urlscan.io logo urlscan.io
SecurityTrails logo

www.hentaiheroes.com Open in urlscan Pro
94.75.250.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.sidekickopen68.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWYgf51Tzm602?t=http%3A...
Effective URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8U...
Submission: On August 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 94.75.250.120, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is www.hentaiheroes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 22nd 2019. Valid for: a year.
This is the only time www.hentaiheroes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 199.59.242.151 395082 (BODIS-NJ)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 198.54.112.216 22612 (NAMECHEAP...)
1 1 35.156.152.207 16509 (AMAZON-02)
6 94.75.250.120 60781 (LEASEWEB-...)
19 7
1    2606:4700::6812:d28f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
t.sidekickopen68.com
1    2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
eventtracking.hubspot.com
6    199.59.242.151 (United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)
www.gplus.to
1    2a00:1450:4001:821::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    198.54.112.216 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
5905.scenbe.com
1    35.156.152.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-152-207.eu-central-1.compute.amazonaws.com
www.gaming-adult.com
6    94.75.250.120 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: vip1-ams.srv.aur.be
www.hentaiheroes.com
Domain Requested by
6 www.hentaiheroes.com 5905.scenbe.com
www.hentaiheroes.com
6 www.gplus.to 1 redirects www.gplus.to
3 fonts.gstatic.com www.hentaiheroes.com
3 fonts.googleapis.com www.gplus.to
www.hentaiheroes.com
2 5905.scenbe.com 1 redirects www.gplus.to
1 www.gaming-adult.com 1 redirects
1 www.google.com www.gplus.to
1 eventtracking.hubspot.com 1 redirects
1 t.sidekickopen68.com 1 redirects
19 9

This site contains links to these domains. Also see Links.

Domain
www.gaming-adult.com
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.hentaiheroes.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-22 -
2020-03-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Frame ID: 5F536E9EDA36B3C3CC06A88CC6358AC3
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.sidekickopen68.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWY... HTTP 301
    https://eventtracking.hubspot.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWY... HTTP 307
    http://www.gplus.to/KronosInc Page URL
  2. http://www.gplus.to/rz?u=http%3A%2F%2F5905.scenbe.com%2Fmatch-5905%2F34949%2F121278853%2F1565702... HTTP 302
    http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e... Page URL
  3. http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e... HTTP 302
    https://www.gaming-adult.com/6ed53bb5-1c3d-4621-a1f4-84d6354fc872?country=GB&campaign.id=34949&var2=&var1... HTTP 302
    https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQK... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

19
Requests

63 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

2439 kB
Transfer

2549 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.sidekickopen68.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWYgf51Tzm602?t=http%3A%2F%2Fwww.gplus.to%2FKronosInc&si=5762524210003968&pi=a309bc28-4cea-4b7d-b129-b1dd48bcf133 HTTP 301
    https://eventtracking.hubspot.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWYgf51Tzm602?t=http%3A%2F%2Fwww.gplus.to%2FKronosInc&si=5762524210003968&pi=a309bc28-4cea-4b7d-b129-b1dd48bcf133 HTTP 307
    http://www.gplus.to/KronosInc Page URL
  2. http://www.gplus.to/rz?u=http%3A%2F%2F5905.scenbe.com%2Fmatch-5905%2F34949%2F121278853%2F1565702353%2Fmf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1%2FYXBpeDAzLWdwbHVzLnRv%2Ffeed&notadsafe HTTP 302
    http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed Page URL
  3. http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv HTTP 302
    https://www.gaming-adult.com/6ed53bb5-1c3d-4621-a1f4-84d6354fc872?country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949 HTTP 302
    https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.sidekickopen68.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWYgf51Tzm602?t=http%3A%2F%2Fwww.gplus.to%2FKronosInc&si=5762524210003968&pi=a309bc28-4cea-4b7d-b129-b1dd48bcf133 HTTP 301
  • https://eventtracking.hubspot.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWYgf51Tzm602?t=http%3A%2F%2Fwww.gplus.to%2FKronosInc&si=5762524210003968&pi=a309bc28-4cea-4b7d-b129-b1dd48bcf133 HTTP 307
  • http://www.gplus.to/KronosInc
Request Chain 9
  • http://www.gplus.to/rz?u=http%3A%2F%2F5905.scenbe.com%2Fmatch-5905%2F34949%2F121278853%2F1565702353%2Fmf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1%2FYXBpeDAzLWdwbHVzLnRv%2Ffeed&notadsafe HTTP 302
  • http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
KronosInc
www.gplus.to/
Redirect Chain
  • http://t.sidekickopen68.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWYgf51Tzm602?t=http%3A%2F%2Fwww.gplus.to%2FKronosInc&si=5762524210003968&pi=a309bc28-4cea-4b7d-...
  • https://eventtracking.hubspot.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJW7t5XZs8qCdpMN2zq9tdcVPt0W5vMrTT56dWYgf51Tzm602?t=http%3A%2F%2Fwww.gplus.to%2FKronosInc&si=5762524210003968&pi=a309bc28-4cea...
  • http://www.gplus.to/KronosInc
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gplus.to/KronosInc
Protocol
HTTP/1.1
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
66ef7e16a974f47cd3b393c314e4ca27b2437dd15a9ea853106006bd6e3c1686

