urlscan.io logo urlscan.io
SecurityTrails logo

e-hentai.org Open in urlscan Pro
104.20.135.21  Public Scan

Go To Rescan Add Verdict Report
URL: http://e-hentai.org/
Submission: On June 16 via manual from CN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 104.20.135.21, located in United States and belongs to CLOUDFLARENET, US. The main domain is e-hentai.org.
This is the only time e-hentai.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.20.135.21 13335 (CLOUDFLAR...)
4 185.94.237.102 42567 (MOJHOST-EU)
5 2001:1af8:470... 60781 (LEASEWEB-...)
1 185.98.53.17 39572 (ADVANCEDH...)
1 69.16.175.10 20446 (HIGHWINDS3)
2 13.32.2.6 16509 (AMAZON-02)
2 31.220.24.176 39572 (ADVANCEDH...)
8 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
29 9
3    104.20.135.21 (United States)

ASN13335 (CLOUDFLARENET, US)
e-hentai.org
4    185.94.237.102 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
adserver.juicyads.com
5    2001:1af8:4700:a062:8::47de (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ehgt.org
1    185.98.53.17 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
r.trwl1.com
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
ads.juicyads.me
2    13.32.2.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-6.vie50.r.cloudfront.net
cdn.creativesumo.com
2    31.220.24.176 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
api.trwl1.com
8    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
static.javhd.com
Domain Requested by
8 static.javhd.com r.trwl1.com
static.javhd.com
5 ehgt.org e-hentai.org
4 adserver.juicyads.com e-hentai.org
adserver.juicyads.com
3 e-hentai.org e-hentai.org
2 api.trwl1.com r.trwl1.com
api.trwl1.com
2 cdn.creativesumo.com adserver.juicyads.com
cdn.creativesumo.com
1 ads.juicyads.me adserver.juicyads.com
1 r.trwl1.com adserver.juicyads.com
29 8

This site contains links to these domains. Also see Links.

Domain
upload.e-hentai.org
forums.e-hentai.org
ehwiki.org
hentaiverse.org
twitter.com
Subject Issuer Validity Valid
*.e-hentai.org
Gandi Standard SSL CA 2		 2021-01-26 -
2022-02-26		 a year crt.sh
ehgt.org
Gandi Standard SSL CA 2		 2019-12-30 -
2022-01-27		 2 years crt.sh
r.trwl1.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-10 -
2021-07-11		 a year crt.sh
cdn.creativesumo.com
Amazon		 2020-09-04 -
2021-10-06		 a year crt.sh
api.trwl1.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-06 -
2022-03-07		 a year crt.sh
1079288232.rsc.cdn77.org
R3		 2021-04-14 -
2021-07-13		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://e-hentai.org/
Frame ID: 628883F40193FD8FCD47050A795E1814
Requests: 10 HTTP requests in this frame

Frame: http://adserver.juicyads.com/adshow.php?adzone=19869
Frame ID: 25FD3EBF37FCE6F30B9F9B495CB2C9D5
Requests: 1 HTTP requests in this frame

Frame: http://adserver.juicyads.com/adshow.php?adzone=19869
Frame ID: E8CEBED3E352936A5955D17300EB9A26
Requests: 1 HTTP requests in this frame

Frame: http://adserver.juicyads.com/adshow.php?adzone=671616
Frame ID: 5C3E6C4870036FAE4001555DA0BBDF35
Requests: 1 HTTP requests in this frame

Frame: http://adserver.juicyads.com/adshow.php?adzone=671616
Frame ID: 199D48A1E8F4CC19A769746569257E4F
Requests: 2 HTTP requests in this frame

Frame: http://adserver.juicyads.com/adshow.php?adzone=19553
Frame ID: A2EC95D307D24AE2A63014AFAF28B4CE
Requests: 1 HTTP requests in this frame

Frame: http://adserver.juicyads.com/adshow.php?adzone=19553
Frame ID: F62FFD64BCCD82313AC8A8522BF46E07
Requests: 1 HTTP requests in this frame

Frame: https://r.trwl1.com/s1/6a58c6d1-292e-4e25-be54-da3075d93839?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=FR&cv3=115&cv4=6666&cv5=19869&cv6=
Frame ID: 3395BD29527CE9657C7FEDD84C5544E4
Requests: 3 HTTP requests in this frame

