kingdomscan.com Open in urlscan Pro
104.21.42.113 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kingdomscan.com/
Effective URL:
https://kingdomscan.com/
Submission: On October 27 via manual (October 27th 2023, 5:51:07 pm UTC) from CA — Scanned from CA

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 55 HTTP transactions. The main IP is 104.21.42.113, located in and belongs to CLOUDFLARENET, US. The main domain is kingdomscan.com.
TLS certificate: Issued by GTS CA 1P5 on September 27th 2023. Valid for: 3 months.

This is the only time kingdomscan.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 10	104.21.42.113 104.21.42.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
5	172.64.102.11 172.64.102.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	149.154.167.99 149.154.167.99	62041 (TELEGRAM) (TELEGRAM)
20	34.111.35.152 34.111.35.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
55	6

10 104.21.42.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kingdomscan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.102.11 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 149.154.167.99 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.111.35.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.35.111.34.bc.googleusercontent.com

cdn4.telegram-cdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	telegram-cdn.org cdn4.telegram-cdn.org — Cisco Umbrella Rank: 39814	1 MB
12	telegram.org telegram.org — Cisco Umbrella Rank: 11259	239 KB
10	kingdomscan.com 1 redirects kingdomscan.com	1 MB
6	gstatic.com fonts.gstatic.com	159 KB
5	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	112 KB
55	5

	Domain	Requested by
20	cdn4.telegram-cdn.org	kingdomscan.com
12	telegram.org	kingdomscan.com telegram.org
10	kingdomscan.com	1 redirects kingdomscan.com telegram.org
6	fonts.gstatic.com	kingdomscan.com
5	use.fontawesome.com	kingdomscan.com use.fontawesome.com
55	5

This site contains links to these domains. Also see Links.

Domain
topmangas.fr
t.me

Subject Issuer	Validity	Valid
kingdomscan.com GTS CA 1P5	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-08-11` - `2024-09-11`	a year	crt.sh
cdn4.telegram-cdn.org GTS CA 1D4	`2023-10-08` - `2024-01-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://kingdomscan.com/
Frame ID: 86FF8141662A8ABE11668D8DC9891B88
Requests: 24 HTTP requests in this frame

Frame: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
Frame ID: 5985E98B0F466616D87C4FA9D5A4DE1E
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kingdom SCAN Lecture en ligne

Page URL History Show full URLs

http://kingdomscan.com/ HTTP 301
https://kingdomscan.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

55
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

3541 kB
Transfer

5186 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://topmangas.fr/
Title: 🔥 Hot Scan 🔥

Search URL Search Domain Scan URL

URL: https://t.me/mangascanvf
Title: Abonnez vous sur telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kingdomscan.com/ HTTP 301
https://kingdomscan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kingdomscan.com/
Redirect Chain

http://kingdomscan.com/
https://kingdomscan.com/

293 KB
40 KB

843ms
796ms

Document
text/html

104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingdomscan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d533e017b159f96b1c6becb0ca968bfd1003fdf39e61f07171e7c9ec991b9efd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ccc8da8857a234-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 17:51:01 GMT
last-modified: Fri, 27 Oct 2023 08:54:47 GMT
link: <https://kingdomscan.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkEcVgbp19pWmNGjIdtk4nciXdLQzJ%2BxJyBIsCBPFGcdWO22qIC8Vat9LwYTY47Rc0D9%2FXYd%2F5ob7w%2Bramtk55W2PcmueCFGEgFrZEXfAtHF69nkA7Kra%2FVfArfYIcHJg2Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-two-cache-date: 1698230817
x-two-optimize: 1
x-two-page-cached: 1
x-two-page-is-optimized: 1
x-two-version: 2.24.14

Redirect headers

CF-RAY: 81ccc8da0ef4a226-YYZ
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 27 Oct 2023 17:51:00 GMT
Expires: Fri, 27 Oct 2023 18:51:00 GMT
Location: https://kingdomscan.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ily09JQQPWYRuluNxxJtmQEg5T0DSENLiiKbt3LFvAC%2FnWG%2FTIg3IvltuzGRSBqTBM0RuJd6tMblPpA5By9ijQuDoqgPaowgX4DCJpX3MDQ%2BbEzcF70BEuSOcUTsg7xXlBg%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cca7b011f826dd37fa5bcb586e78cedb2f635ae2255e8b426a84aba6b0f2e78d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2b49ae118707bc6a883c9b5d33321c1c5744e5e61ba5338ef2e7e4086d1e1b8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 968 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0020646d32da84bf3e786d16ad939d610e989ba3bc2304fb68072f3537c60ee0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 132ms
57ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:02:19 GMT
x-content-type-options: nosniff
age: 172122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 18:02:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 109ms
35ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:55:32 GMT
x-content-type-options: nosniff
age: 14129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 13:55:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 125ms
51ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:02:11 GMT
x-content-type-options: nosniff
age: 46130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 05:02:11 GMT

GET
H2 200 eicons.woff2
kingdomscan.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 93 KB
93 KB 54ms
53ms Font
font/woff2 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingdomscan.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.23.0
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9434610f03b23074f9ae8ba5dbed66819c052a1d3c8e2256296c50ddeb4fe7f8

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3536
alt-svc: h3=":443"; ma=86400
content-length: 94720
last-modified: Tue, 24 Oct 2023 09:51:19 GMT
server: cloudflare
etag: "17200-65379397-6d406f8;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOBQJSDib7pfSgvMBMDH%2BSMrYfF%2BWgFLtAJYyt6hjIW%2BcyoMPASLW46nPH1t%2FFhJ4fX6O79y7oKCLPpzibGXD6qBllTOr06NfqptVE3iCUKYaNIwwkc%2F9%2BP7nYFOoRyUvGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 81ccc8e09b76a234-YYZ
expires: Fri, 27 Oct 2023 03:14:00 GMT

GET
H2 200 fa-solid-900.woff2
kingdomscan.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 30ms
30ms Font
font/woff2 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingdomscan.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3536
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Tue, 24 Oct 2023 09:51:19 GMT
server: cloudflare
etag: "13174-65379397-6d4072b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FCXo6YgvLOvPmsAmK7DilasUUL5LhpUKWaut0O63lBVROvtXYikXimZtY9gJHbXBHpe0PntweA6zJcdOQpTPchF4acs0OuZs3gQlyodTmu8WfUfL6DByD%2BUqNwQxySr47g%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 81ccc8e09b77a234-YYZ
expires: Fri, 27 Oct 2023 03:14:01 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 33 KB
33 KB 145ms
84ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

994961b8f25a0b18f5050694571210c1c5348d6221561dab5f1d72b3182e2778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:36:41 GMT
x-content-type-options: nosniff
age: 90860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33584
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 16:36:41 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 16 KB
16 KB 135ms
75ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

a4cec04945d3b04d4250075088fbc3ae546bedb4e97a483531a9c71f562d1e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:39:12 GMT
x-content-type-options: nosniff
age: 90709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16228
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 16:39:12 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 28 KB
28 KB 138ms
78ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kingdomscan.com/
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:36:35 GMT
x-content-type-options: nosniff
age: 90866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28696
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 16:36:35 GMT

GET
BLOB 200
OK e1e63434-90f0-405c-830c-365d098d2ec6
https://kingdomscan.com/ 6 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf47a99efdd282d082e9cbd31675d1bfa3719918239980d09216ca29f047526

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 5681
Content-Type: text/javascript