Request headers

Host
www.gplus.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
openresty
Date
Tue, 13 Aug 2019 13:19:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_d2MC3fNG5KVH6KFOZCzo7ityTyuGb/1fibsK5vf6mxRhOtyvrjB73sCjOWnoB5az6U1CTdxP6iQdZxpb3Hb9gw==

Redirect headers

status
307
date
Tue, 13 Aug 2019 13:19:10 GMT
content-type
img/png
content-length
0
set-cookie
__cfduid=db63c3a349d260ce56f4f00d132c6ac581565702350; expires=Wed, 12-Aug-20 13:19:10 GMT; path=/; domain=.hubspot.com; HttpOnly _hetc=23ffa3a4-9e9f-4163-a1ac-273e085bf982|1565702350808|ACOD57cwLAIUPjGYt1hvYn5xPiKEIA0revBwFc4CFFERYqG5+SaqlvCO/BOGHE6M7Tv/;Version=1;Comment=;Domain=eventtracking.hubspot.com;Path=/;Max-Age=31536000
x-robots-tag
none
link
<http://www.gplus.to/KronosInc>; rel="canonical"
location
http://www.gplus.to/KronosInc
referrer-policy
no-referrer
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
505afaabccc027a2-FRA
caf.js
www.google.com/adsense/domains/ 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: www.gplus.to
URL: http://www.gplus.to/KronosInc
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9b6e83da68833a1ee5b897382e6ea0dd578a800191891466e23f3d9f381204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gplus.to/KronosInc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 13:19:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"16660596550077694360"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
0
Expires
Tue, 13 Aug 2019 13:19:12 GMT
px.gif
www.gplus.to/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gplus.to/px.gif?ch=1&rn=0.09185006497405523
Requested by
Host: www.gplus.to
URL: http://www.gplus.to/KronosInc
Protocol
HTTP/1.1
Security
, ,
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://www.gplus.to/KronosInc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 13:19:12 GMT
Last-Modified
Tue, 30 Jul 2019 17:23:23 GMT
Server
openresty
ETag
"5d407d0b-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
px.gif
www.gplus.to/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gplus.to/px.gif?ch=2&rn=0.09185006497405523
Requested by
Host: www.gplus.to
URL: http://www.gplus.to/KronosInc
Protocol
HTTP/1.1
Security
, ,
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://www.gplus.to/KronosInc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 13:19:12 GMT
Last-Modified
Tue, 30 Jul 2019 17:23:23 GMT
Server
openresty
ETag
"5d407d0b-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
glp
www.gplus.to/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gplus.to/glp?r=&u=http%3A%2F%2Fwww.gplus.to%2FKronosInc&rw=1600&rh=1200&ww=1600&wh=1200
Requested by
Host: www.gplus.to
URL: http://www.gplus.to/KronosInc
Protocol
HTTP/1.1
Security
, ,
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
4ea072c9c8444387a09fc0e7b485a1903d6489c609675ac871b841b3bddb7cda

