVkV2dblnBiEgV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd1dffb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/css/c-style-search.css?v=08032022

104.26.9.37

200 OK

2.6 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/css/c-style-search.css?v=08032022
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2806), with no line terminators
Size
2.6 kB (2560 bytes)
Hash
62e08c6b96d2421affe0f0656723c158
2bbb4850bd2653bb73e37a3646c01f4a83828805
d1911e1e6667b0f83afafb7ef530a638eba23390906c006cc3ca1367a989ae7a

HTTP Headers

GET /themes/hm/css/c-style-search.css?v=08032022 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: text/css
last-modified: Mon, 05 Oct 2020 03:34:23 GMT
vary: Accept-Encoding
etag: W/"5f7a943f-a00"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu33og6rKjamnkb8SUdyH6txZqAkCex3jXqmYMLaWIWFJCCn4sTEAloi0%2BfVmcAE8AI9XnEpAIx6nNseLxG5%2BfKouDMRZOi%2F6HTMTYavyRqBr5YU9TBs13GZOhKAWC2d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd1e00b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/js/fsearch.js?v=08032022

104.26.9.37

200 OK

4.8 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/js/fsearch.js?v=08032022
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (5114), with no line terminators
Size
4.8 kB (4812 bytes)
Hash
9d92053309abbd764452b39a44f3de7e
24ae9be4479c78d7995a3c170ade4c2152be890b
89fe467dcf8b506874a4a55c4eef2a75eea7294dbef6706a99af58f84527e370

HTTP Headers

GET /themes/hm/js/fsearch.js?v=08032022 HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 11:15:43 GMT
vary: Accept-Encoding
etag: W/"626925df-12cc"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSCk9%2B%2Fwqz9n86JxJrv7xZUZZJNgwBqVk9IbaxuPlmWAJFLbFBRqAvwPBQK4GAbmThTNDUI9SBVJ59fGnoDvZRpKLa4GR8nUM1CmLGLbIwhw%2FCWO8RE8%2FSgoBLjC0oSM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd3e1fb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=5273&uuid=4a8bd73f046948da8bcd990dc9bc3a9d&p=28&g=NO&token=4a44335432&tbg=1691870711

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=5273&uuid=4a8bd73f046948da8bcd990dc9bc3a9d&p=28&g=NO&token=4a44335432&tbg=1691870711
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/ads/bidgear_300x250_desktop_1.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=5273&uuid=4a8bd73f046948da8bcd990dc9bc3a9d&p=28&g=NO&token=4a44335432&tbg=1691870711 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:12 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJGKDETIqOERsZMT%2BP1%2F3hSLov4SNHK97txnLIhXueYvuwbn4ImJ7341DTSPJmslXCNdDeSpr6LlkOsZVcHxSMHcKCMmAMjGmB8%2BY0MkctS%2BHzL%2BTxiYWJFFOjtDpXlcG1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54ed5e8fb50f-OSL
X-Firefox-Spdy: h2

h.mangabat.com/themes/starrate/js/starwarsjs.js

104.26.9.37

200 OK

10 kB

URL GET HTTP/2
h.mangabat.com/themes/starrate/js/starwarsjs.js
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
10 kB (10158 bytes)
Hash
3fa72e89d0591678a37b2afffd04ad7f
72516e05fdddc50481f8addfb0a1b63bf3cfd644
9ac1a5d836082405fae82109177c0e65a91f2a9acb8f8f69489f49d9f843d3cf

HTTP Headers

GET /themes/starrate/js/starwarsjs.js HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:09 GMT
content-type: application/javascript
last-modified: Sun, 25 Nov 2018 15:42:06 GMT
vary: Accept-Encoding
etag: W/"5bfac2ce-27ae"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:09 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bX470r7Rz3NtgsfTVmlgpTaa9lM2aoxPJgXjxInIla%2BD1er7rCpRT5dZqgem5iAm78SrpEeVYCpj1o2zhOE%2FQZwCxFvPOZbtMBiEk46BZEybijbdyrz6lPYlT0yfyAs%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54dd3e23b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/ads/bidgear_300x250_desktop_4.html