GET
H3 200 lazyload.min.js Show response
kingdomscan.com/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/ 9 KB
3 KB 61ms
60ms Script
application/x-javascript 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingdomscan.com/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/lazyload.min.js
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 11:34:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3536
etag: W/"22bc-6537abce-6ce05ba;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YZc1UsdSwk9dY9Q3xry1X%2FM2gl%2Fuhf%2Btl827O%2BgBV%2FGxlXdA7DVjyPnp3lW7slAWdGrXOIkoudsqFEE34sUYg5Ta%2F2o4YROD0rnxm84VQHGO5H0jy613Quu8sVGPNYNWWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 81ccc8e199183700-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 03:14:01 GMT

GET
H3 200 two_bg_vanilla.js Show response
kingdomscan.com/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/ 2 KB
1 KB 59ms
59ms Script
application/x-javascript 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingdomscan.com/wp-content/plugins/tenweb-speed-optimizer/includes/external/js/vanilla-lazyload/two_bg_vanilla.js
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a440cf0bb0bb85af1417e18360bae8c4969de6ea31d9f0717323a2cb24ee0eb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 11:34:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3536
etag: W/"82a-6537abce-6ce05bb;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXJo2avIXEe2j5jKlWvv%2Fgc47oJ6ODXpRAb2Xzfuww%2FKct5mFn0RT1Joj2YH5desRVIs3eqcH6Tt7uRVOZIJsCN%2BcZN54VEMOaTVTrGERAgw41XijXvs5QipeOLjku%2BjhLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 81ccc8e1991f3700-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 03:14:01 GMT

GET
BLOB 200
OK e7990f75-0f07-48fe-9fc6-a917a6a17efa
https://kingdomscan.com/ 547 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kingdomscan.com/e7990f75-0f07-48fe-9fc6-a917a6a17efa
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29d419cc235241c2e7b8ccdea693ea6c386a9c983a8d2af229d087cca01e0baa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 559786
Content-Type: text/css

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 139ms
43ms Stylesheet
text/css 172.64.102.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQP9DAPMKZ4N4XNT
age: 437409
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IFuKTGFkELwcPhqjNP+c9VTMnW0m0E+B2of2x5Ue9czCs5EodHOGdvYKEZmywLUhX+M5/lREW1o=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JA9DBzmhNZI42NpQ1cgGVUHthiLiNw0vyNlPKeHuKHxQFD3cwRyCxW6PdUUI%2FKyuQaJLysJOsQrSV7huLZFLbN3GUS2qcne9W6N8cQOSx427OIeZegKMhLwu4D%2FFVcn08sKRAPbp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 81ccc8e2afa64378-EWR

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 144ms
48ms Stylesheet
text/css 172.64.102.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M7JKKG9SPAZAZ9HX
age: 1489131
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 09RQA3TfRxfHt4tPyJx4HHQsrCMGGPOBSAA2Ex1iJHfrK2ElZq+z/k5246zvZJUKq0yFiDLqOHk=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XAJShQuXFcNxvnp%2F%2B3Oco1digNMPhqJB94clKatH%2B4hUS8HdFY%2BiJEcXDfH7ti%2BXJQjWL9xOGkg8%2F7ogs8RcuaJ%2B5%2B6ty1NW3GmJ1En0rWj9PFtrVb7TukJX1Ju8ur%2Busmco7xj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 81ccc8e2afa84378-EWR

GET
H3 200 wp11071773-shin-li-kingdom-wallpapers.png
kingdomscan.com/wp-content/uploads/2023/08/ 966 KB
966 KB 32ms
32ms Image
image/png 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kingdomscan.com/wp-content/uploads/2023/08/wp11071773-shin-li-kingdom-wallpapers.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3699e66b608d46ed8ed55cd7c796dbf7a5fed76baad3cc692a1b0d6e6abf7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3534
alt-svc: h3=":443"; ma=86400
content-length: 988827
last-modified: Tue, 24 Oct 2023 12:23:13 GMT
server: cloudflare
etag: "f169b-6537b731-6d6113a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5jPmsD6RbKFnQzh1qr0oKdEUHqz9HVi7spQj2TpnKStgJfc0Q4JBqc9etkPrF1z9QEZFe98PQBg%2BD%2FMKa3iuSWAd8EVAQmRRPHmXT%2BTkAyLjMZJIH4Gbsydy9oeJ%2F73wEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 81ccc8e22a0b3700-YYZ
expires: Fri, 27 Oct 2023 15:19:57 GMT

GET
H3 200 kingdom_chapters.jpeg
kingdomscan.com/wp-content/uploads/2023/08/ 312 KB
312 KB 45ms
44ms Image
image/jpeg 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kingdomscan.com/wp-content/uploads/2023/08/kingdom_chapters.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54b9a2eea7375952dc77e367759e55d4871382cee496b9b3ff59a9fd3cb040f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20378
alt-svc: h3=":443"; ma=86400
content-length: 319240
last-modified: Tue, 24 Oct 2023 12:23:18 GMT
server: cloudflare
etag: "4df08-6537b736-6d6113b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezKZOBosUsdjq412GCqAt9RjSxlw%2FkuTJKB4HcPvIMLUAaWF%2BP4b1BbFOolvLjMFgvJZ%2B9sD6ZscDuMzTMRrLuLsMTjH09SAnu9uz%2BXlDVfB%2FQqsSP5hYPo44aXKrCptqMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 81ccc8e24a573700-YYZ
expires: Sat, 28 Oct 2023 00:11:23 GMT

GET
BLOB 200
OK b8b82afb-b4cf-4955-b5cc-1a36c113f739
https://kingdomscan.com/ 4 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kingdomscan.com/b8b82afb-b4cf-4955-b5cc-1a36c113f739
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c799b7bf9dc8a3b4d1be9b87237b06b8e1df7599d38b11efb1d8b085e34b119e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 4446
Content-Type: text/css

GET
H3 200 / Show response
kingdomscan.com/wptelegram/widget/view/@mangascanvf/ Frame 5985 95 KB
13 KB 724ms
724ms Document
text/html 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d89c8839f894443695b52fb6f7b185218e0b412c9985f32c612dc3f73a4fcc27

Request headers

Referer: https://kingdomscan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ccc8e25a5e3700-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 17:51:02 GMT
last-modified: Fri, 27 Oct 2023 08:54:50 GMT
link: <https://kingdomscan.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ferlpHBXnI8ZWzq0SEH6MZQbe6FZ2SuLtkpZI83SPoxxI1JriFLtMi3rnQmilN16KldPAeDWoXUzsMHF4%2BfYqXEIUCVdZ9f2gLbB04gyBSWwn%2FA7NGjP9XFha%2Fk2lpg6Ty8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-two-cache-date: 1698230817
x-two-optimize: 1
x-two-optimize-reason: Page id not found
x-two-page-cached: 1
x-two-page-is-optimized: 0
x-two-version: 2.24.14

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 40ms
40ms Stylesheet
text/css 172.64.102.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQP9DAPMKZ4N4XNT
age: 437409
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IFuKTGFkELwcPhqjNP+c9VTMnW0m0E+B2of2x5Ue9czCs5EodHOGdvYKEZmywLUhX+M5/lREW1o=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdJu171NpNOsgjGDd3P%2FuqsdD9t12lxeA9VWaAXm5n1ZiK3OXdm%2FLoQ7toZPFXp%2F5JKces9yKkmhnQlo44tAL3r6B%2BMzTgFU19NgdI1xJ8p1ybFSgH2HjEy0TSyqeGY00ax%2BsK%2Fa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 81ccc8e2ffe84378-EWR