Request headers

Referer
http://www.gplus.to/KronosInc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2019 13:19:13 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: www.gplus.to
URL: http://www.gplus.to/glp?r=&u=http%3A%2F%2Fwww.gplus.to%2FKronosInc&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.gplus.to/KronosInc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Aug 2019 13:19:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Aug 2019 13:19:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Tue, 13 Aug 2019 13:19:13 GMT
gzb
www.gplus.to/ 		209 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.gplus.to/gzb
Requested by
Host: www.gplus.to
URL: http://www.gplus.to/glp?r=&u=http%3A%2F%2Fwww.gplus.to%2FKronosInc&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Security
, ,
Server
199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
http://www.gplus.to/KronosInc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2019 13:19:13 GMT
Server
openresty
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
209
Expires
Mon, 26 Jul 1997 05:00:00 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://www.gplus.to
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 23 Jul 2019 19:43:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
1791324
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9016
x-xss-protection
0
expires
Wed, 22 Jul 2020 19:43:49 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://www.gplus.to
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 23 Jul 2019 19:39:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1791599
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Wed, 22 Jul 2020 19:39:14 GMT
feed
5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/
Redirect Chain
  • http://www.gplus.to/rz?u=http%3A%2F%2F5905.scenbe.com%2Fmatch-5905%2F34949%2F121278853%2F1565702353%2Fmf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1%2FYXBpeDAzLWdwbHVzLnRv%2Ffeed&notadsafe
  • http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed
411 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed
Requested by
Host: www.gplus.to
URL: http://www.gplus.to/glp?r=&u=http%3A%2F%2Fwww.gplus.to%2FKronosInc&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
198.54.112.216 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
a2fb9ac4dfd8d36286249e8ef70a260ee41ce68fe4d71a89e73a1bf5f1abcf70

Request headers

Host
5905.scenbe.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.gplus.to/KronosInc
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.gplus.to/KronosInc

Response headers

Server
nginx/1.6.2
Date
Tue, 13 Aug 2019 13:19:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Content-Encoding
gzip

Redirect headers

Server
openresty
Date
Tue, 13 Aug 2019 13:19:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Location
http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed
Primary Request Cookie set /
www.hentaiheroes.com/landing/EN/VL/LP2/
Redirect Chain
  • http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv
  • https://www.gaming-adult.com/6ed53bb5-1c3d-4621-a1f4-84d6354fc872?country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
  • https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3K...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Requested by
Host: 5905.scenbe.com
URL: http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.75.250.120 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
vip1-ams.srv.aur.be
Software
Apache/2.4.25 (Debian) /
Resource Hash
241feeec297750e5c2bfbe4edd2715e702ab0616aebe0d10ed4c739833ca34c7

Request headers

Host
www.hentaiheroes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://5905.scenbe.com/match-5905/34949/121278853/1565702353/mf_5fa3b89c-05d3-47bf-b835-46e7246ca9e1/YXBpeDAzLWdwbHVzLnRv/feed

Response headers

Date
Tue, 13 Aug 2019 13:19:24 GMT
Server
Apache/2.4.25 (Debian)
Last-Modified
Fri, 05 Apr 2019 09:43:48 GMT
ETag
"978-585c552da795d-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1114
Content-Type
text/html; charset=utf-8
Set-Cookie
HAPBK=web5; path=/
Cache-control
private

Redirect headers

Server
nginx
Date
Tue, 13 Aug 2019 13:19:17 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Pragma
no-cache
Set-Cookie
6ed53bb5-1c3d-4621-a1f4-84d6354fc872-v4=6ed53bb5-1c3d-4621-a1f4-84d6354fc872;Max-Age=86400;Expires=Wed, 14-Aug-2019 13:19:17 GMT;domain=www.gaming-adult.com;path=/;HttpOnly cep-v4=LGUhEujxjQr48D6XFITsolPJO56uhL3SW5O5v5W9ZSQqjbDjzvR71_IgePt95bYjhpC-WoSkpvTWzZyfikG0aS-GA5afe1A8_-Al9cmONNEpGbk-fAo0DG2rSxXVbrsD_7QpNV7_GO8MHGNffF4n9CgCsffxC7WjvvMDXGPiAyAYGfM8JJlCSGPh55F-aJGuCA-nIjMMDw5SGTMxStQE1gBskrdact4scVJv7XwymETPckseQx7QGUDJyE81pUzpgjVIM2jBrHVa2Au3yb_z_LcbI38MgtO17EyGw7H8_pwgkrreuLyPTrsoOhPEbINcIhi0DBp_Y13DsYX-qv0APqUJm2ofN-rsraaH1R0qMXBP-y_jwhNy9u9g8V6BdJZQ;Max-Age=86400;Expires=Wed, 14-Aug-2019 13:19:17 GMT;domain=www.gaming-adult.com;path=/;HttpOnly
index.css
www.hentaiheroes.com/landing/EN/VL/LP2/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hentaiheroes.com/landing/EN/VL/LP2/index.css
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.75.250.120 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
vip1-ams.srv.aur.be
Software
Apache/2.4.25 (Debian) /
Resource Hash
83ff1b50f2e58df3658a566e0740206a427f0a06306f85027269f697866f97de

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 13:19:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jun 2017 14:54:57 GMT
Server
Apache/2.4.25 (Debian)
ETag
"ebc-552656f5b9240-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1104
css
fonts.googleapis.com/ 		2 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Carter+One|Kalam:700
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ed8f5713303ae8441d40181931f5b50c72e153532e4b8423800d87e201161a78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Aug 2019 13:19:24 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Aug 2019 13:19:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Tue, 13 Aug 2019 13:19:24 GMT
css
fonts.googleapis.com/ 		448 B
346 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Luckiest+Guy
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1e769ea341daa31988a9141b7e13d22ebba186bb7814067a78223e87eb976aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Aug 2019 13:19:24 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Aug 2019 13:19:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Tue, 13 Aug 2019 13:19:24 GMT
bg.jpg
www.hentaiheroes.com/landing/EN/VL/LP2/files/ 		869 KB
869 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hentaiheroes.com/landing/EN/VL/LP2/files/bg.jpg
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.75.250.120 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
vip1-ams.srv.aur.be
Software
Apache/2.4.25 (Debian) /
Resource Hash
6acb370d95611e67b414ae43fc5927a772edae715ecb2791c99633ae24606850

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 13:19:24 GMT
Last-Modified
Mon, 19 Jun 2017 13:43:45 GMT
Server
Apache/2.4.25 (Debian)
Accept-Ranges
bytes
ETag
"d93a7-5525052e2a640"
Content-Length
889767
Content-Type
image/jpeg
logo.png
www.hentaiheroes.com/landing/EN/VL/LP2/files/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hentaiheroes.com/landing/EN/VL/LP2/files/logo.png
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.75.250.120 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
vip1-ams.srv.aur.be
Software
Apache/2.4.25 (Debian) /
Resource Hash
aed717f5d12cdb022cef59a013626241c589216f8c45972c906f5214fa7130bb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 13:19:24 GMT
Last-Modified
Mon, 19 Jun 2017 13:43:46 GMT
Server
Apache/2.4.25 (Debian)
Accept-Ranges
bytes
ETag
"7015-5525052f1e880"
Content-Length
28693
Content-Type
image/png
bg_video.mp4
www.hentaiheroes.com/landing/EN/VL/LP2/files/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.hentaiheroes.com/landing/EN/VL/LP2/files/bg_video.mp4
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.75.250.120 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
vip1-ams.srv.aur.be
Software
Apache/2.4.25 (Debian) /
Resource Hash
a411cc5b7a210fd7a5e5c9d4456155b38acf4b22df288b271c53446b05d7e531

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 13 Aug 2019 13:19:24 GMT
Last-Modified
Mon, 19 Jun 2017 13:43:47 GMT
Server
Apache/2.4.25 (Debian)
ETag
"164ce7-5525053012ac0"
Content-Type
video/mp4
Content-Range
bytes 0-1461478/1461479
Accept-Ranges
bytes
Content-Length
1461479
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
_gP_1RrxsjcxVyin9l9n_j2hTd52ijl7aQ.woff2
fonts.gstatic.com/s/luckiestguy/v10/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/luckiestguy/v10/_gP_1RrxsjcxVyin9l9n_j2hTd52ijl7aQ.woff2
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5ac8218553abd13b259607a81708df0e170ba255cf4e7b3937c3ff8520b18936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Luckiest+Guy
Origin
https://www.hentaiheroes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 22:09:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:55:52 GMT
server
sffe
age
54621
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17188
x-xss-protection
0
expires
Tue, 11 Aug 2020 22:09:03 GMT
blur-bar.png
www.hentaiheroes.com/landing/EN/VL/LP2/files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hentaiheroes.com/landing/EN/VL/LP2/files/blur-bar.png
Requested by
Host: www.hentaiheroes.com
URL: https://www.hentaiheroes.com/landing/EN/VL/LP2/?cep=OnR8JDoWlNgykJv0Yhk5avB_KjXiWKrMqF43BcD4G0Agou0_HntQKC3yqerBe9QCRn7mY_X8UP12fihqxrTGr81xwnaEDFNWmstUI5cHfdCfWCKKQs4KOUNlTq8LR8i1IISaVDra6mkupFJ3Kcm-U3O4Ta98tmBcjxVRwGa0V1RKAl_1ko9jaNHpy5LANwjoUaaDqO8qp382y_0lHK2P8WbAFROI8jwgoAeBf3WKFDYKrb9fh4nyRI35AMMdOZy70YU7xaiH2jA_HgsWzFGO5YlTTDw9j-VIbIeYlT3mgWWr6UCCgl64TahLC5cy3e-zZZ9G7P4DF7sCK7IyEGZD9eexEqBryxXIF8sEJcKRT83q73e0RcdsihXkVOAZq48l&lptoken=158f658370f8417957b4&country=GB&campaign.id=34949&var2=&var1=&trafficsource.id=apix03-gplus.to&cpv=0.0005&externalid=1565702356.91-121278853-34949
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.75.250.120 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
vip1-ams.srv.aur.be
Software
Apache/2.4.25 (Debian) /
Resource Hash
63ed96ab47d098f588ce98a8cc994ed1a962b76fc915b7480fd1e461ea6c1cb0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.hentaiheroes.com/landing/EN/VL/LP2/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 13:19:25 GMT
Last-Modified
Mon, 19 Jun 2017 13:43:46 GMT
Server
Apache/2.4.25 (Debian)
Accept-Ranges
bytes
ETag
"10da-5525052f1e880"
Content-Length
4314
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
www.hentaiheroes.com/ Name: HAPBK
Value: web5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5905.scenbe.com
eventtracking.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
t.sidekickopen68.com
www.gaming-adult.com
www.google.com
www.gplus.to
www.hentaiheroes.com
198.54.112.216
199.59.242.151
2606:4700::6810:fb05
2606:4700::6812:d28f
2a00:1450:4001:808::2003
2a00:1450:4001:818::200a
2a00:1450:4001:821::2004
35.156.152.207
94.75.250.120
1e769ea341daa31988a9141b7e13d22ebba186bb7814067a78223e87eb976aa2
241feeec297750e5c2bfbe4edd2715e702ab0616aebe0d10ed4c739833ca34c7
4ea072c9c8444387a09fc0e7b485a1903d6489c609675ac871b841b3bddb7cda
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ac8218553abd13b259607a81708df0e170ba255cf4e7b3937c3ff8520b18936
5b9b6e83da68833a1ee5b897382e6ea0dd578a800191891466e23f3d9f381204
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
63ed96ab47d098f588ce98a8cc994ed1a962b76fc915b7480fd1e461ea6c1cb0
66ef7e16a974f47cd3b393c314e4ca27b2437dd15a9ea853106006bd6e3c1686
6acb370d95611e67b414ae43fc5927a772edae715ecb2791c99633ae24606850
83ff1b50f2e58df3658a566e0740206a427f0a06306f85027269f697866f97de
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a2fb9ac4dfd8d36286249e8ef70a260ee41ce68fe4d71a89e73a1bf5f1abcf70
a411cc5b7a210fd7a5e5c9d4456155b38acf4b22df288b271c53446b05d7e531
aed717f5d12cdb022cef59a013626241c589216f8c45972c906f5214fa7130bb
b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d
ed8f5713303ae8441d40181931f5b50c72e153532e4b8423800d87e201161a78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629