Frame: https://cdn.creativesumo.com/html/d/a/da1bcd0cd01496b4255ced02d0431036.html
Frame ID: 85FAA5CBDFF56A2B6F628572F072FF33
Requests: 2 HTTP requests in this frame

Frame: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Frame ID: 9502538C3F4D10CC094595EEF077BACD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

29
Requests

69 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

4067 kB
Transfer

4321 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
e-hentai.org/ 		68 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://e-hentai.org/
Protocol
HTTP/1.1
Server
104.20.135.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072784ae269380977110d9006bfa9cfe1662c8f0b6a7bf1f51054aa294785aa0

Request headers

Host
e-hentai.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 13:15:27 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
10664
Connection
keep-alive
Cache-Control
no-cache
mixed-content
noupgrade
Vary
Accept-Encoding
Content-Encoding
gzip
X-Varnish
600203956
Age
0
Via
1.1 varnish (Varnish/6.0)
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
cf-request-id
0ab68f754400004083668fd000000001
Server
cloudflare
CF-RAY
66044e9b9ce24083-LHR
g.css
e-hentai.org/z/0348/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e-hentai.org/z/0348/g.css
Requested by
Host: e-hentai.org
URL: http://e-hentai.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.135.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a87c8ee0822e6916f75d2693cfd2fd503788c1e0dfabb975239af8ccd7a716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2125820
cf-ray
66044e9cdb4f53ec-LHR
content-length
5709
cf-request-id
0ab68f7605000053ec42bc7000000001
last-modified
Sun, 04 Oct 2020 09:02:36 GMT
server
cloudflare
etag
"69f6-5b0d4a0824300-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; preload;
x-varnish
269864948 172292418
via
1.1 varnish (Varnish/6.0)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Sun, 20 Jun 2021 15:25:36 GMT
jads.js
adserver.juicyads.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adserver.juicyads.com/js/jads.js
Requested by
Host: e-hentai.org
URL: http://e-hentai.org/
Protocol
HTTP/1.1
Server
185.94.237.102 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 13:15:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 22:52:08 GMT
Server
nginx
ETag
W/"5f8f6a18-eb9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close
ehg_index.c.js
e-hentai.org/z/0348/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-hentai.org/z/0348/ehg_index.c.js
Requested by
Host: e-hentai.org
URL: http://e-hentai.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.135.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171cea27f75a721e41285dc6ac2cdf04eca92d1a00b1167ef50f83e8844edd81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2125890
cf-ray
66044e9cdb5053ec-LHR
content-length
1706
cf-request-id
0ab68f7605000053ec20198000000001
last-modified
Thu, 28 Mar 2019 09:46:02 GMT
server
cloudflare
etag
"1690-585246c122a80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; preload;
x-varnish
216866484 260857278
via
1.1 varnish (Varnish/6.0)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 18 Jun 2021 09:50:26 GMT
c42cb4e627116a527d3734b2b368256624cd263a-845161-2480-3508-jpg_250.jpg
ehgt.org/t/c4/2c/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ehgt.org/t/c4/2c/c42cb4e627116a527d3734b2b368256624cd263a-845161-2480-3508-jpg_250.jpg
Requested by
Host: e-hentai.org
URL: http://e-hentai.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1af8:4700:a062:8::47de , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
d83296d802be1a702a5fdb9ce1b34ff0202b6d97aa4a1b47b39cd239056e0cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
last-modified
Wed, 16 Jun 2021 09:12:08 GMT
server
nginx/1.14.1
etag
"60c9c068-67c6"
strict-transport-security
max-age=31536000; preload
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26566
expires
Thu, 16 Jun 2022 13:15:28 GMT
t.png
ehgt.org/g/ 		913 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ehgt.org/g/t.png
Requested by
Host: e-hentai.org
URL: http://e-hentai.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1af8:4700:a062:8::47de , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
22695c8f67ff1c300f30a793768774c09772259db5addda07f23fb3b377b77c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
last-modified
Sat, 25 May 2013 00:24:06 GMT
server
nginx/1.14.1
etag
"51a004a6-391"
strict-transport-security
max-age=31536000; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
913
expires
Thu, 16 Jun 2022 13:15:28 GMT
td.png
ehgt.org/g/ 		783 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ehgt.org/g/td.png
Requested by
Host: e-hentai.org
URL: http://e-hentai.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1af8:4700:a062:8::47de , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
dbfab87e3ed5751a614a954c1f33c67f0beb1940ad9d41ec2385de069d04123f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
last-modified
Mon, 16 Apr 2018 19:16:34 GMT
server
nginx/1.14.1
etag
"5ad4f692-30f"
strict-transport-security
max-age=31536000; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
783
expires
Thu, 16 Jun 2022 13:15:28 GMT
mr.gif
ehgt.org/g/ 		103 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ehgt.org/g/mr.gif
Requested by
Host: e-hentai.org
URL: http://e-hentai.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1af8:4700:a062:8::47de , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
2f7d301dddc3343680345c31e58295ac8c3d71d1f40a5216cd40eb0242d81e75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
last-modified
Sun, 18 Mar 2007 03:32:14 GMT
server
nginx/1.14.1
etag
"45fcb2be-67"
strict-transport-security
max-age=31536000; preload
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
103
expires
Thu, 16 Jun 2022 13:15:28 GMT
adshow.php
adserver.juicyads.com/ Frame 25FD 		0
0
Cookie set adshow.php
adserver.juicyads.com/ Frame E8CE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adserver.juicyads.com/adshow.php?adzone=19869
Requested by
Host: adserver.juicyads.com
URL: http://adserver.juicyads.com/js/jads.js
Protocol
HTTP/1.1
Server
185.94.237.102 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
9bf7854f6bc9f40f77dd0bce53f3dda7712a75d02fddcc14f50128c8def15f5f

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://e-hentai.org/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://e-hentai.org/

Response headers

Server
nginx
Date
Wed, 16 Jun 2021 13:15:28 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=d6c56069d835ff3302a212b6b8e0ad77; expires=Thu, 16-Jun-2022 13:15:28 GMT; Max-Age=31536000; path=/; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Sat, 19-Jun-2021 13:15:28 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 19-Jun-2021 13:15:28 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
rt.png
ehgt.org/g/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ehgt.org/g/rt.png
Requested by
Host: e-hentai.org
URL: https://e-hentai.org/z/0348/g.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1af8:4700:a062:8::47de , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
920218a86982664f6224cf1d2f17a28a83bf7830e5dee4d04e0c56d6d1cf15d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://e-hentai.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
last-modified
Fri, 31 May 2013 14:17:37 GMT
server
nginx/1.14.1
etag
"51a8b101-8bf"
strict-transport-security
max-age=31536000; preload
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2239
expires
Thu, 16 Jun 2022 13:15:28 GMT
adshow.php
adserver.juicyads.com/ Frame 5C3E 		0
0
Cookie set adshow.php
adserver.juicyads.com/ Frame 199D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adserver.juicyads.com/adshow.php?adzone=671616
Requested by
Host: adserver.juicyads.com
URL: http://adserver.juicyads.com/js/jads.js
Protocol
HTTP/1.1
Server
185.94.237.102 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
c63a3e4fa974f8a8ce70c3ed1a40157be25ee7e274752e49838a58cee321caf5

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://e-hentai.org/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://e-hentai.org/

Response headers

Server
nginx
Date
Wed, 16 Jun 2021 13:15:28 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=d6c56069d835ff3302a212b6b8e0ad77; expires=Thu, 16-Jun-2022 13:15:28 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps42089=1; expires=Thu, 17-Jun-2021 13:15:28 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjExNTI3NDY7aToxNjI0MTA4NTI4O30%3D; expires=Sat, 19-Jun-2021 13:15:28 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 19-Jun-2021 13:15:28 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
adshow.php
adserver.juicyads.com/ Frame A2EC 		0
0
Cookie set adshow.php
adserver.juicyads.com/ Frame F62F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adserver.juicyads.com/adshow.php?adzone=19553
Requested by
Host: adserver.juicyads.com
URL: http://adserver.juicyads.com/js/jads.js
Protocol
HTTP/1.1
Server
185.94.237.102 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
8273e7c022d0eefb6a0f6dffacf1468a008bb6780342509c452322dc97287bb4

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://e-hentai.org/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://e-hentai.org/

Response headers

Server
nginx
Date
Wed, 16 Jun 2021 13:15:28 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=d6c56069d835ff3302a212b6b8e0ad77; expires=Thu, 16-Jun-2022 13:15:28 GMT; Max-Age=31536000; path=/; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Sat, 19-Jun-2021 13:15:28 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 19-Jun-2021 13:15:28 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
Cookie set 6a58c6d1-292e-4e25-be54-da3075d93839
r.trwl1.com/s1/ Frame 3395 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.trwl1.com/s1/6a58c6d1-292e-4e25-be54-da3075d93839?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=FR&cv3=115&cv4=6666&cv5=19869&cv6=
Requested by
Host: adserver.juicyads.com
URL: http://adserver.juicyads.com/adshow.php?adzone=19869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.17 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
df316b6efcbcc803d3e99a98a3f9be150c9722602ce69893c20404c5bb87d45c

Request headers

Host
r.trwl1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://adserver.juicyads.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://adserver.juicyads.com/

Response headers

Server
nginx/1.20.1
Date
Wed, 16 Jun 2021 13:15:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
uid=wIov-WofM; Path=/; Domain=trwl1.com; Expires=Thu, 17 Jun 2021 13:15:28 GMT; HttpOnly
X-Request-Id
0e1bf27a-d13e-4fa7-a6c1-dc9c6982f454
Content-Encoding
gzip
42089-1612729526-0997118001612729526.gif
ads.juicyads.me/network/user53847/ Frame 199D 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ads.juicyads.me/network/user53847/42089-1612729526-0997118001612729526.gif
Requested by
Host: adserver.juicyads.com
URL: http://adserver.juicyads.com/adshow.php?adzone=671616
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
2d3bf79cce1525164bdccd6340d4ceca069c8704a23635eacf3336e032c55d35

Request headers

Referer
http://adserver.juicyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 13:15:28 GMT
Last-Modified
Sun, 07 Feb 2021 20:25:27 GMT
ETag
"1612729527"
X-HW
1623849328.dop207.pa1.t,1623849328.cds039.pa1.c
Content-Type
image/gif
Cache-Control
max-age=30252048
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1477714
da1bcd0cd01496b4255ced02d0431036.html
cdn.creativesumo.com/html/d/a/ Frame 85FA 		988 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.creativesumo.com/html/d/a/da1bcd0cd01496b4255ced02d0431036.html
Requested by
Host: adserver.juicyads.com
URL: http://adserver.juicyads.com/adshow.php?adzone=19553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-6.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a38512b41d90722372f02e524a30828897a72ae9f22804907debaf86b644eb0

Request headers

:method
GET
:authority
cdn.creativesumo.com
:scheme
https
:path
/html/d/a/da1bcd0cd01496b4255ced02d0431036.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://adserver.juicyads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://adserver.juicyads.com/

Response headers

content-length
988
date
Tue, 11 May 2021 15:45:51 GMT
last-modified
Tue, 21 Apr 2020 01:13:28 GMT
etag
"da1bcd0cd01496b4255ced02d0431036"
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
mGs49vGTqJH9l4p2XOjg5fBVWBeieB2v_KSUg4PzWdRZD7i7n0BAfA==
age
3101377
gcrt.js
api.trwl1.com/ascripts/ Frame 3395 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trwl1.com/ascripts/gcrt.js
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/6a58c6d1-292e-4e25-be54-da3075d93839?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=FR&cv3=115&cv4=6666&cv5=19869&cv6=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
58e792c49e41501a97a9d37f29f09663c7894414204ea12595d2a8c7db2ad35b

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
amsterdamNL
Date
Wed, 16 Jun 2021 13:15:28 GMT
Content-Encoding
br
X-77-NZT-Ray
GZATOY5ewkQ=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1rAFFhf3vw20AAA==
Last-Modified
Mon, 18 May 2020 15:56:42 GMT
Server
nginx/1.20.1
ETag
W/"5ec2b03a-16b2e"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Age
28099
Expires
Thu, 17 Jun 2021 05:27:09 GMT
728x90.html
static.javhd.com/h5/files/11217/ Frame 9502 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/6a58c6d1-292e-4e25-be54-da3075d93839?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=FR&cv3=115&cv4=6666&cv5=19869&cv6=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
42f4fec2fd9d5bbbcfe990cf184e813d80c176fb8113d8c714de88cf53965c76

Request headers

:method
GET
:authority
static.javhd.com
:scheme
https
:path
/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://r.trwl1.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://r.trwl1.com/

Response headers

date
Wed, 16 Jun 2021 13:15:28 GMT
content-type
text/html
last-modified
Wed, 10 Jul 2019 12:28:49 GMT
etag
W/"5d25da01-1200"
expires
Thu, 08 Jul 2021 18:54:04 GMT
cache-control
max-age=2592000
access-control-allow-origin
*
x-accel-expires
@1625770444
server
CDN77-Turbo
x-77-nzt
AcO1rgXp+CPvpDwKAA==
x-77-nzt-ray
2nTC5nFPc74=
x-cache
HIT
x-age
670884
x-77-pop
frankfurtDE
x-77-cache
HIT
content-encoding
br
style.css
static.javhd.com/h5/files/css/ Frame 9502 		2 KB
805 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.javhd.com/h5/files/css/style.css
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1

Request headers

Referer
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 16 Jun 2021 13:15:28 GMT
content-encoding
br
x-77-nzt-ray
M2AFfLrxqgk=
x-77-cache
HIT
x-cache
HIT
x-age
1124065
x-77-nzt
AcO1rgWExD7v4SYRAA==
x-accel-expires
@1654261263
last-modified
Wed, 25 May 2016 08:29:12 GMT
server
CDN77-Turbo
etag
W/"57456258-7bd"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Fri, 03 Jun 2022 13:01:03 GMT
mobile_video_player.min.js
static.javhd.com/h5/files/js/ Frame 9502 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.javhd.com/h5/files/js/mobile_video_player.min.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bd2d3a0de3322e6c04de5e94fb0c7f4314502031e050bc59c0eeda19f1b6d122

Request headers

Referer
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 16 Jun 2021 13:15:28 GMT
content-encoding
br
x-77-nzt-ray
dV/5fbCIM9E=
x-77-cache
HIT
x-cache
HIT
x-age
1124065
x-77-nzt
AcO1rgUipAHv4SYRAA==
x-accel-expires
@1654261263
last-modified
Tue, 12 Jan 2016 11:55:17 GMT
server
CDN77-Turbo
etag
W/"5694e9a5-7636"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Fri, 03 Jun 2022 13:01:03 GMT
video.js
static.javhd.com/h5/files/js/ Frame 9502 		116 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.javhd.com/h5/files/js/video.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f7d63ff552e165a8fcc86c99f205873431c9f66bb571f2b0b84d06d73af2fed8

Request headers

Referer
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 16 Jun 2021 13:15:28 GMT
content-encoding
br
x-77-nzt-ray
/SfEyWmuEBo=
x-77-cache
HIT
x-cache
HIT
x-age
1124264
x-77-nzt
AcO1rgV46bXvqCcRAA==
x-accel-expires
@1654261064
last-modified
Tue, 10 Nov 2015 10:24:20 GMT
server
CDN77-Turbo
etag
W/"5641c5d4-1cf02"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Fri, 03 Jun 2022 12:57:44 GMT
16-overlay-preview.png
static.javhd.com/h5/files/overlay/ Frame 9502 		507 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.javhd.com/h5/files/overlay/16-overlay-preview.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
90b8ab0ecc1d52738d7f0c0bb413375bd6e2f7d7f22d4adf1b1df004ee5d4d43

Request headers

Referer
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 16 Jun 2021 13:15:28 GMT
x-77-nzt-ray
rMYjcfuCXRg=
x-77-cache
HIT
x-cache
HIT
x-age
1124060
content-length
507
x-77-nzt
AcO1rgUnIQTv3CYRAA==
x-accel-expires
@1654261268
last-modified
Tue, 06 Feb 2018 18:18:14 GMT
server
CDN77-Turbo
etag
"5a79f166-1fb"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 13:01:08 GMT
16-overlay.png
static.javhd.com/h5/files/overlay/ Frame 9502 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.javhd.com/h5/files/overlay/16-overlay.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
eca2a576dcb0e650c0701e96f1d4e7336cd0adc970cedbc7e8a72638ca2aa43e

Request headers

Referer
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 16 Jun 2021 13:15:28 GMT
x-77-nzt-ray
et4ea5lGfWM=
x-77-cache
HIT
x-cache
HIT
x-age
1124060
content-length
4224
x-77-nzt
AcO1rgUOKDDv3CYRAA==
x-accel-expires
@1654261268
last-modified
Tue, 06 Feb 2018 18:15:47 GMT
server
CDN77-Turbo
etag
"5a79f0d3-1080"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 13:01:08 GMT
19-button.png
static.javhd.com/h5/files/button/ Frame 9502 		504 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.javhd.com/h5/files/button/19-button.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
549b9bd0060e105223af22424e20b6dce5b9276b90bda0af13a1b0fc503bd673

Request headers

Referer
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 16 Jun 2021 13:15:28 GMT
x-77-nzt-ray
CBBLOy185QU=
x-77-cache
HIT
x-cache
HIT
x-age
1124263
content-length
504
x-77-nzt
AcO1rgX6PgvvpycRAA==
x-accel-expires
@1654261065
last-modified
Fri, 11 Dec 2015 19:04:22 GMT
server
CDN77-Turbo
etag
"566b1e36-1f8"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 12:57:45 GMT
3189-24876-728x90.mp4
static.javhd.com/h5/files/video/ Frame 9502 		725 KB
726 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.javhd.com/h5/files/video/3189-24876-728x90.mp4
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
69340be8a576da1ae5583b9ecefcbada946ac202ee07656ff600856cb94951bf

Request headers

Referer
https://static.javhd.com/h5/files/11217/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fae3e38ab-1508-4c52-a9a7-fb6afac7572e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DFR%26cv3%3D115%26cv4%3D6666%26cv5%3D19869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzAyMDcsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjE5OTJ9
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Wed, 16 Jun 2021 13:15:28 GMT
x-77-nzt-ray
1T3jiMA9ycw=
x-77-cache
HIT
Content-Range
bytes 0-742401/742402
x-cache
HIT
x-age
789
Content-Length
742402
x-77-nzt
AcO1rgUkn3rvFQMAAA==
x-accel-expires
@1623934939
last-modified
Wed, 10 Jul 2019 12:28:45 GMT
server
CDN77-Turbo
etag
"5d25d9fd-b5402"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=86400
expires
Fri, 04 Jun 2021 13:01:09 GMT
v4
api.trwl1.com/t/rtb_event/ Frame 3395 		65 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trwl1.com/t/rtb_event/v4?e_t=pageview&url=https%253A%252F%252Fr.trwl1.com%252Fs1%252F6a58c6d1-292e-4e25-be54-da3075d93839%253FexternalId%253D%257BextPlaceholder%257D%2526cost%253D%257BcostPlaceholder%257D%2526cv1%253D%257BdynamicCON%257D%2526cv2%253DFR%2526cv3%253D115%2526cv4%253D6666%2526cv5%253D19869%2526cv6%253D&ref=http%253A%252F%252Fadserver.juicyads.com%252F&d_r=1&d_s=1600x1200&d_w=728x90&t_s=1623849328428&t_i=1623849328437&u_tz=2&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=6fe261fe-4e0d-4a2e-b2d0-57d417809060&nav_rc=0&nav_nt=NAVIGATE&t_op=0.639&p_nn=trwl-tds&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=bb8cb4f3ac91973222adc00840fca945&sid=6fd80018f3583471e2608437f8d4880f&u_adb=0&vn=R-1.3.2&utm_typ=referral&utm_src=adserver.juicyads.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22impressionId%22%3A%22eb647935-cea4-11eb-95e0-2af328fa7f4c%22%2C%22spotId%22%3A%2221992%22%7D&cb=gl.cb.pv
Requested by
Host: api.trwl1.com
URL: https://api.trwl1.com/ascripts/gcrt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a5978b6aa5455afe9c8953c67191b7b6b474186001f60ea6b782cfccdeba2938

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 13:15:29 GMT
Server
nginx/1.20.1
Access-Control-Max-Age
864000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
65
8dcf1ef518bd96a04ccc1a49703affbd.mp4
cdn.creativesumo.com/mp4/8/d/ Frame 85FA 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.creativesumo.com/mp4/8/d/8dcf1ef518bd96a04ccc1a49703affbd.mp4
Requested by
Host: cdn.creativesumo.com
URL: https://cdn.creativesumo.com/html/d/a/da1bcd0cd01496b4255ced02d0431036.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-6.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
573d746e2353c40eb8db74461cd6dd8358fa6b7a22f492c91ec54b0ee12fe978

Request headers

Referer
https://cdn.creativesumo.com/html/d/a/da1bcd0cd01496b4255ced02d0431036.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 04 Feb 2021 02:41:58 GMT
via
1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 01:13:27 GMT
server
AmazonS3
age
11442812
etag
"8dcf1ef518bd96a04ccc1a49703affbd"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-1801365/1801366
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
Content-Length
1801366
x-amz-cf-id
Nx0ZWllTmewGCWKpgzUIx_UJUqZE6V4SYQmqyGOgZwi1e-faNSJMFw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adserver.juicyads.com
URL
http://adserver.juicyads.com/adshow.php?adzone=19869
Domain
adserver.juicyads.com
URL
http://adserver.juicyads.com/adshow.php?adzone=671616
Domain
adserver.juicyads.com
URL
http://adserver.juicyads.com/adshow.php?adzone=19553

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| popUp object| adsbyjuicy function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge object| a string| x number| mhz function| toggle_advsearch_pane function| show_advsearch_pane function| hide_advsearch_pane function| toggle_filesearch_pane function| show_filesearch_pane function| hide_filesearch_pane function| load_pane_image function| preload_pane_image number| visible_pane function| show_image_pane function| hide_image_pane function| update_favsel function| toggle_category function| search_presubmit function| cancel_event string| ulhost string| getrowurl

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.juicyads.me
adserver.juicyads.com
api.trwl1.com
cdn.creativesumo.com
e-hentai.org
ehgt.org
r.trwl1.com
static.javhd.com
adserver.juicyads.com
104.20.135.21
13.32.2.6
185.94.237.102
185.98.53.17
2001:1af8:4700:a062:8::47de
2a02:6ea0:c700::11
31.220.24.176
69.16.175.10
072784ae269380977110d9006bfa9cfe1662c8f0b6a7bf1f51054aa294785aa0
171cea27f75a721e41285dc6ac2cdf04eca92d1a00b1167ef50f83e8844edd81
22695c8f67ff1c300f30a793768774c09772259db5addda07f23fb3b377b77c1
2d3bf79cce1525164bdccd6340d4ceca069c8704a23635eacf3336e032c55d35
2f7d301dddc3343680345c31e58295ac8c3d71d1f40a5216cd40eb0242d81e75
42f4fec2fd9d5bbbcfe990cf184e813d80c176fb8113d8c714de88cf53965c76
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79
549b9bd0060e105223af22424e20b6dce5b9276b90bda0af13a1b0fc503bd673
573d746e2353c40eb8db74461cd6dd8358fa6b7a22f492c91ec54b0ee12fe978
58e792c49e41501a97a9d37f29f09663c7894414204ea12595d2a8c7db2ad35b
69340be8a576da1ae5583b9ecefcbada946ac202ee07656ff600856cb94951bf
7a38512b41d90722372f02e524a30828897a72ae9f22804907debaf86b644eb0
8273e7c022d0eefb6a0f6dffacf1468a008bb6780342509c452322dc97287bb4
90b8ab0ecc1d52738d7f0c0bb413375bd6e2f7d7f22d4adf1b1df004ee5d4d43
920218a86982664f6224cf1d2f17a28a83bf7830e5dee4d04e0c56d6d1cf15d6
97a87c8ee0822e6916f75d2693cfd2fd503788c1e0dfabb975239af8ccd7a716
9bf7854f6bc9f40f77dd0bce53f3dda7712a75d02fddcc14f50128c8def15f5f
a5978b6aa5455afe9c8953c67191b7b6b474186001f60ea6b782cfccdeba2938
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd2d3a0de3322e6c04de5e94fb0c7f4314502031e050bc59c0eeda19f1b6d122
c63a3e4fa974f8a8ce70c3ed1a40157be25ee7e274752e49838a58cee321caf5
d83296d802be1a702a5fdb9ce1b34ff0202b6d97aa4a1b47b39cd239056e0cd3
dbfab87e3ed5751a614a954c1f33c67f0beb1940ad9d41ec2385de069d04123f
df316b6efcbcc803d3e99a98a3f9be150c9722602ce69893c20404c5bb87d45c
eca2a576dcb0e650c0701e96f1d4e7336cd0adc970cedbc7e8a72638ca2aa43e
f7d63ff552e165a8fcc86c99f205873431c9f66bb571f2b0b84d06d73af2fed8