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 42ms
42ms Stylesheet
text/css 172.64.102.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M7JKKG9SPAZAZ9HX
age: 1489131
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 09RQA3TfRxfHt4tPyJx4HHQsrCMGGPOBSAA2Ex1iJHfrK2ElZq+z/k5246zvZJUKq0yFiDLqOHk=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7IYsJlyOQa54u0IISsak0bgE%2BaIg1CWF%2BDTnun3Z7kn6GANV48jz4D1XXgS4XezRr0Ng%2Bn0ghlfoq%2BD%2B7AP26E%2F6Kp5kujS%2BHHsmjotiRl%2B2t8nBaDLt%2FMY1RDYsrXKx%2FZzGj3N"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 81ccc8e318264378-EWR

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 38ms
38ms Font
font/woff2 172.64.102.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 268646
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ATazX8Cm4g3FGrlGr1ufyAeCzU25paTCBTg4ip0B%2F420IaSeR9t1rPeNB8twecSPQ%2BwbJLhJwj5%2BYmFOJZx2WwJIw6TyAugSwwq2JT8Hjq4nvOdGeix7132WIOYLHg%2BqhHOOXLh"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 81ccc8e3ae181895-EWR

GET
H2 200 font-roboto.css
telegram.org/css/ Frame 5985 6 KB
893 B 433ms
209ms Stylesheet
text/css 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/font-roboto.css?1

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: W/"63512b7d-1816"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 widget-frame.css
telegram.org/css/ Frame 5985 81 KB
21 KB 427ms
203ms Stylesheet
text/css 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/widget-frame.css?66

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 17:42:21 GMT
server: nginx/1.18.0
etag: W/"64286cfd-1456a"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 telegram-web.css
telegram.org/css/ Frame 5985 27 KB
6 KB 432ms
208ms Stylesheet
text/css 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/telegram-web.css?37

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f5569fd592a9f98733b42e918680b19ddcab0d5cf365d001b4ade87cf84968ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
server: nginx/1.18.0
etag: W/"63b70e44-6b31"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 FCdwarySrqwgJAlT3ytXwsgzEk4hSCkXZm5IuQIaLjFuXBWn052uxSYsxSWOBZzg-g2m2NSZMIkIerT7rWHm_6r6trw4U3T_FN_hFLuLbs-sA5NUL8R9qs0RAh2Y2ySn3n01VZ8LF_lU352yXxv1Y7IY9XWEadCk5vCgkHn5HMNWD5rFCsViM7COtu6N8XyYSI5hk...
cdn4.telegram-cdn.org/file/ Frame 5985 17 KB
17 KB 256ms
216ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/FCdwarySrqwgJAlT3ytXwsgzEk4hSCkXZm5IuQIaLjFuXBWn052uxSYsxSWOBZzg-g2m2NSZMIkIerT7rWHm_6r6trw4U3T_FN_hFLuLbs-sA5NUL8R9qs0RAh2Y2ySn3n01VZ8LF_lU352yXxv1Y7IY9XWEadCk5vCgkHn5HMNWD5rFCsViM7COtu6N8XyYSI5hk9InlXXatlbawK4WNGQ6E_Hi08zv4kvkJW-5h5_59JBPKC3BVWUPW3m8kK_TQeFEaTow6p2x-mbtBv3MaiXnj9Wz2HnexV_K6tKY9QLMYJY4lvyGozkDjVoLk2rKGuRWPtoDqSexta5xhu1rlQ.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

e57e2eb5b45bcb888785af93864c7e4dffb2a703918b2411350cca94c2091e82

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17171
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "7b2944817dfb1d03e8281638e804f49522a77432"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 jquery.min.js Show response
telegram.org/js/ Frame 5985 94 KB
38 KB 518ms
296ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery.min.js

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-1762a"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 jquery-ui.min.js Show response
telegram.org/js/ Frame 5985 96 KB
32 KB 269ms
269ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery-ui.min.js

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-181a9"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 tgwallpaper.min.js Show response
telegram.org/js/ Frame 5985 3 KB
2 KB 179ms
178ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/tgwallpaper.min.js?3

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
server: nginx/1.18.0
etag: W/"62211da5-ba3"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 tgsticker.js Show response
telegram.org/js/ Frame 5985 24 KB
7 KB 179ms
179ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/tgsticker.js?31

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 11:31:32 GMT
server: nginx/1.18.0
etag: W/"64242194-601c"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 widget-frame.js Show response
telegram.org/js/ Frame 5985 92 KB
25 KB 180ms
179ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/widget-frame.js?62

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 18:46:51 GMT
server: nginx/1.18.0
etag: W/"6441889b-16f16"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 telegram-web.js Show response
telegram.org/js/ Frame 5985 12 KB
4 KB 182ms
181ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-web.js?14

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 10:32:52 GMT
server: nginx/1.18.0
etag: W/"62345fd4-2e63"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 Rz39H5m4SGa6OIpjTCyEpXgvh61Z65p-HIqYJSS_aWSmHuDkze9KHzZodzXYPEaZ_05UCCQvLdGQKl7KsqtBnmobu8jJvWYbzp5gS3bXzPg-9ZmE_IFjSa3uXSdoWrhfkpsWgtppe8PErqhGPaNYVC4R75KJnt7RcNdYx60u1grO1Ckyud_uQd7twloWPATpgvlht...
cdn4.telegram-cdn.org/file/ Frame 5985 142 KB
142 KB 20ms
19ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/Rz39H5m4SGa6OIpjTCyEpXgvh61Z65p-HIqYJSS_aWSmHuDkze9KHzZodzXYPEaZ_05UCCQvLdGQKl7KsqtBnmobu8jJvWYbzp5gS3bXzPg-9ZmE_IFjSa3uXSdoWrhfkpsWgtppe8PErqhGPaNYVC4R75KJnt7RcNdYx60u1grO1Ckyud_uQd7twloWPATpgvlht7ygstcwfTKu2yoqNJtPdixFVqK6-t7zkKvtjYIw2zD5e9spyRkxhe_9v3EURgUCxDGnMipptObhjeKaLNKTzXcK5K7fTH3iRurWBxDnclrAAIztsOHmWw-f0qA6f15uPaBKNub9P9Xr80zqcA.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

3a6c733f06c0610b418847ad455825ab17cb394926137fa46086e4dcc86ab9c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145276
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "bb9641b088ea8ee29752bc243ec3f427f1987323"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
DATA 200
OK truncated
/ Frame 5985 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 thedkIomOTbb_K2TeLBCWHCpAHvmEqYxvdmMOkDYcUKjYE15DK1VWsI5UdRoSJtS4kDyjJlnwLhZxopFPUbEt82jZ62908u0qmCcewLjDYWSazNqYm0Rubh2Pm3_TRIpWx0dMZ7B99vSpamoU5Ukfs9malbrg5WHjAv44LKf_-IdHx72SY0NRVH7pIRhwQdcmqZ6H...
cdn4.telegram-cdn.org/file/ Frame 5985 60 KB
60 KB 61ms
60ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/thedkIomOTbb_K2TeLBCWHCpAHvmEqYxvdmMOkDYcUKjYE15DK1VWsI5UdRoSJtS4kDyjJlnwLhZxopFPUbEt82jZ62908u0qmCcewLjDYWSazNqYm0Rubh2Pm3_TRIpWx0dMZ7B99vSpamoU5Ukfs9malbrg5WHjAv44LKf_-IdHx72SY0NRVH7pIRhwQdcmqZ6HUV3y_OaKTtsY76Gnh9c-TGNuHMz6jSKRuMjPBG8rR6_pQ6x3cC3ze3-U_MUfL7eP1GSDFmtjW7O-jZeC96tgUuctT_vmM0F1nP8LlGtq1OUixeG1oxG0u2CoQ9p4ZCheHZqNFuLwuZsJ5ESug.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

a769736561f29bfd94cdd48a2207fcd1dfa6d6c90cf48dc68a7b162fc8927d32

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61170
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "682c6d4434b1385a1f6184cc90f9b46a27a46f4e"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 UyDss59V8_Dn4Dfx51vPE9iDKBW7A8Yg78iGeJCQAKJiJzV3T0uVBfmwNtSnNnUBpHXpGDL9XIq14Fpr0gX3yKJ7bVL4g2_yUdfrZInWFWyqfEuJMyim8HrIlcPVwI-3lGCQmgfQV_79EZwMprWcDuusJytOYAQCiCh2Z2bADA_GYzDvOh4w2PQydxeDOWSlMY0QM...
cdn4.telegram-cdn.org/file/ Frame 5985 96 KB
96 KB 69ms
69ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/UyDss59V8_Dn4Dfx51vPE9iDKBW7A8Yg78iGeJCQAKJiJzV3T0uVBfmwNtSnNnUBpHXpGDL9XIq14Fpr0gX3yKJ7bVL4g2_yUdfrZInWFWyqfEuJMyim8HrIlcPVwI-3lGCQmgfQV_79EZwMprWcDuusJytOYAQCiCh2Z2bADA_GYzDvOh4w2PQydxeDOWSlMY0QMmXRp1s64uJlZ-Ux-auPII9m-NepppPlne0n807qzMNsM_mqoroG_LnNjvdmTN0CWmDE8MXPOvNtAFfCrCM_bYgSKJQY_MQxdm9URn8Lat40RnKKDjsKolrrrE2rQDv5ikBhbteB__SF5SXt5A.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

1a4e93b4ff1c7bbfe27fe7c1ec197b6571369d786907f1b1c0c6754e50c9e6e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98564
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "c9eb9ec798b0e295168180d2adaf28fec330e1d1"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 404 o4AwytpwRDSYNMSONX2x-GaiBD2eD893MZFkJBcfAOp2oPlyAmsPkO44iBqYezy0K7oZ9BgPtEq2jQiaYsDh2frQ7Bl514ON1S_4VKMMU6DRdc2xF-sVSvLlaiguJYE6WtCzIgDhM8-8ZmAPAKUv00op4vS6Z_sasuRN3571q_zBa1gSFqGmKhredyZpw6Rs2NeZY...
cdn4.telegram-cdn.org/file/ Frame 5985 0
0 126ms
125ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.telegram-cdn.org/file/o4AwytpwRDSYNMSONX2x-GaiBD2eD893MZFkJBcfAOp2oPlyAmsPkO44iBqYezy0K7oZ9BgPtEq2jQiaYsDh2frQ7Bl514ON1S_4VKMMU6DRdc2xF-sVSvLlaiguJYE6WtCzIgDhM8-8ZmAPAKUv00op4vS6Z_sasuRN3571q_zBa1gSFqGmKhredyZpw6Rs2NeZYqueaq9_tDypiWh6mb0D8kK9hyq8gjJxAZDXYGtmqCgzA0Dt8TE3CjHABoFnuDB53iG4iZuB8ECDuE9geVUxcd5vi8etq0S892caxV5QV92bnatvJQZSlwVA2E1dJKcJ-ZV4rHpFRvTsvACKlw.jpg
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 404 et6eRrd_XRpPV2INlqDjlAYRlOwZwcFb30moNXgUu91RJ7oqo9MNqUxGWZQS7dLmFJEa8Uyz7WDTzrzvpJn-r78r0t5uCGewoGa9lT1gP48nowbulONXfrVQ4UgZgZrULxSfg1vcl3K5cBnNcwfjYw7rhX2tZH_Bx3UZFnkxjsVdXt96vG9cV7EUAk46LstiaDsub...
cdn4.telegram-cdn.org/file/ Frame 5985 0
0 128ms
126ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.telegram-cdn.org/file/et6eRrd_XRpPV2INlqDjlAYRlOwZwcFb30moNXgUu91RJ7oqo9MNqUxGWZQS7dLmFJEa8Uyz7WDTzrzvpJn-r78r0t5uCGewoGa9lT1gP48nowbulONXfrVQ4UgZgZrULxSfg1vcl3K5cBnNcwfjYw7rhX2tZH_Bx3UZFnkxjsVdXt96vG9cV7EUAk46LstiaDsubIJUt-9N2dAkF6FmQOMgY_SDs9hUJnvYX78yt5fIPEbMyBanYGU1oQRA4wL02KDcv_8tsnMfFo8HRoxxxoPOkTTsFRICgLuTU9k4zIW8vR0hXaJw3iS-OSmjkkg7EZhdTSMblt3ZGyxw9KSUhQ.jpg
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 W4k2mGGRmcHF-ZcQmgNTklfYsPvR43hr0P3exzFHexfb-SSFvptHy8b42FY9zd1zyrZtekVHmDCl-x4ywW1pfjJ4ab08j227-LXa7OG9UqpsRpzya9f2lceHZe-a8D9_ph48kdFP8ORO3nQgunAEQlFi-SBzj0_fAk1poCZVw-YP--oU202s2ZmYokMse-K1IKaNt...
cdn4.telegram-cdn.org/file/ Frame 5985 139 KB
139 KB 78ms
76ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/W4k2mGGRmcHF-ZcQmgNTklfYsPvR43hr0P3exzFHexfb-SSFvptHy8b42FY9zd1zyrZtekVHmDCl-x4ywW1pfjJ4ab08j227-LXa7OG9UqpsRpzya9f2lceHZe-a8D9_ph48kdFP8ORO3nQgunAEQlFi-SBzj0_fAk1poCZVw-YP--oU202s2ZmYokMse-K1IKaNtIyM2FB_bIFJLl3aAsuVDEtdtjhx5BzK0-Nu1KmqUVnVAzR3lzVrcVn7-1IZPad-H6qEPTiRkccH1BRNhuHh23y20gxWdrTpe4NDaAYgxqxQ-dr6boGn4psq21C2RAizliQa23SVJPbcJhAWBw.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

470b69d22282ea5cbcac4050c2c7806d22da2f26310ab539e81d58dc590d0373

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142189
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "14bced923d03054623d1d5bf99c7bfaa850deed0"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 T_kC-Cy1rsIezbLY_87qsSVs4w8drIzNMIa0H-uei-qqlomDcixsNUBhBSJjHl6HtE5gPXNNnAzCynSn8KLMnvHUCUchSNYWghTMOC27bdmPmnzDLB6_W1BQ4zA2FiY1l57rFnI6JzfyI-aOcOEizyiRD52d30OjkaiaGr8EAbgifnPiy4De2OALX76pXtBg_2NsA...
cdn4.telegram-cdn.org/file/ Frame 5985 58 KB
58 KB 87ms
85ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/T_kC-Cy1rsIezbLY_87qsSVs4w8drIzNMIa0H-uei-qqlomDcixsNUBhBSJjHl6HtE5gPXNNnAzCynSn8KLMnvHUCUchSNYWghTMOC27bdmPmnzDLB6_W1BQ4zA2FiY1l57rFnI6JzfyI-aOcOEizyiRD52d30OjkaiaGr8EAbgifnPiy4De2OALX76pXtBg_2NsA6WMf_Mq1xb1oDuiXoQyFI1zbpp0arfHIfmbSBwlzIOjy7wo1neBOObWU3dSqGl0KoTIb-bNkeOM1S4AfgNIwZzus_LvxGZQyR7J1B52O61luOMRvS_DJkU3TRXnHz_2bKNV26aiIV1InHoPrg.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

df95549259093448ad7948a1adfbee38bcf3b1957197d03f6099afbf46c496f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59233
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "5f4293ff2caa75059d05ea4456dbc08f6fa5ef88"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 fb3NXa4tlAbUhjz0uLa6wzdi7KHrIF0MneSZeP3vBx9dfqiJkQAMu3Gy6VkvudpkSnoSl0AUtBfuFKcZZ_9-uFV_QVOCjwYDOsreDyEQTJKMf9VihijQlk6ZE2TQKadTuYbNth99FxCkIaQOaW_0-9S8LPztp5fxuptdoaSPeGWLRhgUUzIjA9Euc3zZHAernzBxR...
cdn4.telegram-cdn.org/file/ Frame 5985 186 KB
186 KB 86ms
83ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/fb3NXa4tlAbUhjz0uLa6wzdi7KHrIF0MneSZeP3vBx9dfqiJkQAMu3Gy6VkvudpkSnoSl0AUtBfuFKcZZ_9-uFV_QVOCjwYDOsreDyEQTJKMf9VihijQlk6ZE2TQKadTuYbNth99FxCkIaQOaW_0-9S8LPztp5fxuptdoaSPeGWLRhgUUzIjA9Euc3zZHAernzBxRuWzDvEaGCm3Crj4Xjn0uDkfhNaxZTDoWSKbEFFPWQhgaEm0DGRmJ8ah5vfIFAJYo6olg1yn5h3eyywX4LPvpeypZucGcIENRafWE0Sz8lkwFM18-StQ0RKDjncCj2ka7ZFbYQRGgEtXDnCMjg.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

f33d0252a03aaeb0a0fc1c65550f4f95f178b6dd4b1c933a9d977cf4d44416b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190310
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "345014f1bc7591d7ae604a9ba6e971bb09e43b57"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 s8VqDa5w6cyLKQwTTqJEx0mAFSkkrwHTdJ4O-x1_DGfbaYiIy3c_KwLH_EimH1udaJdOFMAlhpkuIXmv1hMzMas4SAmOd1MKVGMfDynwcDXBjqIAJDWiUjj50CG8njsP0ZCfk9YG9O5UZ7QcRXeAu22NdSL2f9aPIBNVxlOkBoLjV0Jg8wd06fBb2bUHSsRNboAam...
cdn4.telegram-cdn.org/file/ Frame 5985 101 KB
102 KB 224ms
221ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/s8VqDa5w6cyLKQwTTqJEx0mAFSkkrwHTdJ4O-x1_DGfbaYiIy3c_KwLH_EimH1udaJdOFMAlhpkuIXmv1hMzMas4SAmOd1MKVGMfDynwcDXBjqIAJDWiUjj50CG8njsP0ZCfk9YG9O5UZ7QcRXeAu22NdSL2f9aPIBNVxlOkBoLjV0Jg8wd06fBb2bUHSsRNboAamNUKDVjC3ZcC3JiHYkGA5U4RhGpUBwAsF4_yqRJmYLAhga-o5NrBIEK5eZw-NnNMiax55eEPVkwT51AqH-Oxq5FAVEqHibmKJqZx1Zq0dUDIpNEr3ltnIc6UPHBx2PBKpL0wZyQOyz_R5S21jw.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

41d2f3efe6e23f696bcfafc8976047eb91ac7bef93512a32449bd1b5eda706b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103780
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "3866f3efa7b9df4a0a86c62753cc9fc932a6be59"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 404 ehSWEOhGxwtW0xw8XAbck1hgN4L5vXHWsKtoPMjtLRcVFegI69Q1it8HG-FrUj_lCe552nbKS5FwH9FIU61OqHM5Mh2n23wV5nPc6tynt17R4frqFZ5U5UbCLQ6c8Ql6xU_Jba8Qn0XWOneVbEcxMP6DOWhkcSPuwRIg6TdTj9BS4CV3PnidLHvK6Dl5dlXEDLfwv...
cdn4.telegram-cdn.org/file/ Frame 5985 0
0 126ms
124ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.telegram-cdn.org/file/ehSWEOhGxwtW0xw8XAbck1hgN4L5vXHWsKtoPMjtLRcVFegI69Q1it8HG-FrUj_lCe552nbKS5FwH9FIU61OqHM5Mh2n23wV5nPc6tynt17R4frqFZ5U5UbCLQ6c8Ql6xU_Jba8Qn0XWOneVbEcxMP6DOWhkcSPuwRIg6TdTj9BS4CV3PnidLHvK6Dl5dlXEDLfwvYVTa3uvOhMSInH8aC1hXGJOmSSci6E6c7QXS7weLmeUyKVq3Ff0gYGm2iVcqoN0hjL3vxHEyGdREy0TTz-RC5BV3P10rXfr1p1e3UZUMYTtgkS5cY6T_do04QDI3_tRHf5nDtee-de152XxJg.jpg
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 GYnIxaITh6NTkJbStvtz1R3qNvE_nYu6InkngbK3NAfQtmm3mVnA6UsoOlmC3kOxNbtBTCE04aCRhvJJ53y-dvSOoCdOREZvtANkzKkFceFptHLmOGrIxMMZ2PtsVSgn_cIBKl-WclKH9HbTv7mud0DSjnMPeKFzXqjISUMf-Q9NX3M-0mbjJibTex7-gU8lYaRfY...
cdn4.telegram-cdn.org/file/ Frame 5985 132 KB
132 KB 99ms
97ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/GYnIxaITh6NTkJbStvtz1R3qNvE_nYu6InkngbK3NAfQtmm3mVnA6UsoOlmC3kOxNbtBTCE04aCRhvJJ53y-dvSOoCdOREZvtANkzKkFceFptHLmOGrIxMMZ2PtsVSgn_cIBKl-WclKH9HbTv7mud0DSjnMPeKFzXqjISUMf-Q9NX3M-0mbjJibTex7-gU8lYaRfYQXEV2BGPKYzLC9rH9Es9u1yz1Wqy8QLjCMal0wQWSxDcNxeTHN2Vfno1Rlv5iyBiYVma_EkCKzMzjSgK73PUjrK_ssVIbAuybGLL-LcFJXakvOj-y2Ara_-HNiy7OSt5MPyOOwQ470dOt7EaQ.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

121798c4728f88ae3fbf1d2cd5b5da046291428c457f771558ccbd803ce56dd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135455
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "fc3c0cb9c0851472332ddc91341d5d55c645d734"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 Wm-HG8-RgC45j99lC5ukXrydNIAuzeEL_2zUlGgaPcBrncGogL6eh28ZOl0-nRSHxWfUdAcLyYf-tijrTHJWZciHSJ7gJ9PGS2Dye4ijO4cUd8nhzaxw9JEHJ56PdHEgCVyo6LgOPg10Bqapcses7gNEZKU7P28UEQZWhCRvbW1SfCh7tnQA7EDsM6aCzjJgL-o_8...
cdn4.telegram-cdn.org/file/ Frame 5985 125 KB
125 KB 97ms
95ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/Wm-HG8-RgC45j99lC5ukXrydNIAuzeEL_2zUlGgaPcBrncGogL6eh28ZOl0-nRSHxWfUdAcLyYf-tijrTHJWZciHSJ7gJ9PGS2Dye4ijO4cUd8nhzaxw9JEHJ56PdHEgCVyo6LgOPg10Bqapcses7gNEZKU7P28UEQZWhCRvbW1SfCh7tnQA7EDsM6aCzjJgL-o_8t-bRi1tDlsfSaempshgC-DVA6i_gneKAiipEmsSrDflJVgKe8-MvLRWwGxQlGqYucrTq4JcMDvaWeSXangHVdX3Oo77z62G6Jv-k6PRUr7KMLBVBBn298k3akeLFwaLVNS95n93AbiA6xH_Tw.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

f35866e79080a63f856ebfef3ba0ae684339f930353635cdb9c4ff4a3cf1658b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128303
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "6322990cd9f93b5d672cb9b0e6a0096eab575c59"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 404 KXE4ygm_8Vcl_iy2IGfHRJjP_8b-TUsnfEIrebjGXi_E72Pn1znd60hARapuNOmjNQSlF7iL5O39HVsfylUEuFFINoD33gUmcjZF5EXKZlrhz8GVXmzGa1P_L02xkE5YL2-U4PP5glKqxh72e2zvpYHbBvleXlzhtHEYi1mUqOyq6qX2c2by-ni7N-c3OfQq_RPzx...
cdn4.telegram-cdn.org/file/ Frame 5985 0
0 130ms
129ms Image
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.telegram-cdn.org/file/KXE4ygm_8Vcl_iy2IGfHRJjP_8b-TUsnfEIrebjGXi_E72Pn1znd60hARapuNOmjNQSlF7iL5O39HVsfylUEuFFINoD33gUmcjZF5EXKZlrhz8GVXmzGa1P_L02xkE5YL2-U4PP5glKqxh72e2zvpYHbBvleXlzhtHEYi1mUqOyq6qX2c2by-ni7N-c3OfQq_RPzxIg6YSEYoX62Gau-Mih9HBKq5E3j3zUuqPd6JatC_bYNlVTfPbAWoN07KyJS4cFKCergo2Gx3y9QFoz22gRzLvxU8Txmaf-AV8eC5fD_UA3dHjjdziwDiBWS3t1qPDzdQ2EkiWI870FCRML6sQ.jpg
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 c35z7tuC42iUIzXXgDy6xZwgbzbBezTCu9Ztk5kNPfM-5RieWv1cV-mjVlYjLqdK-hbZkkjh9NBdfaYTo7qBAdWZLOvsp4k7rt_FYwFmR6XgT_LRS147nOv4arhVwo4bV90Y2J1XyYYy1FVVG8xosAwT5x1FT2yM_U2g80N4tEAl_D7TRFJ-ze7NPe0RQTgd5YfhA...
cdn4.telegram-cdn.org/file/ Frame 5985 168 KB
168 KB 95ms
94ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/c35z7tuC42iUIzXXgDy6xZwgbzbBezTCu9Ztk5kNPfM-5RieWv1cV-mjVlYjLqdK-hbZkkjh9NBdfaYTo7qBAdWZLOvsp4k7rt_FYwFmR6XgT_LRS147nOv4arhVwo4bV90Y2J1XyYYy1FVVG8xosAwT5x1FT2yM_U2g80N4tEAl_D7TRFJ-ze7NPe0RQTgd5YfhA3HugtrEsGkoJKxeQMzM8-0BbCc4GiYj6aJlhFD8f_o2C13GHWFUFCRUeijQ6iNBen8yFbmSQLL_MGtYYv4L2CIrQ4zoqPklATufK56T3or8Jnx1s6rHpKqeRAz_aAcXoiPkYURf-ownisNvYQ.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

cf14069ec302a19217df8944d0e15fba2c5f8adf7567d47a6e1364f909448630

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171973
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "d18eef13159e2c3feef6e0043f548d9799927495"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 i-fiR8CQ8YBetSxvAkm3wZ-78prqJ0Uj3BZAO3BjZoIPLLojSnJ_BnLOv66CKwREKO-B_56SkXuWkWAFyikPB0z5ljVtg52ElXym_gwTTXqmWI9gvpPKiPK18JRGV_kcTIj_rKsdTWMK9Ye8yJ7xTSosL6OK-tXFVi-Nh9mfFF91slKl9ehboTk1_ISYRFtVyKgKj...
cdn4.telegram-cdn.org/file/ Frame 5985 123 KB
123 KB 97ms
96ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/i-fiR8CQ8YBetSxvAkm3wZ-78prqJ0Uj3BZAO3BjZoIPLLojSnJ_BnLOv66CKwREKO-B_56SkXuWkWAFyikPB0z5ljVtg52ElXym_gwTTXqmWI9gvpPKiPK18JRGV_kcTIj_rKsdTWMK9Ye8yJ7xTSosL6OK-tXFVi-Nh9mfFF91slKl9ehboTk1_ISYRFtVyKgKjpF9X7EhCQzYQdjzgekmD1PAczMR5SThZExVy_SCpUHJFtr-aYcZ7NHLV-CYZY-yfDhr17cewVWqTxRAcYiCGEW7hyCN4xmWunmvo3_3atXbuqAFVf2yLTmsVxbzSvTxVC2zc9MRcZNEIf0SsQ.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

2b37d164f47b600eeb1b7707dee66e47863f8d615d1e3ecc03c3cf50e9269680

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126151
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "99c6b90aa1360a47ce94fb5d679a554c5c811bba"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 RwzoqqG9valCKxS8NyH5EX9ZvoAZzJsiUOX34qP7byontHx2odsX-pqkCu-Tx9jsE3351RU0FitPSbonMrO8VTL5ZzYDu6t-dgzUDedGiziq1sFZy3eKYO_NvAoW1krNs9snfNkTrINLi3sKfCcuO6DZI290ZlZl2RJiw50fkX379fdRpCn9MWf9xf0mkttHnXbPf...
cdn4.telegram-cdn.org/file/ Frame 5985 13 KB
13 KB 95ms
95ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/RwzoqqG9valCKxS8NyH5EX9ZvoAZzJsiUOX34qP7byontHx2odsX-pqkCu-Tx9jsE3351RU0FitPSbonMrO8VTL5ZzYDu6t-dgzUDedGiziq1sFZy3eKYO_NvAoW1krNs9snfNkTrINLi3sKfCcuO6DZI290ZlZl2RJiw50fkX379fdRpCn9MWf9xf0mkttHnXbPfZDTioOE3CYllrNWxmx5PZ879-TeJ_sOYnrOlb7B4P3sD5A22montwvYmAKgA-8u9z9fmhIITYntd4xM-GSKEnQCdjXLzEjBbcoPM0u7ISheiPTnVSmo1tYjjmfo-nog8My8huQvWipUBRc16g

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

57b60ac0645a747d05e0c34be3ebcff2020678b7d31b185914afb8356254660d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13524
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "ae5f62e6320a43048b20bb05a2c49f6d99d2e486"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
DATA 200
OK truncated
/ Frame 5985 496 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 i16R5hE_BQbTCoBsBvftS7gQa-uYsvPU_qSWFA3OxU1bwZ_nDwlr96Rbzm-Vm36GV4a7kM9Kj-VslaU_H6O8gN_Ik7Etm8p5qSOFUzf54KN0CQGEp7Yv1WWCTVfzTjThdh9GSRc2bS8ntIVVVWVcevzNxOiBTYbGLtu4MmlEtPB88yCXwhfouQj_mt9mteTAqMSM2...
cdn4.telegram-cdn.org/file/ Frame 5985 162 KB
162 KB 227ms
227ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/i16R5hE_BQbTCoBsBvftS7gQa-uYsvPU_qSWFA3OxU1bwZ_nDwlr96Rbzm-Vm36GV4a7kM9Kj-VslaU_H6O8gN_Ik7Etm8p5qSOFUzf54KN0CQGEp7Yv1WWCTVfzTjThdh9GSRc2bS8ntIVVVWVcevzNxOiBTYbGLtu4MmlEtPB88yCXwhfouQj_mt9mteTAqMSM26QnPlsRoPxLTG8hBeecKalUlgvb_FfIDSgxHout5NbR8u5X18ZIn2-0t05NVQvISCzeXz-6QZhgp-ZfgdBtcSayhZgeEbwOZ_IquwLHyNlbwVZKIpPSeaS3mWUDk7PfVdt8cOn2czNvhKxSSg.jpg

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

b03f533f9e8aa0cdb9701cca024e55f870a2bea65ffab94cada577685c0dada7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kingdomscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165821
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "ce27d31031166966ccfaeb90d806db1226d31a27"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame 5985 11 KB
11 KB 425ms
202ms Font
application/octet-stream 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b14"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11028
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame 5985 11 KB
11 KB 428ms
206ms Font
application/octet-stream 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://kingdomscan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b40"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11072
expires: Tue, 31 Oct 2023 17:51:02 GMT

GET
H2 206 bb7eefc66c.mp4
cdn4.telegram-cdn.org/file/ Frame 5985 176 KB
0 85ms
84ms Media
video/mp4 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn4.telegram-cdn.org/file/bb7eefc66c.mp4?token=GgptUj9iVbsJFkaVrHEHCCYlYk0PqptYMYZi7C5pYRjw32vq2qHG-nM2rAMW27I4aCkbxPvTRO08kXPXvd5L0_Z5nJ34Zi1b3atkVoRGWJ57BcpozXuIKWGOASA-q4EyC_RYMedmSZf2CSw1lq3J3NO3ol01_G9mUYQl-zjnGPjgc6N1gajnzBnviVezpNxltex2QoZooW35vq7vlalA5HXNapEDX73XGhxrlum-UJdwrlvmLF1DdC4F-xdXlweaV5TRk9rMqm7kbmLIdR6xGRehwK1UrKE4_-jZTwAGT9REUZC9MrRiY8EebEiCefNPJDJr29wWlr5rdHJtCg_ufA

Requested by

Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kingdomscan.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 16:13:06 GMT
via: 1.1 google
age: 5876
Content-Range: bytes 0-1145137/1145138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 1145138
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "682ec1f5c4ec61ae06f238ec5ce5efebf2347adb"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H3 404 bb7eefc66c.mp4
cdn4.telegram-cdn.org/file/ Frame 5985 0
0 217ms
216ms Media
text/html 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.telegram-cdn.org/file/bb7eefc66c.mp4?token=GgptUj9iVbsJFkaVrHEHCCYlYk0PqptYMYZi7C5pYRjw32vq2qHG-nM2rAMW27I4aCkbxPvTRO08kXPXvd5L0_Z5nJ34Zi1b3atkVoRGWJ57BcpozXuIKWGOASA-q4EyC_RYMedmSZf2CSw1lq3J3NO3ol01_G9mUYQl-zjnGPjgc6N1gajnzBnviVezpNxltex2QoZooW35vq7vlalA5HXNapEDX73XGhxrlum-UJdwrlvmLF1DdC4F-xdXlweaV5TRk9rMqm7kbmLIdR6xGRehwK1UrKE4_-jZTwAGT9REUZC9MrRiY8EebEiCefNPJDJr29wWlr5rdHJtCg_ufA
Requested by: Host: kingdomscan.com
URL: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.35.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kingdomscan.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range: bytes=1114112-

Response headers

GET
H2 200 pattern.svg
telegram.org/img/tgme/ Frame 5985 226 KB
81 KB 112ms
111ms Image
image/svg+xml 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/tgme/pattern.svg?1
Requested by: Host: telegram.org
URL: https://telegram.org/css/telegram-web.css?37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.org/css/telegram-web.css?37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:51:02 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
server: nginx/1.18.0
etag: W/"63b70e44-3891a"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=345600
expires: Tue, 31 Oct 2023 17:51:02 GMT

POST
H3 200 / Show response
kingdomscan.com/v/ Frame 5985 4 B
665 B 3538ms
3538ms XHR
application/json 104.21.42.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingdomscan.com/v/
Requested by: Host: telegram.org
URL: https://telegram.org/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: */*
Referer: https://kingdomscan.com/wptelegram/widget/view/@mangascanvf/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 17:51:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-two-optimize: 1
x-two-optimize-reason: Request mode is: POST
x-two-version: 2.24.14
x-powered-by: PHP/7.4.33
x-two-cache-date: 1698396836
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-two-page-is-optimized: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWNQVd%2FySLaV4Jtl7XSbplHwz%2B54ZxKyC0OY4WD6ZZw2F8WbAzYjdqHdC7HgOrRB2bn6w2RxSJyscRUbdz74h8bIqr9pIe9hKcKiGIy9rlpU0tuqlLGlXkkjIjSfFkZEgfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 81ccc8eb0a6a3700-YYZ
link: <https://kingdomscan.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://kingdomscan.com/(Line 113) Message: Failed to set referrer policy: The value 'https://www.google.com/' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 12) Message: error in fetching: Error, bypassing https://storage.ko-fi.com/cdn/widget/Widget_2.js?ver=6.3.2
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 12) Message: error in fetching: Error, bypassing https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 12) Message: error in fetching: Error, bypassing https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
worker	error	URL: https://kingdomscan.com/ Message: Access to fetch at 'https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3' from origin 'https://kingdomscan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 16) Message: error in fetching no-cors: TypeError: Failed to fetch, bypassing https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 16) Message: error in fetching: TypeError: Failed to fetch, sending XMLHttpRequesthttps://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
worker	error	URL: https://kingdomscan.com/ Message: Access to fetch at 'https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3' from origin 'https://kingdomscan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 16) Message: error in fetching no-cors: TypeError: Failed to fetch, bypassing https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 16) Message: error in fetching: TypeError: Failed to fetch, sending XMLHttpRequesthttps://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
worker	error	URL: https://kingdomscan.com/ Message: Access to XMLHttpRequest at 'https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3' from origin 'https://kingdomscan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 24) Message: error in fetching: XMLHttpRequest failed https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
worker	error	URL: https://kingdomscan.com/ Message: Access to XMLHttpRequest at 'https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3' from origin 'https://kingdomscan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 24) Message: error in fetching: XMLHttpRequest failed https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 12) Message: error in fetching: Error, bypassing https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap#038;display=swap&ver=6.3.2
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 12) Message: error in fetching: Error, bypassing https://cdn.ethers.io/lib/ethers-5.2.umd.min.js
worker	error	URL: https://kingdomscan.com/ Message: Access to fetch at 'https://cdn.ethers.io/lib/ethers-5.2.umd.min.js' from origin 'https://kingdomscan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 16) Message: error in fetching no-cors: TypeError: Failed to fetch, bypassing https://cdn.ethers.io/lib/ethers-5.2.umd.min.js
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 16) Message: error in fetching: TypeError: Failed to fetch, sending XMLHttpRequesthttps://cdn.ethers.io/lib/ethers-5.2.umd.min.js
worker	error	URL: https://kingdomscan.com/ Message: Access to XMLHttpRequest at 'https://cdn.ethers.io/lib/ethers-5.2.umd.min.js' from origin 'https://kingdomscan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 24) Message: error in fetching: XMLHttpRequest failed https://cdn.ethers.io/lib/ethers-5.2.umd.min.js
worker	info	URL: blob:https://kingdomscan.com/e1e63434-90f0-405c-830c-365d098d2ec6(Line 12) Message: error in fetching: Error, bypassing https://www.googletagmanager.com/gtag/js?id=UA-220951851-1
network	error	URL: https://cdn4.telegram-cdn.org/file/o4AwytpwRDSYNMSONX2x-GaiBD2eD893MZFkJBcfAOp2oPlyAmsPkO44iBqYezy0K7oZ9BgPtEq2jQiaYsDh2frQ7Bl514ON1S_4VKMMU6DRdc2xF-sVSvLlaiguJYE6WtCzIgDhM8-8ZmAPAKUv00op4vS6Z_sasuRN3571q_zBa1gSFqGmKhredyZpw6Rs2NeZYqueaq9_tDypiWh6mb0D8kK9hyq8gjJxAZDXYGtmqCgzA0Dt8TE3CjHABoFnuDB53iG4iZuB8ECDuE9geVUxcd5vi8etq0S892caxV5QV92bnatvJQZSlwVA2E1dJKcJ-ZV4rHpFRvTsvACKlw.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.telegram-cdn.org/file/ehSWEOhGxwtW0xw8XAbck1hgN4L5vXHWsKtoPMjtLRcVFegI69Q1it8HG-FrUj_lCe552nbKS5FwH9FIU61OqHM5Mh2n23wV5nPc6tynt17R4frqFZ5U5UbCLQ6c8Ql6xU_Jba8Qn0XWOneVbEcxMP6DOWhkcSPuwRIg6TdTj9BS4CV3PnidLHvK6Dl5dlXEDLfwvYVTa3uvOhMSInH8aC1hXGJOmSSci6E6c7QXS7weLmeUyKVq3Ff0gYGm2iVcqoN0hjL3vxHEyGdREy0TTz-RC5BV3P10rXfr1p1e3UZUMYTtgkS5cY6T_do04QDI3_tRHf5nDtee-de152XxJg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.telegram-cdn.org/file/et6eRrd_XRpPV2INlqDjlAYRlOwZwcFb30moNXgUu91RJ7oqo9MNqUxGWZQS7dLmFJEa8Uyz7WDTzrzvpJn-r78r0t5uCGewoGa9lT1gP48nowbulONXfrVQ4UgZgZrULxSfg1vcl3K5cBnNcwfjYw7rhX2tZH_Bx3UZFnkxjsVdXt96vG9cV7EUAk46LstiaDsubIJUt-9N2dAkF6FmQOMgY_SDs9hUJnvYX78yt5fIPEbMyBanYGU1oQRA4wL02KDcv_8tsnMfFo8HRoxxxoPOkTTsFRICgLuTU9k4zIW8vR0hXaJw3iS-OSmjkkg7EZhdTSMblt3ZGyxw9KSUhQ.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.telegram-cdn.org/file/KXE4ygm_8Vcl_iy2IGfHRJjP_8b-TUsnfEIrebjGXi_E72Pn1znd60hARapuNOmjNQSlF7iL5O39HVsfylUEuFFINoD33gUmcjZF5EXKZlrhz8GVXmzGa1P_L02xkE5YL2-U4PP5glKqxh72e2zvpYHbBvleXlzhtHEYi1mUqOyq6qX2c2by-ni7N-c3OfQq_RPzxIg6YSEYoX62Gau-Mih9HBKq5E3j3zUuqPd6JatC_bYNlVTfPbAWoN07KyJS4cFKCergo2Gx3y9QFoz22gRzLvxU8Txmaf-AV8eC5fD_UA3dHjjdziwDiBWS3t1qPDzdQ2EkiWI870FCRML6sQ.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn4.telegram-cdn.org/file/bb7eefc66c.mp4?token=GgptUj9iVbsJFkaVrHEHCCYlYk0PqptYMYZi7C5pYRjw32vq2qHG-nM2rAMW27I4aCkbxPvTRO08kXPXvd5L0_Z5nJ34Zi1b3atkVoRGWJ57BcpozXuIKWGOASA-q4EyC_RYMedmSZf2CSw1lq3J3NO3ol01_G9mUYQl-zjnGPjgc6N1gajnzBnviVezpNxltex2QoZooW35vq7vlalA5HXNapEDX73XGhxrlum-UJdwrlvmLF1DdC4F-xdXlweaV5TRk9rMqm7kbmLIdR6xGRehwK1UrKE4_-jZTwAGT9REUZC9MrRiY8EebEiCefNPJDJr29wWlr5rdHJtCg_ufA Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4.telegram-cdn.org
fonts.gstatic.com
kingdomscan.com
telegram.org
use.fontawesome.com
104.21.42.113
142.251.16.94
149.154.167.99
172.64.102.11
34.111.35.152
0020646d32da84bf3e786d16ad939d610e989ba3bc2304fb68072f3537c60ee0
118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4
121798c4728f88ae3fbf1d2cd5b5da046291428c457f771558ccbd803ce56dd6
1a4e93b4ff1c7bbfe27fe7c1ec197b6571369d786907f1b1c0c6754e50c9e6e4
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
29d419cc235241c2e7b8ccdea693ea6c386a9c983a8d2af229d087cca01e0baa
2b37d164f47b600eeb1b7707dee66e47863f8d615d1e3ecc03c3cf50e9269680
3a6c733f06c0610b418847ad455825ab17cb394926137fa46086e4dcc86ab9c1
41d2f3efe6e23f696bcfafc8976047eb91ac7bef93512a32449bd1b5eda706b0
42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23
470b69d22282ea5cbcac4050c2c7806d22da2f26310ab539e81d58dc590d0373
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
57b60ac0645a747d05e0c34be3ebcff2020678b7d31b185914afb8356254660d
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460
6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
9434610f03b23074f9ae8ba5dbed66819c052a1d3c8e2256296c50ddeb4fe7f8
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
994961b8f25a0b18f5050694571210c1c5348d6221561dab5f1d72b3182e2778
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743
a440cf0bb0bb85af1417e18360bae8c4969de6ea31d9f0717323a2cb24ee0eb5
a4cec04945d3b04d4250075088fbc3ae546bedb4e97a483531a9c71f562d1e26
a769736561f29bfd94cdd48a2207fcd1dfa6d6c90cf48dc68a7b162fc8927d32
b03f533f9e8aa0cdb9701cca024e55f870a2bea65ffab94cada577685c0dada7
b54b9a2eea7375952dc77e367759e55d4871382cee496b9b3ff59a9fd3cb040f
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c799b7bf9dc8a3b4d1be9b87237b06b8e1df7599d38b11efb1d8b085e34b119e
cca7b011f826dd37fa5bcb586e78cedb2f635ae2255e8b426a84aba6b0f2e78d
cf14069ec302a19217df8944d0e15fba2c5f8adf7567d47a6e1364f909448630
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d533e017b159f96b1c6becb0ca968bfd1003fdf39e61f07171e7c9ec991b9efd
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
d89c8839f894443695b52fb6f7b185218e0b412c9985f32c612dc3f73a4fcc27
df95549259093448ad7948a1adfbee38bcf3b1957197d03f6099afbf46c496f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58
e57e2eb5b45bcb888785af93864c7e4dffb2a703918b2411350cca94c2091e82
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
f2b49ae118707bc6a883c9b5d33321c1c5744e5e61ba5338ef2e7e4086d1e1b8
f33d0252a03aaeb0a0fc1c65550f4f95f178b6dd4b1c933a9d977cf4d44416b0
f35866e79080a63f856ebfef3ba0ae684339f930353635cdb9c4ff4a3cf1658b
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5569fd592a9f98733b42e918680b19ddcab0d5cf365d001b4ade87cf84968ba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbf47a99efdd282d082e9cbd31675d1bfa3719918239980d09216ca29f047526
fe3699e66b608d46ed8ed55cd7c796dbf7a5fed76baad3cc692a1b0d6e6abf7f

kingdomscan.com Open in urlscan Pro 104.21.42.113 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

95 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

3541 kBTransfer

5186 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kingdomscan.com Open in urlscan Pro
104.21.42.113 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

3541 kB
Transfer

5186 kB
Size

0
Cookies

55 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!