104.26.9.37

200 OK

1.2 kB

URL GET HTTP/2
h.mangabat.com/ads/bidgear_300x250_desktop_4.html
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1265), with no line terminators
Size
1.2 kB (1185 bytes)
Hash
10c7df24f8f1acda7827eae641ea91e7
9a3020dc29291939292dbd7d55c90395d0825ab2
82b8c8bf6fe240316bff9f7dd3e7fac7a0ca8c654d02d5bfc03aaf2b63237fed

HTTP Headers

GET /ads/bidgear_300x250_desktop_4.html HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/read-ua398845-chap-1
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: text/html
last-modified: Wed, 15 Dec 2021 09:55:57 GMT
vary: Accept-Encoding
x-powered-by: VPSSIM
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsiV0BAhz23%2BuS45Qz1%2FOvGrkAnAud7L7UM6tDL%2B7z%2FnK27QNYcu9sslzvBZ%2FZhuRCI7zbVCELZZkacvf37HUOYllIrxDBy3mYlCt80N3AAdJKHKRxrKRmOJ11aBnKK3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e81fa1b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

h.mangabat.com/themes/hm/images/show-hide.png

104.26.9.37

200 OK

3.2 kB

URL GET HTTP/2
h.mangabat.com/themes/hm/images/show-hide.png
IP
104.26.9.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5F:33:93:9E:0B:FC:1C:34:2E:88:C4:CC:AF:C1:9B:18:E7:B4:4F:F5
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
PNG image data, 16 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3164 bytes)
Hash
143c8faeff54614025e0cd8235da081d
dd2db9b1d6250e94e19a04a90b1470334a36fa5e
7724abf5f53029fe46595b48ef73697901ffae10660959604b8283af6e983d12

HTTP Headers

GET /themes/hm/images/show-hide.png HTTP/1.1
Host: h.mangabat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h.mangabat.com/themes/hm/css/c-style.css?v=08032022
Cookie: ci_session=C7exXgJgzVaOUeKGFLsXaLN693sgR4%2FO11272NDHo67zpipPtyP8CKKH9Rw4aiMF%2F8MDN0fG%2BbzsgETFx2FYXWDRw8EkHt1emCE3zSFTd8jsMNKWewVhkWbtNIMnULhRdDhwl1FyBeyhBnPhh3JClykRsRg2Sddx8Ut2feAZCAMp58av9ZKvxLQoXH%2FTreSbTlZiyxYEgDdZ6cisR3LKID9eiuv57YyJCbmcLrVUEV8iq8yjQrMe7vK5Hg22T8uXdxJjRTjG%2B1Wx%2FoIdi5Grpnt%2Fmor1gJAHNHCdlsTthTQSE9diFz32sNvSxuBeEpNqNaivW094Xlo9KXS4ISFA8f7nYtA2QxgHG0EgmS1rXoAcF1x3fHX7vF7BVBH6KDzJbccd339901822fe8769ea35953650d7c4882f6df
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Aug 2023 20:05:11 GMT
content-type: image/png
content-length: 3164
last-modified: Tue, 24 Sep 2019 15:23:44 GMT
etag: "5d8a3500-c5c"
x-powered-by: VPSSIM
expires: Mon, 11 Sep 2023 20:05:11 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpYHAEP%2Fa19PSzBPx4torTvKnmXXTYmcdqXxQ6eHtbNOKZieiQu4UBvudv6Mh8tn%2FFRL3lPpUmD7JHH5uhbFDxvyzSlO3CpkJF0Wq2HYUDS4wrXWI6pVPgpFT3WaKsVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5b54e84809b51b-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v30/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/notosans/v30/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://h.mangabat.com/read-ua398845-chap-1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13040, version 1.0\012- data
Size
13 kB (13040 bytes)
Hash
0c42d77dfff238ddbc66bc5096635bf2
b14707370f4b734737a295f6c675085c8fde77d8
aecb63436ff8e28ed766a7eb40e804e09893d2264fb5b5ca86fd660c21bab67f

HTTP Headers

GET /s/notosans/v30/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://h.mangabat.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Aug 2023 00:06:38 GMT
expires: Sat, 10 Aug 2024 00:06:38 GMT
cache-control: public, max-age=31536000
age: 158313
last-modified: Thu, 27 Jul 2023 22:02:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (50)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations