Report - manhuaplus.org/manga/the-knight-who-only-lives-today/chapter-35&ved=2ahUKEwiYuNylseOMAxU1JDQIHQ9CFMMQFnoECBgQAQ/404/404

Report Overview

Visited public
2025-04-19 06:30:03
Tags
URL
manhuaplus.org/manga/the-knight-who-only-lives-today/chapter-35&ved=2ahUKEwiYuNylseOMAxU1JDQIHQ9CFMMQFnoECBgQAQ/404/404
Finishing URL
manhuaplus.org/404
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Title
404 Page Not Found - ManhuaPlus

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
3b1d253452.8ea1272194.com	unknown	2025-03-20	2025-04-19	2025-04-19	7.1 kB	40 kB	167.235.163.216
accounts.google.com	81	1997-09-15	2012-05-23	2025-04-16	1.8 kB	6.6 kB	64.233.164.84
nereserv.com	40015	2020-12-21	2020-12-21	2025-04-16	607 B	322 B	116.202.249.56
js.wpushsdk.com	36947	2021-05-07	2021-05-07	2025-04-14	844 B	768 kB	45.133.44.52
platform.pubadx.one	unknown	2024-01-17	2024-06-24	2025-04-16	1.8 kB	19 kB	172.67.75.108
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2025-04-17	846 B	127 kB	45.133.44.52
na.nawpush.com	38563	2020-12-21	2020-12-23	2025-04-17	478 B	1.9 kB	45.133.44.25
68a8b43f0d.ca06ef821c.com	unknown	2025-03-20	2025-04-19	2025-04-19	843 B	345 B	45.133.44.52
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2025-04-15	1.1 kB	819 B	157.90.84.242
manhuaplus.org	unknown	2021-05-29	2022-10-23	2025-04-07	5.7 kB	623 kB	104.21.80.1
imp9.pubadx.one	unknown	2024-01-17	2024-07-27	2025-04-15	1.1 kB	1.4 kB	172.67.75.108
js.capndr.com	316718	2021-08-30	2021-08-30	2025-04-15	415 B	399 B	45.133.44.53
cdn.pubfuture-ad.com	unknown	2022-09-30	2022-11-15	2025-04-16	421 B	358 kB	172.67.70.38
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2025-04-16	538 B	1.2 kB	104.21.30.242
static.bookmsg.com	47495	2020-09-15	2020-11-24	2025-04-16	1.9 kB	4.5 kB	45.133.44.24
sync.pubfuture-ad.com	unknown	2022-09-30	2025-03-10	2025-04-16	1.0 kB	1.9 kB	104.26.5.231
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-16	435 B	340 kB	142.250.178.40
ip2geo.pubfuture-ad.com	unknown	2022-09-30	2023-03-27	2025-04-16	445 B	1.5 kB	104.26.5.231

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-19	medium	8ea1272194.com	Sinkholed
2025-04-19	medium	8ea1272194.com	Sinkholed
2025-04-19	medium	8ea1272194.com	Sinkholed
2025-04-19	medium	ca06ef821c.com	Sinkholed
2025-04-19	medium	8ea1272194.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-619V0BMX1W	ScriptElement	339 kB	2025-04-19	2025-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-619V0BMX1W IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-19 06:30 Last Seen2025-04-19 06:30 Times Seen1 Hash f52b0d77f5bf6f6e80a99a5a8bacd93c 9f1369450dd02a29122734582f1032828ac40636 85057082761d3955600391d309490e253761adae3fe1ac57b36f7aadb091e3d2 Loading...

	js.wpushsdk.com/npc/sdk/wpu/npush.m.js	ScriptElement	205 kB	2025-04-11	2025-04-20
Pretty URL js.wpushsdk.com/npc/sdk/wpu/npush.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 16:41 Last Seen2025-04-20 22:24 Times Seen118 Hash 178a3740cb036c0d457ab49f569f52b5 f9c75b2af6980cd48949ce711dfd859add764d1a fdd2518c37dac5f5dbd0128d53be09c5c1c5b814f77c5bf8232aa750e05a2a4a Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-05-13
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-05-13 18:18 Times Seen3320 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	124 kB	2025-04-18	2025-05-13
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 10:43 Last Seen2025-05-13 18:18 Times Seen152 Hash d4509232ee9a95dc5431a18b2069468d b0e22da458b657fbe8caa54b0124a64698bdf36b fb472b8299627873a3a0d4a9c26703190f8346ba23e173b00fef456d1b7ff8a7 Loading...

	storage.multstorage.com/log/count.html	ScriptElement	693 B	2025-03-03	2025-05-14
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-03 17:07 Last Seen2025-05-14 00:26 Times Seen1995 Hash 16e1f9022fa537a6a2ec170949397376 341d27b7ac1bb5f22f032ab4c14f7589e452bea9 440204bc5125e5ffb0fa553c188a3640f1d0f6779bd0a11076133b1d20f1926b Loading...

	platform.pubadx.one/pubadx-ad.js	ScriptElement	6.9 kB	2025-01-03	2025-05-13
Pretty URL platform.pubadx.one/pubadx-ad.js IP 172.67.75.108 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-03 08:36 Last Seen2025-05-13 22:41 Times Seen112 Hash 285ed9e4cd5b80ff91cf9424392aeaf4 be707969ce2ac075d21e7dd8d96b6274900790a1 906466486f0915c3eea680bc6f2003e028ca8039297e5a1824c899f974664720 Loading...

	js.wpushsdk.com/skins/nmain.m.js	ScriptElement	562 kB	2025-03-10	2025-04-20
Pretty URL js.wpushsdk.com/skins/nmain.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-10 22:11 Last Seen2025-04-20 22:24 Times Seen347 Hash d8d8941c6f90411a61551c317ec00c21 1d8eb0b7dfff1b3c6dfecb96f858fc04c02cb456 14ffad4a95ab3e41ef6fe479cca4c09a20c8be3e53ddca1629fabab0d82069d9 Loading...

HTTP Transactions (44)

URL IP Response Size

platform.pubadx.one/async-v2.json?zoneid=10321&wu=https://manhuaplus.org/404

172.67.75.108

200 OK

1.1 kB

URL GET
platform.pubadx.one/async-v2.json?zoneid=10321&wu=https://manhuaplus.org/404
IP
172.67.75.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubadx.one
Fingerprint7E:4A:FD:F3:BF:73:B7:D1:0C:F4:A9:56:BA:F2:39:7E:6C:A4:DF:41
ValidityWed, 05 Mar 2025 07:32:12 GMT - Tue, 03 Jun 2025 08:29:23 GMT

File type
JSON text data
Size
1.1 kB (1137 bytes)
Hash
45e1d8cd89f972ad1283ceb706196fc6
ab0ae92686d4f3a7e20b6fd37525633023be21f9
5e9ffc225039293853229fae0af9c8f3a9f05597b0f049a240fa9bae772a5f79

HTTP Headers

GET /async-v2.json?zoneid=10321&wu=https://manhuaplus.org/404 HTTP/1.1
Host: platform.pubadx.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://manhuaplus.org/
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:43 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPBZd7QtGubCfCmkiH4h4O9dOU4%2BYYrKi7xK3WqdK6aQYX0A7ozGScSyMyLWHN3ECO2z8QDo39K0gMajn7foirZNpeHPkLP9ryoWW4yBH10lete3AhNcrXUVJdJW5YONkby%2Fdz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a595fcca9b4ee-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1795&min_rtt=409&rtt_var=1895&sent=20&recv=22&lost=0&retrans=1&sent_bytes=10127&recv_bytes=1530&delivery_rate=7651254&cwnd=253&unsent_bytes=0&cid=2173dfc4babc7c93&ts=1055&x=0"
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=271251

157.90.84.242

204 No Content

0 B

URL OPTIONS
fp.metricswpsh.com/fp?tag_id=271251
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=271251 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://manhuaplus.org/
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 19 Apr 2025 06:29:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://manhuaplus.org
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

manhuaplus.org/themes/style.css?v=2024.04.20#liliana-B600FF

104.21.80.1

200 OK

95 kB

URL GET
manhuaplus.org/themes/style.css?v=2024.04.20#liliana-B600FF
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
95 kB (94667 bytes)
Hash
eda82ca84e3b132119cc79f5562c3adb
95c7cfb5c7fbd273bbfc25f20d865dca438c7412
0749716516126ef2e2b29a1f1876846086ce50e424b7fd79fcf441c665ee282f

HTTP Headers

GET /themes/style.css?v=2024.04.20 HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: text/css
content-length: 22694
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0PPAzVrr2tn%2FZ0kqAt%2FyJh3T8wAvtO3lPEg8obUpEQCJiAi7Rdt%2BbWDkeEBdBnHP1UQ4VYUrhyXppn5dnEnBWc8Dyl1NjW9Jx2O9xzTG7j3Ln%2Be64454CBLRNVout6dVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Fri, 15 Mar 2024 04:37:51 GMT
etag: "171cb-613ab9217d6f2-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 176
accept-ranges: bytes
cf-ray: 932a595aee5656ab-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3304&min_rtt=699&rtt_var=1549&sent=97&recv=130&lost=0&retrans=0&sent_bytes=9659&recv_bytes=8366&delivery_rate=2299&cwnd=12000&unsent_bytes=0&cid=ffd55de715677b03&ts=739&x=16"

manhuaplus.org/themes/liliana/js/script.js?v=2024.04.20

104.21.80.1

200 OK

25 kB

URL GET
manhuaplus.org/themes/liliana/js/script.js?v=2024.04.20
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
25 kB (25072 bytes)
Hash
ac4d22304a74d3b22adf003b7c71d600
18e64d43d17ce4b429d68b6f7b165c1fb25ce09a
2160de3a5b7dc3ba61011ae20831f8c44a289dae2f0bd00b0a272dfe1a7ff578

HTTP Headers

GET /themes/liliana/js/script.js?v=2024.04.20 HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: application/javascript
content-length: 4888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7nEA0JQqhJMkRrCkmJbD20%2BPjteCvW071zGvsV1Y4km3U8aVS%2BYe%2FGStIkFQsDlwNSwk7oGvLeUV%2BqKcT6tg%2FCb9ivT5VJcNhwEKBOt%2BywOfeAs%2F7%2F0I3UI%2FlP1VCxQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Thu, 03 Aug 2023 06:55:42 GMT
etag: "61f0-601ff44c03780-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 176
accept-ranges: bytes
cf-ray: 932a595b4e6056ab-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3025&min_rtt=699&rtt_var=1874&sent=208&recv=139&lost=0&retrans=0&sent_bytes=136495&recv_bytes=9572&delivery_rate=13544622&cwnd=96000&unsent_bytes=0&cid=ffd55de715677b03&ts=798&x=16"

js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

124 kB

URL GET
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint42:82:44:60:F9:6D:D5:BE:76:80:22:44:BF:2E:DD:30:5B:4E:BE:BB
ValidityThu, 06 Mar 2025 02:34:16 GMT - Wed, 04 Jun 2025 02:34:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
124 kB (124274 bytes)
Hash
d4509232ee9a95dc5431a18b2069468d
b0e22da458b657fbe8caa54b0124a64698bdf36b
fb472b8299627873a3a0d4a9c26703190f8346ba23e173b00fef456d1b7ff8a7

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:44 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 18 Apr 2025 08:26:59 GMT
etag: W/"68020cd3-1e572"
content-encoding: gzip
expires: Sat, 19 Apr 2025 06:34:44 GMT
cache-control: max-age=300
x-cdn-host-id: ah1747
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

3b1d253452.8ea1272194.com/in/multy

167.235.163.216

204 No Content

0 B

URL OPTIONS
3b1d253452.8ea1272194.com/in/multy
IP
167.235.163.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subject8ea1272194.com
FingerprintB5:CC:6B:F7:ED:20:9E:CC:AD:96:5A:F4:6C:09:4D:1E:E3:EA:5F:A7
ValidityTue, 15 Apr 2025 14:04:02 GMT - Mon, 14 Jul 2025 14:04:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: 3b1d253452.8ea1272194.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://manhuaplus.org/
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Sat, 19 Apr 2025 06:29:47 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVus52TqMJ9d2esa6fE8A4o3HBxQEi6IOpA3zR2U6Z0FN9IG3ysnL12qmKNbKJM7S482Jlu6

64.233.164.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVus52TqMJ9d2esa6fE8A4o3HBxQEi6IOpA3zR2U6Z0FN9IG3ysnL12qmKNbKJM7S482Jlu6
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint67:52:2F:AB:93:DE:39:DA:94:50:11:AE:8B:37:CB:88:8F:DC:56:7D
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVus52TqMJ9d2esa6fE8A4o3HBxQEi6IOpA3zR2U6Z0FN9IG3ysnL12qmKNbKJM7S482Jlu6 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2HyIkYbunxNV2jjHB5mCmELheHeFnw:l8CsyOlfa8o5kpLc;Path=/;Expires=Mon, 19-Apr-2027 06:29:47 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Apr 2025 06:29:47 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuNAgznvVcJiqFGxH7HxZhtFJ2jrMOts7faTeTYG56sqvCZAyN9P1LmFM3qVc_1G0Oz06CnWg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-600571462%3A1745044187628428
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ko2yEWX0Q8T-OEU4QI9QIQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 417
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint46:49:C4:E5:B9:C8:3E:19:BB:32:C2:7C:3D:22:F3:C4:80:2D:EB:DE
ValidityMon, 31 Mar 2025 02:32:21 GMT - Sun, 29 Jun 2025 02:32:20 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:48 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-42a"
expires: Sun, 19 Apr 2026 06:29:48 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

manhuaplus.org/uploads/images/logo.png

104.21.80.1

200 OK

4.0 kB

URL GET
manhuaplus.org/uploads/images/logo.png
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
PNG image data, 350 x 71, 8-bit/color RGBA, non-interlaced
Size
4.0 kB (3981 bytes)
Hash
83d35806bbfc996eb2b7231131902033
f7e349ac462d45f83ba9d6c0c9588c1f903faaa8
df1ffb84c7505e4a8feda2043b15dc45c8d75903004d53d6baa37c072c2873c5

HTTP Headers

GET /uploads/images/logo.png HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: image/png
content-length: 3981
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fz0vwUtvBYVnGEyPsR1dPMbo81ipXQ6%2F4MWlHiD%2FskvFftkO90O8CneTi5pNJcammZAC2E1aMRQP%2FNy5HapJwGJBjp7uLh%2BK3KkF33k6JxLxrERUaW0HZU2qcnHFwgHkUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Sun, 09 Jul 2023 07:34:27 GMT
etag: "f8d-60008e54c86c0"
cf-cache-status: HIT
age: 442
accept-ranges: bytes
cf-ray: 932a595b3e5d56ab-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3025&min_rtt=699&rtt_var=1874&sent=204&recv=139&lost=0&retrans=0&sent_bytes=131770&recv_bytes=9572&delivery_rate=13544622&cwnd=96000&unsent_bytes=0&cid=ffd55de715677b03&ts=787&x=16"

js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

1.7 kB

URL GET
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint42:82:44:60:F9:6D:D5:BE:76:80:22:44:BF:2E:DD:30:5B:4E:BE:BB
ValidityThu, 06 Mar 2025 02:34:16 GMT - Wed, 04 Jun 2025 02:34:15 GMT

File type
JavaScript source, ASCII text, with very long lines (1735), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
1e936cad37e18ba5bc2f07acd57447d6
f55969248208bb6871e28b9478761ffb25207c35
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:44 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 18 Apr 2025 08:26:54 GMT
etag: W/"68020cce-6c7"
content-encoding: gzip
expires: Sat, 19 Apr 2025 06:34:44 GMT
cache-control: max-age=300
x-cdn-host-id: ah1747
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=271251

157.90.84.242

200 OK

58 B

URL POST
fp.metricswpsh.com/fp?tag_id=271251
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type
JSON text data
Size
58 B (58 bytes)
Hash
84601fdbdfeb51f157864ad487c573b1
bdef834f633a8708f5dc6c2d9535f779477d0494
c9681872b7400de7e2bba48d2c9d6af27ab32218fde6f977b7ed9b36842732ed

HTTP Headers

POST /fp?tag_id=271251 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1979
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 19 Apr 2025 06:29:46 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://manhuaplus.org
Set-Cookie: id=12654501600527495262; Expires=Sun, 19 Apr 2026 06:29:46 GMT; Secure; SameSite=None
Vary: Origin

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.164.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint52:D3:F7:7E:94:6F:70:55:50:A6:EA:38:4B:15:DF:91:54:96:59:82
ValidityMon, 31 Mar 2025 08:56:30 GMT - Mon, 23 Jun 2025 08:56:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:yaScLOAaQJN1zJbOrQpdm__Cnpry_A:kPXUYzIvUUsn-uq2; Expires=Mon, 19-Apr-2027 06:29:47 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Apr 2025 06:29:47 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVus52TqMJ9d2esa6fE8A4o3HBxQEi6IOpA3zR2U6Z0FN9IG3ysnL12qmKNbKJM7S482Jlu6
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Sx140m6y9uRmuRz9TeCryw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuNAgznvVcJiqFGxH7HxZhtFJ2jrMOts7faTeTYG56sqvCZAyN9P1LmFM3qVc_1G0Oz06CnWg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-600571462%3A1745044187628428

64.233.164.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuNAgznvVcJiqFGxH7HxZhtFJ2jrMOts7faTeTYG56sqvCZAyN9P1LmFM3qVc_1G0Oz06CnWg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-600571462%3A1745044187628428
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint67:52:2F:AB:93:DE:39:DA:94:50:11:AE:8B:37:CB:88:8F:DC:56:7D
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuNAgznvVcJiqFGxH7HxZhtFJ2jrMOts7faTeTYG56sqvCZAyN9P1LmFM3qVc_1G0Oz06CnWg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-600571462%3A1745044187628428 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Apr 2025 06:29:47 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-U8D8Dio8yZcXAIvx2OmMaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.SSoDLz2c_r4.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

imp9.pubadx.one/rec?f=32158&fv=12&g=NO&p=266&t=1&tbg=1745044183&token=5a1055581c&uuid=cb153cea88e84011869726cf1a3986ac&z=8136

172.67.75.108

200 OK

0 B

URL GET
imp9.pubadx.one/rec?f=32158&fv=12&g=NO&p=266&t=1&tbg=1745044183&token=5a1055581c&uuid=cb153cea88e84011869726cf1a3986ac&z=8136
IP
172.67.75.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubadx.one
Fingerprint7E:4A:FD:F3:BF:73:B7:D1:0C:F4:A9:56:BA:F2:39:7E:6C:A4:DF:41
ValidityWed, 05 Mar 2025 07:32:12 GMT - Tue, 03 Jun 2025 08:29:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rec?f=32158&fv=12&g=NO&p=266&t=1&tbg=1745044183&token=5a1055581c&uuid=cb153cea88e84011869726cf1a3986ac&z=8136 HTTP/1.1
Host: imp9.pubadx.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:44 GMT
content-length: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmBxNECSiU%2FodOC1eiXeZ6dXZpZcfsEGbEw6A8LNpydSNDeyWRDHhPP824TVi%2F9GIMIbgkRVCqCEMnS18triuUAGR4%2FRESACwTplJIlbBBAN%2FijvK%2Bf%2FNfMb1F7v17PpDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a5967883eb4ee-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2394&min_rtt=409&rtt_var=2470&sent=29&recv=27&lost=0&retrans=2&sent_bytes=13640&recv_bytes=1946&delivery_rate=7651254&cwnd=253&unsent_bytes=0&cid=2173dfc4babc7c93&ts=2041&x=0"
X-Firefox-Spdy: h2

sync.pubfuture-ad.com/visitor

104.26.5.231

204 No Content

0 B

URL OPTIONS
sync.pubfuture-ad.com/visitor
IP
104.26.5.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubfuture-ad.com
FingerprintF2:22:2D:89:D0:A2:5F:D5:08:8D:A0:AF:46:D9:67:B9:A4:A5:CC:32
ValiditySun, 23 Feb 2025 13:30:06 GMT - Sat, 24 May 2025 14:29:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /visitor HTTP/1.1
Host: sync.pubfuture-ad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://manhuaplus.org/
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 19 Apr 2025 06:29:44 GMT
x-powered-by: Express
access-control-allow-origin: https://manhuaplus.org
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,DELETE,PUT,PATCH
access-control-allow-headers: content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dh%2BbK2J0NWdcJZRNcZ5wr5BW%2BaBcAmFczVkSXTTUiuwObw1F8lg67wpVO7dwQ%2B7FMLAOzVtm%2FQLHoZAh7x31GgDS9ly%2FHr3Z6sWR%2FgQJvVJf09wbaJYaLAxN%2BgF7fSk9a7jC8mR0hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a596b1eb5b4fd-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1518&min_rtt=450&rtt_var=1799&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4128&recv_bytes=1384&delivery_rate=7180165&cwnd=243&unsent_bytes=0&cid=2a836d39ada97db3&ts=694&x=0"
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=0&event_id=3781ca69-6765-498e-9c8d-b5d376d00672&subid=1034570077&sid=3111777303&spot_id=1429901&created_at=2025-04-19&timezone=0&ver=8.223.0&is_native=1

116.202.249.56

200 OK

0 B

URL GET
nereserv.com/in/dip?site=native-push&wl=0&event_id=3781ca69-6765-498e-9c8d-b5d376d00672&subid=1034570077&sid=3111777303&spot_id=1429901&created_at=2025-04-19&timezone=0&ver=8.223.0&is_native=1
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=0&event_id=3781ca69-6765-498e-9c8d-b5d376d00672&subid=1034570077&sid=3111777303&spot_id=1429901&created_at=2025-04-19&timezone=0&ver=8.223.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 19 Apr 2025 06:29:47 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

3b1d253452.8ea1272194.com/in/show/?tag_ab=c&site_id=311429901&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fmanhuaplus.org%2F404&refdom=manhuaplus.org&auction_time=1745044187&subid=1034570077&sid=3111777303&tcid=0&ver=8.223.0&ver_c=&spot_id=1429901&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-04-19&iabcat=IAB9-11&keywords=hentai&user_fp=18266474861639946051&score=88.59107985480756&kubik_score=88.66443852050863&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1034570077%26spot_id%3D1429901%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fmanhuaplus.org%252F404%26idzone%3D0%26sid%3D1552&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=http%3A%2F%2Fxml-v4.dkswshap-2.online%2Fclick%3Fi%3DcljTnYP%2ACEE_0%26p%3D1745044187.364242&icons=NnZDinAXgLsBakteSdYjlI1uk_2HdgG3WVtCDqw3diJHdgxatq55aRhzOnzd_MqElADFlNHxSCg4WcpdijmxrRMVb86ndEyNKDCtJeIyqeY2tXRiZ76rY-hjQPlQS4VuI_d1P7wDCya1buCK2QE84RTz0s06nkbsm176c7cXjtUpHJGYLg&ext_cid=0&px_id=531429901&min_cpm=0.0011870126166549097&out_id=0&campaign_type=lq-pop&aid=178&cid=12030&uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee&mid=4307820657689783958&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02718872394210833&cpm=0.04655603483168157&verify_hash=5e705d35f7941638ed9c7d3d28196cf7&verify_hash_v2=7c70bbdb708b4ea1b532d395e358b2e7af35716cce3663cb903b4ac19eb8b938&is_native=2&real_bid=0.0003270399951934808&original_bid_usd=0.00056&original_bid=0.00056&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,89,27,150,20,108,0&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1745130587&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.00056&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005599999999999999&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&st=0.06&cpa=b50bc0ce-d28e-497b-b115-eb411d5190cd&prev_step_diff=1604

167.235.163.216

200 OK

0 B

URL GET
3b1d253452.8ea1272194.com/in/show/?tag_ab=c&site_id=311429901&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fmanhuaplus.org%2F404&refdom=manhuaplus.org&auction_time=1745044187&subid=1034570077&sid=3111777303&tcid=0&ver=8.223.0&ver_c=&spot_id=1429901&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-04-19&iabcat=IAB9-11&keywords=hentai&user_fp=18266474861639946051&score=88.59107985480756&kubik_score=88.66443852050863&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1034570077%26spot_id%3D1429901%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fmanhuaplus.org%252F404%26idzone%3D0%26sid%3D1552&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=http%3A%2F%2Fxml-v4.dkswshap-2.online%2Fclick%3Fi%3DcljTnYP%2ACEE_0%26p%3D1745044187.364242&icons=NnZDinAXgLsBakteSdYjlI1uk_2HdgG3WVtCDqw3diJHdgxatq55aRhzOnzd_MqElADFlNHxSCg4WcpdijmxrRMVb86ndEyNKDCtJeIyqeY2tXRiZ76rY-hjQPlQS4VuI_d1P7wDCya1buCK2QE84RTz0s06nkbsm176c7cXjtUpHJGYLg&ext_cid=0&px_id=531429901&min_cpm=0.0011870126166549097&out_id=0&campaign_type=lq-pop&aid=178&cid=12030&uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee&mid=4307820657689783958&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02718872394210833&cpm=0.04655603483168157&verify_hash=5e705d35f7941638ed9c7d3d28196cf7&verify_hash_v2=7c70bbdb708b4ea1b532d395e358b2e7af35716cce3663cb903b4ac19eb8b938&is_native=2&real_bid=0.0003270399951934808&original_bid_usd=0.00056&original_bid=0.00056&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,89,27,150,20,108,0&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1745130587&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.00056&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005599999999999999&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&st=0.06&cpa=b50bc0ce-d28e-497b-b115-eb411d5190cd&prev_step_diff=1604
IP
167.235.163.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subject8ea1272194.com
FingerprintB5:CC:6B:F7:ED:20:9E:CC:AD:96:5A:F4:6C:09:4D:1E:E3:EA:5F:A7
ValidityTue, 15 Apr 2025 14:04:02 GMT - Mon, 14 Jul 2025 14:04:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/show/?tag_ab=c&site_id=311429901&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fmanhuaplus.org%2F404&refdom=manhuaplus.org&auction_time=1745044187&subid=1034570077&sid=3111777303&tcid=0&ver=8.223.0&ver_c=&spot_id=1429901&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-04-19&iabcat=IAB9-11&keywords=hentai&user_fp=18266474861639946051&score=88.59107985480756&kubik_score=88.66443852050863&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1034570077%26spot_id%3D1429901%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fmanhuaplus.org%252F404%26idzone%3D0%26sid%3D1552&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=http%3A%2F%2Fxml-v4.dkswshap-2.online%2Fclick%3Fi%3DcljTnYP%2ACEE_0%26p%3D1745044187.364242&icons=NnZDinAXgLsBakteSdYjlI1uk_2HdgG3WVtCDqw3diJHdgxatq55aRhzOnzd_MqElADFlNHxSCg4WcpdijmxrRMVb86ndEyNKDCtJeIyqeY2tXRiZ76rY-hjQPlQS4VuI_d1P7wDCya1buCK2QE84RTz0s06nkbsm176c7cXjtUpHJGYLg&ext_cid=0&px_id=531429901&min_cpm=0.0011870126166549097&out_id=0&campaign_type=lq-pop&aid=178&cid=12030&uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee&mid=4307820657689783958&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02718872394210833&cpm=0.04655603483168157&verify_hash=5e705d35f7941638ed9c7d3d28196cf7&verify_hash_v2=7c70bbdb708b4ea1b532d395e358b2e7af35716cce3663cb903b4ac19eb8b938&is_native=2&real_bid=0.0003270399951934808&original_bid_usd=0.00056&original_bid=0.00056&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,89,27,150,20,108,0&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1745130587&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.00056&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005599999999999999&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&st=0.06&cpa=b50bc0ce-d28e-497b-b115-eb411d5190cd&prev_step_diff=1604 HTTP/1.1
Host: 3b1d253452.8ea1272194.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 19 Apr 2025 06:29:48 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

manhuaplus.org/themes/liliana/js/all.js

104.21.80.1

200 OK

298 kB

URL GET
manhuaplus.org/themes/liliana/js/all.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65335), with CRLF line terminators
Size
298 kB (298045 bytes)
Hash
c3962f62eb84890b20e159a0c885e99b
1b3a724b2d340f885872a455e66d051d0c640719
fa51f27848fa2f9dda1421d3c3ddb693547e976a3f36ab62a466219b98a7066e

HTTP Headers

GET /themes/liliana/js/all.js HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tfmFZV%2BunKwjQu1VSVAM383GSaJojQ92Txd0TqBI%2BwCPsg4BIDIIlhJFCDL9k1CQep%2BP9FsuGOr7iwo%2BEBGc4xb0X81b1%2B6dJLkrnpt9M1OrVvEytWRjK5w8SvK169J9Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Fri, 30 Jun 2023 07:08:38 GMT
etag: "48c3d-5ff537c664980-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 176
cf-ray: 932a595aee5856ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3311&min_rtt=699&rtt_var=2327&sent=120&recv=133&lost=0&retrans=0&sent_bytes=34804&recv_bytes=8500&delivery_rate=4735360&cwnd=24000&unsent_bytes=0&cid=ffd55de715677b03&ts=744&x=16"

manhuaplus.org/themes/liliana/images/404.png

104.21.80.1

200 OK

69 kB

URL GET
manhuaplus.org/themes/liliana/images/404.png
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
PNG image data, 800 x 500, 8-bit colormap, non-interlaced
Size
69 kB (68858 bytes)
Hash
da533d881c51b97db7bbedab88ec56b2
6faeb5863d77f1f9fb2d82974b95ade41ace66f1
810eaa86d7344ad8dbb8eaf035103bcd95d3032d3e630913d4e3faee6af22976

HTTP Headers

GET /themes/liliana/images/404.png HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: image/png
content-length: 68858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rle%2Bt9nLUmKifbabS%2FI4mqFgoOZp9uG095NJcahC9wYH7SrLgnPT7HtX9w3eBCxDIbX5kDxAezbTypd9CTQaFHOCWmuHNPlc3NInS2sTxi%2FJaoOThvY5uc087k%2FQASz4wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Mon, 29 Aug 2022 05:23:46 GMT
etag: "10cfa-5e75a77c49c80"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 932a595b3e5f56ab-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3536&min_rtt=699&rtt_var=2750&sent=213&recv=141&lost=0&retrans=0&sent_bytes=142163&recv_bytes=9664&delivery_rate=362234&cwnd=96000&unsent_bytes=0&cid=ffd55de715677b03&ts=974&x=16"

www.googletagmanager.com/gtag/js?id=G-619V0BMX1W

142.250.178.40

200 OK

339 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-619V0BMX1W
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintB7:82:F3:C7:93:B0:60:B0:83:49:F8:74:0D:49:78:23:65:0B:37:01
ValidityMon, 31 Mar 2025 08:54:29 GMT - Mon, 23 Jun 2025 08:54:28 GMT

File type
JavaScript source, ASCII text, with very long lines (6129)
Size
339 kB (338634 bytes)
Hash
f52b0d77f5bf6f6e80a99a5a8bacd93c
9f1369450dd02a29122734582f1032828ac40636
85057082761d3955600391d309490e253761adae3fe1ac57b36f7aadb091e3d2

HTTP Headers

GET /gtag/js?id=G-619V0BMX1W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Apr 2025 06:29:42 GMT
expires: Sat, 19 Apr 2025 06:29:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1055:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1055:0
report-to: {"group":"ascgcycc:1055:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1055:0"}],}
server: Google Tag Manager
content-length: 116188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

platform.pubadx.one/async-v2.json?zoneid=8136&wu=https://manhuaplus.org/404

172.67.75.108

200 OK

865 B

URL GET
platform.pubadx.one/async-v2.json?zoneid=8136&wu=https://manhuaplus.org/404
IP
172.67.75.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubadx.one
Fingerprint7E:4A:FD:F3:BF:73:B7:D1:0C:F4:A9:56:BA:F2:39:7E:6C:A4:DF:41
ValidityWed, 05 Mar 2025 07:32:12 GMT - Tue, 03 Jun 2025 08:29:23 GMT

File type
JSON text data
Size
865 B (865 bytes)
Hash
45f18f5da53e31d34d188206f6b373c0
2c70fb2f40bffb9dc349ddf34d2f377ed9f7c028
7823c6fd2d14af56c0bd8bf8194a9c3918c9cf5174d7b343a4bff3fa7a2860f6

HTTP Headers

GET /async-v2.json?zoneid=8136&wu=https://manhuaplus.org/404 HTTP/1.1
Host: platform.pubadx.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://manhuaplus.org/
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:43 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZYABjjz%2Fl5STKU8mxm5hH6hGx7oA19InoA5pbRySNeHcwny8A15mGdHUgCmIIWnEo1nyrTD45yjR%2Bqh2Pxy70YyL9aKZzFKqO0N9syit5AfULLXxaAPkBDweFKw91VYG6G2kj6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a595fccafb4ee-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1862&min_rtt=409&rtt_var=2349&sent=16&recv=21&lost=0&retrans=1&sent_bytes=9006&recv_bytes=1530&delivery_rate=7651254&cwnd=253&unsent_bytes=0&cid=2173dfc4babc7c93&ts=816&x=0"
X-Firefox-Spdy: h2

platform.pubadx.one/pubadx-ad.js

172.67.75.108

200 OK

6.9 kB

URL GET
platform.pubadx.one/pubadx-ad.js
IP
172.67.75.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubadx.one
Fingerprint7E:4A:FD:F3:BF:73:B7:D1:0C:F4:A9:56:BA:F2:39:7E:6C:A4:DF:41
ValidityWed, 05 Mar 2025 07:32:12 GMT - Tue, 03 Jun 2025 08:29:23 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
6.9 kB (6876 bytes)
Hash
285ed9e4cd5b80ff91cf9424392aeaf4
be707969ce2ac075d21e7dd8d96b6274900790a1
906466486f0915c3eea680bc6f2003e028ca8039297e5a1824c899f974664720

HTTP Headers

GET /pubadx-ad.js HTTP/1.1
Host: platform.pubadx.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 04:00:46 GMT
vary: Accept-Encoding
etag: W/"673abbee-1adc"
expires: Tue, 06 May 2025 08:41:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 778765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6Le9LycwbicoIMUH%2B8%2B%2FLpDid1mHyvVSNxU2X3TtD8A0582Lf1OaV%2FJSmM5rDBI9jLq0F91PHFVntDIAb8yNGrRdoEKDgMbUr3IA1bU%2B6Df9n1BavyGeIHbQQyRsau5UmQzeA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a595f9c63b4ee-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2737&min_rtt=409&rtt_var=3838&sent=11&recv=15&lost=0&retrans=1&sent_bytes=6564&recv_bytes=1278&delivery_rate=7098039&cwnd=253&unsent_bytes=0&cid=2173dfc4babc7c93&ts=659&x=0"
X-Firefox-Spdy: h2

manhuaplus.org/themes/liliana/webfonts/Font-Alone.ttf?wwies8

104.21.80.1

200 OK

11 kB

URL GET
manhuaplus.org/themes/liliana/webfonts/Font-Alone.ttf?wwies8
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Font-Alone
Size
11 kB (10748 bytes)
Hash
9b61778d98edc624e8136a326c33891a
1f64614a1951c9c7ed7825b522ed7113927fc82d
12c1e7351fe26d4ce0250ef0a600b9bdc70cb1ce19a4acb7415bb11747c1b938

HTTP Headers

GET /themes/liliana/webfonts/Font-Alone.ttf?wwies8 HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/themes/liliana/css/font-alone.min.css?v=2024.04.20
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: font/ttf
content-length: 5890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kw8A68OsZ6WGh9Fo%2FAK0LS1FK%2BKU%2FMNbD0q27NLsFjxPUs12rj%2BO2n43WLMhGZ25c%2F%2BNW5vbfehuiWeIIw9ghG5NxaNA4fwY%2FwpZTr8b2qu35XooRy4C1ZEYwYkEh231Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Tue, 18 Jul 2023 06:43:40 GMT
etag: "29fc-600bd3c415f00-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 176
accept-ranges: bytes
cf-ray: 932a595e6ee556ab-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3563&min_rtt=699&rtt_var=2116&sent=274&recv=143&lost=0&retrans=0&sent_bytes=213402&recv_bytes=10103&delivery_rate=10177678&cwnd=96000&unsent_bytes=0&cid=ffd55de715677b03&ts=1306&x=16"

manhuaplus.org/manga/the-knight-who-only-lives-today/chapter-35&ved=2ahUKEwiYuNylseOMAxU1JDQIHQ9CFMMQFnoECBgQAQ/404/404

104.21.80.1

302 Found

52 kB

URL User Request GET
manhuaplus.org/manga/the-knight-who-only-lives-today/chapter-35&ved=2ahUKEwiYuNylseOMAxU1JDQIHQ9CFMMQFnoECBgQAQ/404/404
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type

Size
52 kB (51861 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /manga/the-knight-who-only-lives-today/chapter-35&ved=2ahUKEwiYuNylseOMAxU1JDQIHQ9CFMMQFnoECBgQAQ/404/404 HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 19 Apr 2025 06:29:41 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-served-by: manhuaplus.org
location: /404
cf-cache-status: BYPASS
set-cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq; Path=/
cf-ray: 932a59555d2e56af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sync.pubfuture-ad.com/visitor

104.26.5.231

200 OK

2 B

URL POST
sync.pubfuture-ad.com/visitor
IP
104.26.5.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubfuture-ad.com
FingerprintF2:22:2D:89:D0:A2:5F:D5:08:8D:A0:AF:46:D9:67:B9:A4:A5:CC:32
ValiditySun, 23 Feb 2025 13:30:06 GMT - Sat, 24 May 2025 14:29:42 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /visitor HTTP/1.1
Host: sync.pubfuture-ad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://manhuaplus.org/
Content-Type: application/json
Content-Length: 291
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:45 GMT
content-type: text/plain; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: https://manhuaplus.org
vary: Origin
access-control-allow-credentials: true
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2LUaWlVY4GU6zsAfiUU%2BfYuXDyYUtR2A%2FWoFadzVUpBpLSRZDdgQMYnlkL93MhiAIT0fBcdqOqZTTeeHbi0M8VtzIVr9LE0JsF4qL3fqxVEIzSUXIngui9AAaKznHiGB5tpn8qYGyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a596c1813b4fd-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=4876&min_rtt=450&rtt_var=8066&sent=14&recv=15&lost=0&retrans=0&sent_bytes=4731&recv_bytes=1796&delivery_rate=7180165&cwnd=243&unsent_bytes=0&cid=2a836d39ada97db3&ts=846&x=0"
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.53

200 OK

0 B

URL GET
js.capndr.com/advertising.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint36:80:C9:74:A8:03:5E:A6:42:15:13:F1:12:1D:CE:69:66:FD:BF:09
ValidityWed, 16 Apr 2025 02:32:06 GMT - Tue, 15 Jul 2025 02:32:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 19 Apr 2025 06:34:45 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

3b1d253452.8ea1272194.com/in/multy

167.235.163.216

200 OK

39 kB

URL POST
3b1d253452.8ea1272194.com/in/multy
IP
167.235.163.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subject8ea1272194.com
FingerprintB5:CC:6B:F7:ED:20:9E:CC:AD:96:5A:F4:6C:09:4D:1E:E3:EA:5F:A7
ValidityTue, 15 Apr 2025 14:04:02 GMT - Mon, 14 Jul 2025 14:04:01 GMT

File type
JSON text data
Size
39 kB (38934 bytes)
Hash
28d14e5e30c8806c081feea4f786c5e3
92779dfcae876f4d3ebf37e3c366c401c4be0a4f
aa1087361ddd23ae475d4bef298a3972edd43e509bee4565bb7bf599939d590b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /in/multy HTTP/1.1
Host: 3b1d253452.8ea1272194.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2041
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 19 Apr 2025 06:29:48 GMT
content-type: application/json
content-length: 3180
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

platform.pubadx.one/pubadx-ad.js

172.67.75.108

200 OK

6.9 kB

URL GET
platform.pubadx.one/pubadx-ad.js
IP
172.67.75.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubadx.one
Fingerprint7E:4A:FD:F3:BF:73:B7:D1:0C:F4:A9:56:BA:F2:39:7E:6C:A4:DF:41
ValidityWed, 05 Mar 2025 07:32:12 GMT - Tue, 03 Jun 2025 08:29:23 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
6.9 kB (6876 bytes)
Hash
285ed9e4cd5b80ff91cf9424392aeaf4
be707969ce2ac075d21e7dd8d96b6274900790a1
906466486f0915c3eea680bc6f2003e028ca8039297e5a1824c899f974664720

HTTP Headers

GET /pubadx-ad.js HTTP/1.1
Host: platform.pubadx.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 04:00:46 GMT
vary: Accept-Encoding
etag: W/"673abbee-1adc"
expires: Tue, 06 May 2025 08:41:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 778765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIMFtYnQ0KFQfM7uKf59wklp%2FyA%2Bsym1Fleq8EgEaeH%2FGL7TgpcnPMwNbnPVYrERfRQKTce61PUUolxVUoLIiF0wawBYpfyfsDKoRDzilfWHXZlKUEEtCsJnecyF2ojkvIWmB%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a595c0f11b4ee-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=486&min_rtt=409&rtt_var=153&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3267&recv_bytes=1202&delivery_rate=7098039&cwnd=249&unsent_bytes=0&cid=2173dfc4babc7c93&ts=89&x=0"
X-Firefox-Spdy: h2

manhuaplus.org/themes/liliana/css/ad.css?v=2024.04.20

104.21.80.1

200 OK

1.6 kB

URL GET
manhuaplus.org/themes/liliana/css/ad.css?v=2024.04.20
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
ASCII text, with CRLF line terminators
Size
1.6 kB (1596 bytes)
Hash
2921d9a1c68b338b18de8eef72748f85
39309b4cd7a52e5a4b4dbd9b5ede3c6f6e5e071f
d6a07a4ba9a7c997c3219294c7fdb4ca0e89720d04cb10d9f39d2f67b829c7ad

HTTP Headers

GET /themes/liliana/css/ad.css?v=2024.04.20 HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: text/css
content-length: 545
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCbtdlLLYNCn8KFBd4%2Bxj1m188iQrirf2p4Au9rQfjE6xJxgKQU%2FsDXRYbftqb%2BeIfP3d8WTG1ePdv3IINWFe4av4orcEilZi%2Fzg8HoFKDq4KDelq3PtYH1miH00yLrqAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Wed, 19 Jul 2023 07:13:52 GMT
etag: "63c-600d1c619ac00-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 110
accept-ranges: bytes
cf-ray: 932a595aee5756ab-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3892&min_rtt=699&rtt_var=2339&sent=108&recv=131&lost=0&retrans=0&sent_bytes=21659&recv_bytes=8411&delivery_rate=61949&cwnd=12000&unsent_bytes=0&cid=ffd55de715677b03&ts=741&x=16"

cdn.pubfuture-ad.com/v2/unit/pt.js

172.67.70.38

200 OK

357 kB

URL GET
cdn.pubfuture-ad.com/v2/unit/pt.js
IP
172.67.70.38:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubfuture-ad.com
FingerprintF2:22:2D:89:D0:A2:5F:D5:08:8D:A0:AF:46:D9:67:B9:A4:A5:CC:32
ValiditySun, 23 Feb 2025 13:30:06 GMT - Sat, 24 May 2025 14:29:42 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
357 kB (357192 bytes)
Hash
b3e6d46c237caae9e3d7fc7274cc5a77
38313028b9018fec762d4f9c68608ce8b2871b19
fab96f047f4f9ceb0afd0db00d47a2e7fe85ed9e9ff9183befc312146d0d6461

HTTP Headers

GET /v2/unit/pt.js HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
etag: W/"57348-ODEwKLkBj+x2LU+caGCM6LKHGxk"
vary: Accept-Encoding
cache-control: max-age=7200
cf-cache-status: HIT
age: 2147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvzvQ9pFhycVTw6ISA0z8DTGBzHYvCnwVQVYjcPzTdai%2Bx35rwGRO2JV74pTkWxVjSHSdY7gQbF5K2EaGrOjS%2Bs4ROh8YxjOC4FWW7QZThqbt%2B9EDdcXVr12RImSWk3%2FB6ASm39g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a595d7bb60b65-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=506&min_rtt=464&rtt_var=171&sent=6&recv=10&lost=0&retrans=0&sent_bytes=2925&recv_bytes=1072&delivery_rate=4335329&cwnd=252&unsent_bytes=0&cid=b52d6eb344a1839c&ts=333&x=0"
X-Firefox-Spdy: h2

manhuaplus.org/uploads/images/favicon.png

104.21.80.1

200 OK

4.9 kB

URL GET
manhuaplus.org/uploads/images/favicon.png
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3
Size
4.9 kB (4885 bytes)
Hash
3ee738e41caa2dd65dc93050193c57fa
5e0fa970eb703720d6b75494c0f00a0cf6e609f5
4a9e255a4ed012fcf85b18f732076fc796b0752be4f0d0b98e0e3aa09302ba60

HTTP Headers

GET /uploads/images/favicon.png HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:43 GMT
content-type: image/png
content-length: 4885
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LM4QLdLJHbc6z4gNKcztxUwkt1OcZiQJNwnZyyRFlC75kw2QMgW0YE3MvxJhp%2BvwyWCvwuMWfbeXwfcwNeViAJrn3D7hnPcU4VT8MB5kDkjnRvSBVb2xZ3L6tHnZcWrmLw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Sat, 05 Aug 2023 07:26:58 GMT
etag: "1315-60227f0407480"
cf-cache-status: HIT
age: 424
accept-ranges: bytes
cf-ray: 932a5961ef5756ab-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4229&min_rtt=699&rtt_var=2919&sent=281&recv=145&lost=0&retrans=0&sent_bytes=220131&recv_bytes=10468&delivery_rate=197045&cwnd=96000&unsent_bytes=0&cid=ffd55de715677b03&ts=1857&x=16"

imp9.pubadx.one/rec?f=29911&fv=8&g=NO&p=74&t=1&tbg=1745044183&token=5a1055581c&uuid=fe041a17398f4f1a9471f9503fd2ee8a&z=10321

172.67.75.108

200 OK

0 B

URL GET
imp9.pubadx.one/rec?f=29911&fv=8&g=NO&p=74&t=1&tbg=1745044183&token=5a1055581c&uuid=fe041a17398f4f1a9471f9503fd2ee8a&z=10321
IP
172.67.75.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubadx.one
Fingerprint7E:4A:FD:F3:BF:73:B7:D1:0C:F4:A9:56:BA:F2:39:7E:6C:A4:DF:41
ValidityWed, 05 Mar 2025 07:32:12 GMT - Tue, 03 Jun 2025 08:29:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rec?f=29911&fv=8&g=NO&p=74&t=1&tbg=1745044183&token=5a1055581c&uuid=fe041a17398f4f1a9471f9503fd2ee8a&z=10321 HTTP/1.1
Host: imp9.pubadx.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:44 GMT
content-length: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7btWrg22IRYPZX0MYN8kxT07pAzwZI2fo%2BYlyxBwRjTk%2FzsjUcIrWGEHGiPlqzvZXNdLiM7TxFPpK8VWtoDPvnDiPLWwnwjR5kQ2qiHv%2F%2Blc8ZROWQjBFQ9KhdKihVIlRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a5967883fb4ee-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2165&min_rtt=409&rtt_var=2311&sent=30&recv=28&lost=0&retrans=2&sent_bytes=14067&recv_bytes=1946&delivery_rate=7651254&cwnd=253&unsent_bytes=0&cid=2173dfc4babc7c93&ts=2154&x=0"
X-Firefox-Spdy: h2

na.nawpush.com/tags/271251?version_name=c&domain=manhuaplus.org

45.133.44.25

200 OK

1.6 kB

URL GET
na.nawpush.com/tags/271251?version_name=c&domain=manhuaplus.org
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint7A:F7:A6:E1:8B:BC:41:03:27:9E:00:97:D7:FE:3B:27:BA:1F:ED:00
ValiditySun, 23 Mar 2025 02:31:50 GMT - Sat, 21 Jun 2025 02:31:49 GMT

File type
JSON text data
Size
1.6 kB (1614 bytes)
Hash
02cfe62496273d52fc694169332fa098
8af08ba7675d847aee4d81217bef43c8fe686281
284acd28b36488b34d354c705dd352f697e0ffad5671d565b97303b61b31cdc3

HTTP Headers

GET /tags/271251?version_name=c&domain=manhuaplus.org HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:45 GMT
content-type: application/json
content-length: 1614
server: nginx/1.24.0
cache-control: max-age=300, public
x-cdn-host-id: ds5058
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

882 B

URL GET
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
Fingerprint06:BD:0F:48:57:1C:35:BE:41:B7:96:34:65:D2:77:57:83:82:8E:3B
ValidityThu, 06 Mar 2025 05:15:49 GMT - Wed, 04 Jun 2025 06:14:13 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
882 B (882 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:46 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-request-id: 17b7f0bf9663c43cef55dbc930fa9b6a
content-encoding: br
cf-ray: 932a5972ea455684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

manhuaplus.org/404

104.21.80.1

200 OK

52 kB

URL User Request GET
manhuaplus.org/404
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
HTML document, ASCII text, with very long lines (971), with CRLF, LF line terminators
Size
52 kB (51861 bytes)
Hash
c6cfcbe20c83972d6ea72bf14c69ba25
008872017ced2b2fe910d271b9b52a74d2056cce
dd818ca74f36147e13936848c8cab974466ce529563a6a2098c8217907b443c8

HTTP Headers

GET /404 HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:41 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-served-by: manhuaplus.org
vary: Accept-Encoding
cf-cache-status: HIT
age: 417
last-modified: Sat, 19 Apr 2025 06:22:44 GMT
content-encoding: br
cf-ray: 932a59567efb56af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp

45.133.44.24

200 OK

486 B

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint46:49:C4:E5:B9:C8:3E:19:BB:32:C2:7C:3D:22:F3:C4:80:2D:EB:DE
ValidityMon, 31 Mar 2025 02:32:21 GMT - Sun, 29 Jun 2025 02:32:20 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:48 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-1e6"
expires: Sun, 19 Apr 2026 06:29:48 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint46:49:C4:E5:B9:C8:3E:19:BB:32:C2:7C:3D:22:F3:C4:80:2D:EB:DE
ValidityMon, 31 Mar 2025 02:32:21 GMT - Sun, 29 Jun 2025 02:32:20 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:48 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-42a"
expires: Sun, 19 Apr 2026 06:29:48 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ip2geo.pubfuture-ad.com/detail

104.26.5.231

200 OK

33 B

URL GET
ip2geo.pubfuture-ad.com/detail
IP
104.26.5.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectpubfuture-ad.com
FingerprintF2:22:2D:89:D0:A2:5F:D5:08:8D:A0:AF:46:D9:67:B9:A4:A5:CC:32
ValiditySun, 23 Feb 2025 13:30:06 GMT - Sat, 24 May 2025 14:29:42 GMT

File type
JSON text data
Size
33 B (33 bytes)
Hash
007af5ffed017e37943df31888ef8666
2877ed4c460ba9164b3625e32502a9d83a2a1d4a
bfb9d45766b6f87ee2c5f55862cdffe168aa7df0ff6ed0917b0fbcb035fdcdd2

HTTP Headers

GET /detail HTTP/1.1
Host: ip2geo.pubfuture-ad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://manhuaplus.org/
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:44 GMT
content-type: application/json; charset=utf-8
content-length: 33
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"21-KHftTEYLqRZLNiXjJQKp2DoqHUo"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWUmZ%2BsyasLc7HLrwkAVGakQSR2xb%2F%2Fjktx%2FQlWB9PcqnEgZtmfxPCxQcMEe%2BOGFk4YjQcXLtxBqdsCAMvn6hCKfi7cB478%2FPihLzRaDlisnUdIR%2BXW3yNA6VmwWNnZrwN4s9BcqnyWT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 932a59687a7cb4fd-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1140&min_rtt=450&rtt_var=1391&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3000&recv_bytes=1226&delivery_rate=7180165&cwnd=240&unsent_bytes=0&cid=2a836d39ada97db3&ts=272&x=0"
X-Firefox-Spdy: h2

68a8b43f0d.ca06ef821c.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDIwMjY1ODM3MjU1Nzg1NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEzOC4zIiwidGFnX2lkIjoyNzEyNTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.52

200 OK

0 B

URL GET
68a8b43f0d.ca06ef821c.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDIwMjY1ODM3MjU1Nzg1NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEzOC4zIiwidGFnX2lkIjoyNzEyNTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subject68a8b43f0d.ca06ef821c.com
Fingerprint27:EB:FF:E2:49:74:52:E6:8A:DA:5D:B0:BF:6F:BD:35:CE:EF:C2:11
ValidityWed, 16 Apr 2025 02:48:04 GMT - Tue, 15 Jul 2025 02:48:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDIwMjY1ODM3MjU1Nzg1NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEzOC4zIiwidGFnX2lkIjoyNzEyNTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 68a8b43f0d.ca06ef821c.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manhuaplus.org
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:46 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
x-cdn-host-id: ah1742
X-Firefox-Spdy: h2

js.wpushsdk.com/npc/sdk/wpu/npush.m.js

45.133.44.52

200 OK

205 kB

URL GET
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
FingerprintBE:30:8F:A1:AC:8F:CF:E4:23:AB:39:31:C5:64:E7:54:84:A1:B5:5B
ValidityFri, 07 Mar 2025 02:34:06 GMT - Thu, 05 Jun 2025 02:34:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
205 kB (205337 bytes)
Hash
178a3740cb036c0d457ab49f569f52b5
f9c75b2af6980cd48949ce711dfd859add764d1a
fdd2518c37dac5f5dbd0128d53be09c5c1c5b814f77c5bf8232aa750e05a2a4a

HTTP Headers

GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:46 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 11 Apr 2025 15:53:15 GMT
etag: W/"67f93aeb-32219"
content-encoding: gzip
expires: Sat, 19 Apr 2025 06:34:46 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.wpushsdk.com/skins/nmain.m.js

45.133.44.52

200 OK

562 kB

URL GET
js.wpushsdk.com/skins/nmain.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
FingerprintBE:30:8F:A1:AC:8F:CF:E4:23:AB:39:31:C5:64:E7:54:84:A1:B5:5B
ValidityFri, 07 Mar 2025 02:34:06 GMT - Thu, 05 Jun 2025 02:34:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
562 kB (561781 bytes)
Hash
d8d8941c6f90411a61551c317ec00c21
1d8eb0b7dfff1b3c6dfecb96f858fc04c02cb456
14ffad4a95ab3e41ef6fe479cca4c09a20c8be3e53ddca1629fabab0d82069d9

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:46 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 11 Apr 2025 15:53:01 GMT
etag: W/"67f93add-89275"
content-encoding: gzip
expires: Sat, 19 Apr 2025 06:34:46 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp

45.133.44.24

200 OK

486 B

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint46:49:C4:E5:B9:C8:3E:19:BB:32:C2:7C:3D:22:F3:C4:80:2D:EB:DE
ValidityMon, 31 Mar 2025 02:32:21 GMT - Sun, 29 Jun 2025 02:32:20 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Apr 2025 06:29:48 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-1e6"
expires: Sun, 19 Apr 2026 06:29:48 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

3b1d253452.8ea1272194.com/in/show/?tag_ab=c&site_id=311429901&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fmanhuaplus.org%2F404&refdom=manhuaplus.org&auction_time=1745044187&subid=1034570077&sid=3111777303&tcid=0&ver=8.223.0&ver_c=&spot_id=1429901&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-04-19&iabcat=IAB9-11&keywords=hentai&user_fp=18266474861639946051&score=88.59107985480756&kubik_score=88.66443852050863&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1034570077%26spot_id%3D1429901%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fmanhuaplus.org%252F404%26idzone%3D0%26sid%3D1552&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=http%3A%2F%2Fxml-v4.dkswshap-2.online%2Fclick%3Fi%3DcljTnYP%2ACEE_0%26p%3D1745044187.364242&icons=XHp9NfixiD8ksliixs7SxpYW-wUKY8QFWu8YgtyHq_TKOua5nhaWvmlDSUnLoDPc9G1cQiQVYbVfJw4YZIjxxik3VtntWkMaYmKGOpY874NOWM-vN2DXNPRhTUjjgPVQhqfDfauax9ZeQkNRhMKNyEYmoA008MuMzhByaI2YvDIsgz8cJQ&ext_cid=0&px_id=531429901&min_cpm=0.002399876225180338&out_id=1&campaign_type=lq-pop&aid=178&cid=12030&uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee&mid=4307820657689783958&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05496956920772703&cpm=0.08119204380067918&verify_hash=2d400e69d0cf36896462d01ac0161c43&verify_hash_v2=33dc859a4a88138b7b0f2528a1a5e1770816c444a7b80f47fb7890edbfb0d1b1&is_native=2&real_bid=0.0003270399951934808&original_bid_usd=0.00056&original_bid=0.00056&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=89,83,150,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,coef_090&show_count=1&expiration_timestamp=1745130587&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.00056&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005599999999999999&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=1ffff19a-15a1-421b-b125-98d896374561&prev_step_diff=1604

167.235.163.216

200 OK

0 B

URL GET
3b1d253452.8ea1272194.com/in/show/?tag_ab=c&site_id=311429901&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fmanhuaplus.org%2F404&refdom=manhuaplus.org&auction_time=1745044187&subid=1034570077&sid=3111777303&tcid=0&ver=8.223.0&ver_c=&spot_id=1429901&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-04-19&iabcat=IAB9-11&keywords=hentai&user_fp=18266474861639946051&score=88.59107985480756&kubik_score=88.66443852050863&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1034570077%26spot_id%3D1429901%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fmanhuaplus.org%252F404%26idzone%3D0%26sid%3D1552&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=http%3A%2F%2Fxml-v4.dkswshap-2.online%2Fclick%3Fi%3DcljTnYP%2ACEE_0%26p%3D1745044187.364242&icons=XHp9NfixiD8ksliixs7SxpYW-wUKY8QFWu8YgtyHq_TKOua5nhaWvmlDSUnLoDPc9G1cQiQVYbVfJw4YZIjxxik3VtntWkMaYmKGOpY874NOWM-vN2DXNPRhTUjjgPVQhqfDfauax9ZeQkNRhMKNyEYmoA008MuMzhByaI2YvDIsgz8cJQ&ext_cid=0&px_id=531429901&min_cpm=0.002399876225180338&out_id=1&campaign_type=lq-pop&aid=178&cid=12030&uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee&mid=4307820657689783958&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05496956920772703&cpm=0.08119204380067918&verify_hash=2d400e69d0cf36896462d01ac0161c43&verify_hash_v2=33dc859a4a88138b7b0f2528a1a5e1770816c444a7b80f47fb7890edbfb0d1b1&is_native=2&real_bid=0.0003270399951934808&original_bid_usd=0.00056&original_bid=0.00056&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=89,83,150,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,coef_090&show_count=1&expiration_timestamp=1745130587&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.00056&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005599999999999999&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=1ffff19a-15a1-421b-b125-98d896374561&prev_step_diff=1604
IP
167.235.163.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://manhuaplus.org/404
Certificate
IssuerLet's Encrypt
Subject8ea1272194.com
FingerprintB5:CC:6B:F7:ED:20:9E:CC:AD:96:5A:F4:6C:09:4D:1E:E3:EA:5F:A7
ValidityTue, 15 Apr 2025 14:04:02 GMT - Mon, 14 Jul 2025 14:04:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/show/?tag_ab=c&site_id=311429901&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fmanhuaplus.org%2F404&refdom=manhuaplus.org&auction_time=1745044187&subid=1034570077&sid=3111777303&tcid=0&ver=8.223.0&ver_c=&spot_id=1429901&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-04-19&iabcat=IAB9-11&keywords=hentai&user_fp=18266474861639946051&score=88.59107985480756&kubik_score=88.66443852050863&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1034570077%26spot_id%3D1429901%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fmanhuaplus.org%252F404%26idzone%3D0%26sid%3D1552&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=http%3A%2F%2Fxml-v4.dkswshap-2.online%2Fclick%3Fi%3DcljTnYP%2ACEE_0%26p%3D1745044187.364242&icons=XHp9NfixiD8ksliixs7SxpYW-wUKY8QFWu8YgtyHq_TKOua5nhaWvmlDSUnLoDPc9G1cQiQVYbVfJw4YZIjxxik3VtntWkMaYmKGOpY874NOWM-vN2DXNPRhTUjjgPVQhqfDfauax9ZeQkNRhMKNyEYmoA008MuMzhByaI2YvDIsgz8cJQ&ext_cid=0&px_id=531429901&min_cpm=0.002399876225180338&out_id=1&campaign_type=lq-pop&aid=178&cid=12030&uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee&mid=4307820657689783958&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05496956920772703&cpm=0.08119204380067918&verify_hash=2d400e69d0cf36896462d01ac0161c43&verify_hash_v2=33dc859a4a88138b7b0f2528a1a5e1770816c444a7b80f47fb7890edbfb0d1b1&is_native=2&real_bid=0.0003270399951934808&original_bid_usd=0.00056&original_bid=0.00056&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=89,83,150,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,coef_090&show_count=1&expiration_timestamp=1745130587&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.00056&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005599999999999999&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=1ffff19a-15a1-421b-b125-98d896374561&prev_step_diff=1604 HTTP/1.1
Host: 3b1d253452.8ea1272194.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 19 Apr 2025 06:29:48 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

manhuaplus.org/themes/liliana/css/font-alone.min.css?v=2024.04.20

104.21.80.1

200 OK

2.5 kB

URL GET
manhuaplus.org/themes/liliana/css/font-alone.min.css?v=2024.04.20
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://manhuaplus.org/404
Certificate
IssuerGoogle Trust Services
Subjectmanhuaplus.org
Fingerprint3C:4D:9A:00:82:DE:6F:E8:8E:3A:EF:58:C3:13:34:75:A3:13:D7:69
ValidityThu, 27 Mar 2025 13:19:16 GMT - Wed, 25 Jun 2025 14:15:12 GMT

File type
ASCII text, with very long lines (2534), with no line terminators
Size
2.5 kB (2534 bytes)
Hash
102754e80e64621d675ba84e4810a6c7
7a65d97cc4e850027ca2a8ab025a9fe3751b6af2
fb60ba481e15730b600e356bb9cd3ab79278cf849d25e75a9adbf1dd736224ae

HTTP Headers

GET /themes/liliana/css/font-alone.min.css?v=2024.04.20 HTTP/1.1
Host: manhuaplus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://manhuaplus.org/404
Cookie: PHPSESSID=3d6m735itohnfes0c6pkhstssq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Apr 2025 06:29:42 GMT
content-type: text/css
content-length: 739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6odAm6uK80DRhtbmpBB5%2BqRdiA2A%2BLmpJ3yRQru99azqr8F%2FP%2BxgFrmhTjZ9jhIE9heGDfKQcFJHoaT1ZEfYsiqZMozfyuhq%2B%2Fsx4NaSbuzJP6DU9fvpacGkSDLv17WVKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-served-by: manhuaplus.org
last-modified: Tue, 18 Jul 2023 06:47:00 GMT
etag: "9e6-600bd482d2100-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 176
accept-ranges: bytes
cf-ray: 932a595ade5356ab-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3304&min_rtt=699&rtt_var=1549&sent=95&recv=130&lost=0&retrans=0&sent_bytes=8195&recv_bytes=8366&delivery_rate=2299&cwnd=12000&unsent_bytes=0&cid=ffd55de715677b03&ts=731&x=16"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (44)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL OPTIONS

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers