URL: https://javchill.com/play/fc2-ppv-2498124
Submission: On December 19 via manual from JP — Scanned from JP

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::681a:b28, located in United States and belongs to CLOUDFLARENET, US. The main domain is javchill.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2021. Valid for: a year.
This is the only time javchill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
21 javchill.com javchill.com
7 mc.yandex.ru 1 redirects emturbovid.com
javchill.com
mc.yandex.ru
4 noc19.litvp.com ssl.p.jwpcdn.com
4 ssl.p.jwpcdn.com cdn.jwplayer.com
4 www.googletagmanager.com javchill.com
emturbovid.com
www.googletagmanager.com
4 hockeyhavoc.com javchill.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 1.bp.blogspot.com javchill.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.plyr.io javchill.com
1 ver1.sptvp.com emturbovid.com
1 faultsderange.com emturbovid.com
1 cdn.jwplayer.com emturbovid.com
1 ajax.googleapis.com emturbovid.com
1 maxcdn.bootstrapcdn.com emturbovid.com
1 emturbovid.com javchill.com
60 16

This site contains links to these domains. Also see Links.

Domain
hpjav.tv
www.javlibrary.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-08-05 -
2022-08-04
a year crt.sh
*.emturbovid.com
R3
2021-11-27 -
2022-02-25
3 months crt.sh
hockeyhavoc.com
R3
2021-11-22 -
2022-02-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
jwplayer.com
Amazon
2021-01-29 -
2022-02-26
a year crt.sh
faultsderange.com
R3
2021-11-10 -
2022-02-08
3 months crt.sh
mc.yandex.ru
Yandex CA
2021-07-28 -
2022-01-07
5 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-20 -
2022-05-22
a year crt.sh
*.litvp.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-09 -
2022-10-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://javchill.com/play/fc2-ppv-2498124
Frame ID: 417F80FC9262407999D59F698961FAAA
Requests: 36 HTTP requests in this frame

Frame: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Frame ID: 2A31CA73B0060D292100D941D6B5B58F
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

FC2 PPV 2498124 100% pure busty beautiful girl is "completed for the first time" Creampie that flows on the sofa "Would you like to do it for the second time?" Second time, mass facial cumshot privilege | JAVCHILL | JAV FULL HD

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

88 %
IPv6

16
Domains

16
Subdomains

17
IPs

3
Countries

3846 kB
Transfer

5957 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://mc.yandex.ru/watch/83308117?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FIuwYCYDRZBlGb3yWftnV&page-ref=https%3A%2F%2Fjavchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfpgygy7cm9r%3Afp%3A516%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A547540933146%3Ahid%3A891900863%3Az%3A0%3Ai%3A20211219070930%3Aet%3A1639897770%3Ac%3A1%3Arn%3A5777217%3Arqn%3A1%3Au%3A1639897770952525723%3Aw%3A1056x467%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639897768325%3Ads%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C603%2C0%2C%2C%2C%2C1000%3Adsn%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C608%2C1%2C%2C%2C%2C1000%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1639897770%3At%3AFC2-PPV-2498124.mp4&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FIuwYCYDRZBlGb3yWftnV&page-ref=https%3A%2F%2Fjavchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfpgygy7cm9r%3Afp%3A516%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A547540933146%3Ahid%3A891900863%3Az%3A0%3Ai%3A20211219070930%3Aet%3A1639897770%3Ac%3A1%3Arn%3A5777217%3Arqn%3A1%3Au%3A1639897770952525723%3Aw%3A1056x467%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639897768325%3Ads%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C603%2C0%2C%2C%2C%2C1000%3Adsn%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C608%2C1%2C%2C%2C%2C1000%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1639897770%3At%3AFC2-PPV-2498124.mp4&t=gdpr%2814%29aw%281%29ti%282%29

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fc2-ppv-2498124
javchill.com/play/
21 KB
5 KB
Document
General
Full URL
https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.31
Resource Hash
7f795abdae1bc1dd126f5d5eb607c85973452b3ea45f8f7c0616f08f7744019f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.31
cache-control
no-cache, private
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYCZB3QxAInw87QgNt4vE8iEKm8XpDeNrPV52Dcj1WoJmlt7wM5wlU%2FyCYztfPsyrVLoQ0JPYM4iGxHpqkov%2BLxduOh4M4zlQRBIqsK%2FVfWvFNOsViRb9y5A9EIXyziwS0wNLfSQL01hSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bfece358a0680f3-NRT
content-encoding
br
bootstrap.css
javchill.com/frontend/vendor/
181 KB
29 KB
Stylesheet
General
Full URL
https://javchill.com/frontend/vendor/bootstrap.css
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5360aee41b4d814adb618a6981cd98a6c355ee3bf6b80892db11260227076caa

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1460
cf-polished
origSize=225964
last-modified
Tue, 23 Feb 2021 14:08:14 GMT
server
cloudflare
etag
W/"60350c4e-372ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTlNFem25wNkEwmroCCSj9s9%2F6rzQ68Ny52cCi%2BnRKLmS6LIqmRIQ7jr%2FqIOpI8TMLorvjuxZYm%2Bh9e5i5aHGFGKVHWqlS6cYPSscqfZHSKLr5nhiOc%2Bd9SSJa3njsEVVDrGxZbkKDeP8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3600
cf-ray
6bfece3c0d3680f3-NRT
cf-bgj
minify
2.css
javchill.com/frontend/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://javchill.com/frontend/css/2.css
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6afac557154a633bed23202648647980d8537e86ae8762fb63328487e1b57cb

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193
cf-polished
origSize=11935
last-modified
Tue, 23 Feb 2021 14:08:07 GMT
server
cloudflare
etag
W/"60350c47-2e9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BbBMzgavK%2Baxg8gvoAVun0G%2BDksQbtd5lp15s3MaXBjtEPHIQi%2F1LidwVmvLkuuyeZiH%2ByRYzHZAllW5NCVTb6v4aBvpvTO3XEj7yEBC4g%2BvPXoudp%2BPUM8q3P4xxVZKEmYp5qptrhbsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3600
cf-ray
6bfece3c0d3980f3-NRT
cf-bgj
minify
plyr.css
cdn.plyr.io/3.5.10/
24 KB
5 KB
Stylesheet
General
Full URL
https://cdn.plyr.io/3.5.10/plyr.css
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8303 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd4780a641049b305ef4b3d4ef6e5f1783ef6f35982bda57e7800f86cff4260

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1686178
cf-polished
origSize=24843
x-cache
HIT, HIT
x-cache-hits
1, 1
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
7KJ81R1H4Y15AJ1M
x-amz-id-2
HCAeG9s/RIVyjU8NYVKTgZ4It++W2FkY9r2DRKByrM0vZAV2mwyLG2YuW7a/slJRW30I8hDK76s=
x-served-by
cache-dca12922-DCA, cache-tyo11948-TYO
last-modified
Fri, 14 Feb 2020 17:36:37 GMT
server
cloudflare
x-timer
S1638211590.488173,VS0,VE1
etag
W/"0dd2e5ee1d7c5054ca52c45a5462ebb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USQb6vPLHY6eeBEHaD7JJj%2F4PSS%2F5XiDv3eZRXAEkabYksz96rohp4tYV9idAaMp0r0QdZJlAKpJQgG20IY0FRJa31ZWNDTaGSLRNIiswohymy6TJy%2FtXrV6U2n3YxaVTuFCt%2Bj172I6tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
cf-ray
6bfece3c1f1680e4-NRT
cf-bgj
minify
logo1.png
javchill.com/frontend/image/
13 KB
14 KB
Image
General
Full URL
https://javchill.com/frontend/image/logo1.png
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e426b0256f47cac4020a07f5369bc86e8a7c6664fdf842eea40f8b84f240c1

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1460
cf-polished
origSize=22071
content-length
13680
last-modified
Tue, 23 Feb 2021 14:08:07 GMT
server
cloudflare
etag
"60350c47-5637"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2Bn%2BzeTLAGieXti08br8qsyXFMkLjboDmcnohDU%2BI5JcaLG4LwNlepYKaoHgKPYfj9pEw4k4%2FUjIL1FkUitG2Z%2Bqt4Jj64e6XAehNnlX3LPdue15jJJFbe3Fpaxlo%2BLIorwFDjorIvEU6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c0d3b80f3-NRT
cf-bgj
imgq:100,h2pri
sologan.png
javchill.com/frontend/image/
9 KB
9 KB
Image
General
Full URL
https://javchill.com/frontend/image/sologan.png
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01223113376512a70de49ebaab3a76d1e0e96145f99b68c9eba81639f7026db

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2770
cf-polished
origSize=16653
content-length
8737
last-modified
Tue, 23 Feb 2021 14:08:07 GMT
server
cloudflare
etag
"60350c47-410d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqf0w827Kw5V8GZAPqDHjuzZwlfO8URPKFX3JXB9Hvos%2BZcGKCNvp3G%2BP5zxcXegp1omARE2tF4pxbqE6sg3G%2B2qBzBsc6S6ymoRlKTBXWH85oxtJqOv2H3JhfPhGBtRO0xWE15xie6YpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c0d3c80f3-NRT
cf-bgj
imgq:100,h2pri
fc2-ppv-2498124.jpg
javchill.com/frontend/posterResize/2021-12/10/
42 KB
42 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-12/10/fc2-ppv-2498124.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301f206b4a53e0e0246fbf94a7c4417c53fe78be5f5f39cb3881ba8a1bbc8d93

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=51487
content-length
42624
last-modified
Fri, 10 Dec 2021 03:19:21 GMT
server
cloudflare
etag
"61b2c739-c91f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msdSyX42wnSKXAmntz9UqtzX%2FQXUoCMaLk6qFVRsOxwYJpdoKE4xYoE8a5UjhQxAcbhMUnaMy1BdxUW7ICQ3MjQTct4RxSafLpTuTsPtpfp8cA2m7CVYP3Sh97dwsQt3eLB3EQIwJUv1pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c0d3d80f3-NRT
cf-bgj
imgq:100,h2pri
rocket-loader.min.js
javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 14:30:56 GMT
server
cloudflare
etag
W/"61b75920-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtVndTGlBu9INATGDZQdf2H4BC6OzzRZCHcuXr3bN2fYI4SOe5UlCpenXzkJNfD8ydrUf1HnMYGWJ9%2BxwBxR%2FhDgipNxWxgZ0S%2BwNSyZ5Etz24HZDvJxMmSq%2BfDRubgeVdXtOPCIJgaJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6bfece3c0d3e80f3-NRT
vary
Accept-Encoding
expires
Tue, 21 Dec 2021 07:09:28 GMT
IuwYCYDRZBlGb3yWftnV
emturbovid.com/t/ Frame 2A31
23 KB
7 KB
Document
General
Full URL
https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:799 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24
Resource Hash
aeed3e048c48afe67688b5b1663bedad6a150aedcbf956f85b8b61a722d61e5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.24
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate no-cache, private
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=es4s05WU2IBvsMpbmVR9FxrQE1kgDaVaCGcW1eW9qJOCsFAOxPiKdkj2WcOBcU7uG5YycE64enMEVMgl9636C%2FWmuoGybwthcI4yqZ4MF3agMVdg%2FAQtQB02rTiYI92Bb5z5iXJaJBDOyR02Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bfece3c28f23463-NRT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
86d089fc39fdc3312f5977a32a9acd87.js
hockeyhavoc.com/86/d0/89/
0
0
Script
General
Full URL
https://hockeyhavoc.com/86/d0/89/86d089fc39fdc3312f5977a32a9acd87.js
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Dec 2021 07:09:28 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
f75df0c23cd89615ea64110e63123eef.js
hockeyhavoc.com/f7/5d/f0/
0
0
Script
General
Full URL
https://hockeyhavoc.com/f7/5d/f0/f75df0c23cd89615ea64110e63123eef.js
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Dec 2021 07:09:28 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-173530880-1
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35146c6d3ea2d404279e28e6bb63055f51085e1cfdb0b8f0e38f6e2597eefdec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36191
x-xss-protection
0
last-modified
Sun, 19 Dec 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Dec 2021 07:09:28 GMT
plyr.js
cdn.plyr.io/3.5.10/
113 KB
33 KB
Script
General
Full URL
https://cdn.plyr.io/3.5.10/plyr.js
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8303 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be5773afade685232a88dc41efe61c133d536973dcfd3dcb4de8fcc60866678

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1686046
cf-polished
origSize=116082
x-cache
HIT, HIT
x-cache-hits
1, 1
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
54VR9DVGWSG05YAS
x-amz-id-2
Bg87eY8waZqUhP87kKy7BIDxS39A1zwIHhJFhh780hO8RvKgnCPOsEyMWbzV5+m/85psSLB1wlo=
x-served-by
cache-dca17750-DCA, cache-tyo11968-TYO
last-modified
Fri, 14 Feb 2020 17:35:53 GMT
server
cloudflare
x-timer
S1638211723.933936,VS0,VE0
etag
W/"0f9eecd3a427a45c817232700bde09ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9de6IKRA0HtdlzkSgFAIw4UUwIY8XPAg%2FZBUe4jzCemwUQI5j412SIBeIRLYzl0WBKb0huc4NeaXyFk3fxdXoZItj2za9tABBqX%2BoLhINFJO3NID5WP1gQlT4oMiQ%2FR4a6SdRCsiVXRSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
cf-ray
6bfece3c1f1880e4-NRT
cf-bgj
minify
play.js
javchill.com/frontend/js/
6 KB
1 KB
Script
General
Full URL
https://javchill.com/frontend/js/play.js
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b77d76c5d960935ea0411fb8df6ec58395230e1c132ffed79a5fd9c6a32c85

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6266
cf-polished
origSize=9345
last-modified
Wed, 24 Feb 2021 08:35:12 GMT
server
cloudflare
etag
W/"60360fc0-2481"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fC4xbw1kaRrcLnQ%2BNV3SNpFkl9Tl3xT8UqXqudfPsm1bbpD%2BA0iRxxheIQSK4qsojYdrh7%2F6JWVi0aNmdJEI30dNy40INlEy4rp0SSj53te6Yj82eyVTg%2Bfp%2Fk9PQ2uPqHcHJLdBl3p6CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
cf-ray
6bfece3c1d5f80f3-NRT
cf-bgj
minify
bootstrap.js
javchill.com/frontend/vendor/
374 KB
115 KB
Script
General
Full URL
https://javchill.com/frontend/vendor/bootstrap.js
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b119cfd0659ef1002930dfae283e2e95df6ff72db04396de6113ad00397fb6ef

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1366
cf-polished
origSize=567728
last-modified
Tue, 23 Feb 2021 14:08:14 GMT
server
cloudflare
etag
W/"60350c4e-8a9b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbaARbha3pfgrX5wGII2OyN2rWWXPKjDCEWt1zmR9KvAmhRDFMDoEpyKpOCy7AbqEZpldQDOvPGmgPi9usziXIi4mq8pBAH2qqYAopHkfG%2FwwazqwIZjSqmgmmF8aVIsdBi0Bl1JxfXYxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
cf-ray
6bfece3c1d6380f3-NRT
cf-bgj
minify
search1.png
javchill.com/frontend/image/
586 B
932 B
Image
General
Full URL
https://javchill.com/frontend/image/search1.png
Requested by
Host: javchill.com
URL: https://javchill.com/frontend/css/2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f156f82df794964b4bffefe79013aab76f8b8210eb2fb093667e5448c515253c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/frontend/css/2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1460
cf-polished
origSize=1084
content-length
586
last-modified
Tue, 23 Feb 2021 14:08:07 GMT
server
cloudflare
etag
"60350c47-43c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43rswtvi%2Fq9qk5Z7bQuKF%2F6zidpSuSpPQzN3Smvd8iSJM69A0jDW5mNAGU4zzwJg4sr3Vn2N7xJ0NR1YPYMwL1RYNvRnpTYWIxcthGl90G2uSaDI3exJDism4ZYHkgvxvS3DWLL44ZqFtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c2d8b80f3-NRT
cf-bgj
imgq:100,h2pri
amateur-3.jpg
javchill.com/frontend/imageidol/
41 KB
41 KB
Image
General
Full URL
https://javchill.com/frontend/imageidol/amateur-3.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6065cce63ae2142e1c6b9593b119e80a71588f6d56cfb605c2c2683de3748789

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2724
cf-polished
origSize=43571
content-length
41737
last-modified
Tue, 23 Feb 2021 14:08:07 GMT
server
cloudflare
etag
"60350c47-aa33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jn5CvRyRyZfCRwnOnY3evol8exdcYPhYnR2vRqqpLjd0DmBnHoy9CU3CzSKeP4U03rtWg7oIv5KxXS6gRthnh%2BMyegP%2Fak3yJDqN1ikgAmLDRPLoWZ4nayu2K%2B%2B2sA8tOLsqEyjhGELEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d8d80f3-NRT
cf-bgj
imgq:100,h2pri
md-mxj-0001ep2.jpg
javchill.com/frontend/posterResize/2021-11/03/
38 KB
39 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-11/03/md-mxj-0001ep2.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d442ee58c2d6e1c9d8dae9dd65c402d7a0e1796cf6f6c99d65862bb5323c12d6

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6380
cf-polished
origSize=39467
content-length
39161
last-modified
Wed, 03 Nov 2021 03:26:07 GMT
server
cloudflare
etag
"6182014f-9a2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xgQxRoTcnz%2BHBQi9wB9em%2F3mOP01wzc1dZR6zm6qhCa21f1KkWn7RsT4YT%2F2GaisNa9YRasjhZC6EM%2B4GGrTubY1R2TuXhPDe4msZQfKoBuMsszc0rdfnMJdnsNJEEozGAtUadGq1b3og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d8e80f3-NRT
cf-bgj
imgq:100,h2pri
fc2-ppv-1599074.jpg
javchill.com/frontend/posterResize/2020-12/10/
127 KB
128 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2020-12/10/fc2-ppv-1599074.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e08b01918c43542fd10850dbfaf9e76e4269908d5652f1cc4516d0cccb39a7

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1446
cf-polished
origSize=141248
content-length
130365
last-modified
Tue, 23 Feb 2021 14:08:11 GMT
server
cloudflare
etag
"60350c4b-227c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owGPnmBxS%2FgC91PwqgldNkU7Vb4Qi4NbVCw9v3%2F%2BwTZz%2FORuU%2FvDBP%2FiTVT%2BCPTKwDX8gJn%2BwObPM72zqJMPMvbqKu0uNTFvlTGdwMsWvFuJEKL2JessdDVJoZpjL67ik%2F4psbS4xEDyqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d9180f3-NRT
cf-bgj
imgq:100,h2pri
n1140.jpg
1.bp.blogspot.com/-o0Be-fGLyAw/X3kRABeObII/AAAAAAAASDw/N59BfyCqPzcpZO6GDw1sb5FEDl2O9dVoACLcBGAsYHQ/s500/
63 KB
63 KB
Image
General
Full URL
https://1.bp.blogspot.com/-o0Be-fGLyAw/X3kRABeObII/AAAAAAAASDw/N59BfyCqPzcpZO6GDw1sb5FEDl2O9dVoACLcBGAsYHQ/s500/n1140.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8d23e3be696afaad10348841a79eb4f72e3c6be63aa17b9dfb8fbde1fb14050d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 06:20:29 GMT
x-content-type-options
nosniff
age
2939
content-disposition
inline;filename="n1140.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64064
x-xss-protection
0
server
fife
etag
"v488d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 17 Nov 2021 04:11:39 GMT
fc2-ppv-1720961.jpg
javchill.com/frontend/posterResize/2021-03/13/
309 KB
310 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-03/13/fc2-ppv-1720961.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
659a585a581408b1bb487598b858361b3b69e82be1661576c4f0ccfc1f9da0d8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4646
cf-polished
origSize=325452
content-length
316255
last-modified
Sat, 13 Mar 2021 02:51:09 GMT
server
cloudflare
etag
"604c289d-4f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srw6u245fw1bAUxuwSq8P%2F2Hm%2Fh3SqGSMHvCUhCY7bXAWjnA85YKPzwab6xaWYah7ayUr27yVF800T69dY81IMRPdIoEBs3VO6yREqZCnCLSrfv0nmyr8xsV1jimU7iWt26%2Bpfstaj6g0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d9380f3-NRT
cf-bgj
imgq:100,h2pri
fc2-ppv-2384210.jpg
javchill.com/frontend/posterResize/2021-11/03/
65 KB
66 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-11/03/fc2-ppv-2384210.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac999c2a0642dd3621bf7157190b8bb18c21cc7610e6d074882ab2812d7b7253

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3077
cf-polished
origSize=71309
content-length
66843
last-modified
Wed, 03 Nov 2021 03:26:18 GMT
server
cloudflare
etag
"6182015a-1168d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtegfWZZ%2BevnVTnvrOyWNAecG%2BkOvxpOiIu7BfDMEXAqJ2wSM4VkBlGkwJdC26heEiEDT6Sw7tTAeUDU1S8YkaY4i90I57Bx%2BNQhX5QrGIpBQNj630LXOdzSxVuxc6RHCU34b4FHRabT1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d9580f3-NRT
cf-bgj
imgq:100,h2pri
fc2-ppv-2392657.jpg
javchill.com/frontend/posterResize/2021-11/03/
101 KB
101 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-11/03/fc2-ppv-2392657.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbf62cbbcef4baba4bd69c9a875818e85f275342c3ddd084b8399d62d19277d

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1445
cf-polished
origSize=109672
content-length
103006
last-modified
Wed, 03 Nov 2021 03:26:11 GMT
server
cloudflare
etag
"61820153-1ac68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Fwf4RTZd2035vXFDuHtZhkpAaOX1%2FxI8WS55veU602%2BuxkfAIEoKs4IV9LW8iVlF0vmLMDVEnKQ46wUss4pKyle5mCc%2BS9CuDT%2Ft3HecMeBjaoCXtbk9cB%2BSYOdEaBArfQdftCF%2FARaMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d9680f3-NRT
cf-bgj
imgq:100,h2pri
fc2-ppv-1270671-2.jpg
javchill.com/frontend/posterResize/2021-11/02/
113 KB
114 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-11/02/fc2-ppv-1270671-2.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3786b441efc18d639615407c276af45797727a1da7050360d9daeb09c53883

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6825
cf-polished
origSize=123902
content-length
116151
last-modified
Tue, 02 Nov 2021 03:13:31 GMT
server
cloudflare
etag
"6180acdb-1e3fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgxR9olHqmbhIijiL5JW4tIhouwP4z9yGCiXOfkK1ojYuUYA3qjwn6C6QmAddZX2oTiMX7MoI%2B4ky4JQDkdwrhIILJii0JW1gcfp17ccth5FLPFqiCv8ho8hk3K27SFFGuNG1DwjVN3Vdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d9880f3-NRT
cf-bgj
imgq:100,h2pri
fc2-ppv-1474754.jpg
1.bp.blogspot.com/-Z07U3nqZ44s/X3iQZHAJsxI/AAAAAAAAPL8/ElcAApXF2tUiFVLpeCIIvN5JQ3HKUe6WgCLcBGAsYHQ/s500/
44 KB
44 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Z07U3nqZ44s/X3iQZHAJsxI/AAAAAAAAPL8/ElcAApXF2tUiFVLpeCIIvN5JQ3HKUe6WgCLcBGAsYHQ/s500/fc2-ppv-1474754.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6bcf229892a6a37c8033b07e6bf6d8225571c319021bf323d13c4c4ae80f6611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 04:12:03 GMT
x-content-type-options
nosniff
age
10645
content-disposition
inline;filename="fc2-ppv-1474754.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45364
x-xss-protection
0
server
fife
etag
"v3cef"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 26 Oct 2021 17:59:07 GMT
h4610-ki201227.jpg
javchill.com/frontend/posterResize/2020-12/27/
371 KB
372 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2020-12/27/h4610-ki201227.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f3fc935ae44d451db4f79c39da00fce950477776b2db24048e0b1006dbfdde

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=385483
content-length
380357
last-modified
Tue, 23 Feb 2021 14:08:11 GMT
server
cloudflare
etag
"60350c4b-5e1cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG3MMal3zaMrh%2Bmruyzk%2BKlu57a%2Bgsm8ufo7fmKzraMl1ra585hYRHuRqJcGZqbyhXxcHWHpz9%2F9cFYN7O4sDmufvB1UYRDca4l5rVn%2BFI6LL6oTGazwuwGgB1Q77uZn%2FBo8ofgTMamH8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3d9b80f3-NRT
cf-bgj
imgq:100,h2pri
fc2-ppv-2385149.jpg
javchill.com/frontend/posterResize/2021-10/31/
59 KB
59 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-10/31/fc2-ppv-2385149.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28884e5a2d9593675e46812d3786fbad9d68f16b001626a5aea41f4199002751

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3587
cf-polished
origSize=70609
content-length
60398
last-modified
Sun, 31 Oct 2021 03:04:43 GMT
server
cloudflare
etag
"617e07cb-113d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BV8PdG1FpvHLmPW3CJM3SQ8cTSZJdICqtSFRxsDVMvVrJ%2Fsd%2BaeoNZPcDX%2BGPeYDf5wOEo4dxnKa6oZ1y3qp1LYtXcbKtxkKeEVZufgObXxNoKhaoAGfYBBkbLIy8xU5%2F5tnTFbKS4MTeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3da080f3-NRT
cf-bgj
imgq:100,h2pri
md0092.jpg
1.bp.blogspot.com/-iDZv3XulxcQ/X4HGSohLDuI/AAAAAAAAWVc/mVdWR0TpYNgXw8ADkvgdmmv_JUQ0CiSJwCLcBGAsYHQ/s500/
41 KB
41 KB
Image
General
Full URL
https://1.bp.blogspot.com/-iDZv3XulxcQ/X4HGSohLDuI/AAAAAAAAWVc/mVdWR0TpYNgXw8ADkvgdmmv_JUQ0CiSJwCLcBGAsYHQ/s500/md0092.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2e0b56a2ff72b300d49f00c2c68c49e7a3f4269d34d1aad83b4fd2b25d6b5bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 05:13:12 GMT
x-content-type-options
nosniff
age
6976
content-disposition
inline;filename="md0092.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42006
x-xss-protection
0
server
fife
etag
"v5c39"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 17 Nov 2021 21:57:06 GMT
fc2-ppv-1938819.jpg
javchill.com/frontend/posterResize/2021-11/02/
54 KB
54 KB
Image
General
Full URL
https://javchill.com/frontend/posterResize/2021-11/02/fc2-ppv-1938819.jpg
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a8994f0042dd97f1c28c64f1bea4684051f26145ec751d6ad82f7649c65947

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/play/fc2-ppv-2498124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60
cf-polished
origSize=63648
content-length
54810
last-modified
Tue, 02 Nov 2021 03:13:29 GMT
server
cloudflare
etag
"6180acd9-f8a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnRPFkmxufUtCpjcfLwnrbSdHfRT5ZCge0mw4UXmDtuqJBfOWWqkdD7eTGemfNAVBs2IlQwDbiXMH7fpbz839VJznUP8uPjCwWPrNXbMdo2oRsKL3dd4E%2Fsk0Z61o06RtB%2BsFFWS7wkY6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6bfece3c3da280f3-NRT
cf-bgj
imgq:100,h2pri
fontawesome-webfont.woff
javchill.com/frontend/fonts/
64 KB
64 KB
Font
General
Full URL
https://javchill.com/frontend/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: javchill.com
URL: https://javchill.com/frontend/vendor/bootstrap.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://javchill.com/frontend/vendor/bootstrap.css
Origin
https://javchill.com
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Feb 2021 14:08:07 GMT
server
cloudflare
age
6017
etag
"60350c47-ffac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GmGOTRR4JLRbrRj7%2BmbMUZJvlkkAXAWW9KCgvWDakq%2Fn%2BJn1OuRolOHqlT7Y5kKYAzNFMQBdswmCNqLzQUaLHWpeQP2qtfHWCLB97RM5uNtUqlVjShlwQ4njjhKi5THzFpcL9lIZKDS1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6bfece3c3da480f3-NRT
content-length
65452
js
www.googletagmanager.com/gtag/ Frame 2A31
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-173619459-1
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
351c1feefc0956d001e941eeba754c49c76d7d1bc39819451b4c7608963e3649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36191
x-xss-protection
0
last-modified
Sun, 19 Dec 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Dec 2021 07:09:28 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ Frame 2A31
119 KB
21 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
637, 617, 617
age
368332
cdn-cachedat
2021-06-08 11:57:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
44954a793b7f4e7d32b1a0cc799b0315
cf-ray
6bfece3ed98d1f33-NRT
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 2A31
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 00:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Dec 2022 00:53:07 GMT
cEgNeMjW.js
cdn.jwplayer.com/libraries/ Frame 2A31
115 KB
39 KB
Script
General
Full URL
https://cdn.jwplayer.com/libraries/cEgNeMjW.js
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21d2:a200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
8436c6cae8d2c0b34f67fcdb1238de7119467203470e29ff890e71af96070336

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:07:13 GMT
content-encoding
gzip
server
openresty
age
135
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
NRT12-C4
content-length
39126
via
1.1 1f8420403f5cdbb5f6c9872b570fff91.cloudfront.net (CloudFront)
x-amz-cf-id
hJ4CJiSOFy4RvBisbIVUT4ep-Iegpg_EjTvK_bvo9L5QHD-xONyJ2Q==
expires
Sun, 19 Dec 2021 07:09:21 GMT
js
www.googletagmanager.com/gtag/ Frame 2A31
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RXQM5QPSYX
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a2d214cf3cff71bc972a8a291a51c6faf1a0ce0a077a6b02e21968c7bf3c346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61897
x-xss-protection
0
expires
Sun, 19 Dec 2021 07:09:28 GMT
56b3dd90d94032ccdd5265129d462d93.js
faultsderange.com/56/b3/dd/ Frame 2A31
0
0
Script
General
Full URL
https://faultsderange.com/56/b3/dd/56b3dd90d94032ccdd5265129d462d93.js
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Dec 2021 07:09:29 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
tag.js
mc.yandex.ru/metrika/ Frame 2A31
194 KB
66 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a77e669d0fbd48d9b6cbe622278b5e4256316cd34310befbdb1a9335f68141bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
content-encoding
br
last-modified
Wed, 15 Dec 2021 16:08:50 GMT
etag
"61b9e8e2-10770"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67440
expires
Sun, 19 Dec 2021 08:09:29 GMT
js
www.googletagmanager.com/gtag/ Frame 2A31
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RXQM5QPSYX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173619459-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9993bac529eb3754ea4b88a4abae634ab35a426c02a02b335eba6dfe97b6866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61873
x-xss-protection
0
expires
Sun, 19 Dec 2021 07:09:28 GMT
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.24.0/ Frame 2A31
58 KB
17 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.0/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/cEgNeMjW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
content-encoding
gzip
age
825
x-cache
HIT
content-length
17499
via
1.1 varnish
x-served-by
cache-hnd18739-HND
last-modified
Wed, 15 Dec 2021 01:04:07 GMT
server
AmazonS3
x-timer
S1639897769.330665,VS0,VE0
etag
"fd28c0166cd7029ddfb10e5953b3f7f2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
210
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.24.0/ Frame 2A31
307 KB
79 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.0/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/cEgNeMjW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e46b9f160259b07d55b4cb66371847386cc4888c61969707af4455edee2dfaa

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
content-encoding
gzip
age
306145
x-cache
HIT
content-length
80433
via
1.1 varnish
x-served-by
cache-hnd18739-HND
last-modified
Wed, 15 Dec 2021 01:03:59 GMT
server
AmazonS3
x-timer
S1639897769.330722,VS0,VE0
etag
"8d83cd6719fd11dfc5dae660af42c7c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
18787
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.24.0/ Frame 2A31
410 KB
113 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.0/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/cEgNeMjW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
258c912432f6a17ae766da1afa7e659603c86cf1f67f970b365bcdc52aca59c0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
content-encoding
gzip
age
306139
x-cache
HIT
content-length
115802
via
1.1 varnish
x-served-by
cache-hnd18739-HND
last-modified
Wed, 15 Dec 2021 01:04:02 GMT
server
AmazonS3
x-timer
S1639897769.330801,VS0,VE0
etag
"8da114839937e49d7dd29e337a3ea236"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
12730
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.24.0/ Frame 2A31
25 KB
9 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.0/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/cEgNeMjW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
908960c2a1f08610e3e67be90df480e590627cb61f03dfa9801499b848650eb7

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
content-encoding
gzip
age
306142
x-cache
HIT
content-length
9112
via
1.1 varnish
x-served-by
cache-hnd18739-HND
last-modified
Wed, 15 Dec 2021 01:04:02 GMT
server
AmazonS3
x-timer
S1639897769.396372,VS0,VE0
etag
"bf6d1a6dc823bdfe2e7a4463ea7a0834"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
3529
master.m3u8
noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/ Frame 2A31
438 B
769 B
XHR
General
Full URL
https://noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/master.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2604:4300:a:167::2 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ee13d9e5dc020570b9d92a76e0f106ed4c65603ef12b5608975787197358b986

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:30 GMT
last-modified
Fri, 10 Dec 2021 15:11:16 GMT
server
nginx/1.20.1
etag
"61b36e14-1b6"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
438
poster.png
ver1.sptvp.com/play/100001/ Frame 2A31
385 KB
386 KB
Image
General
Full URL
https://ver1.sptvp.com/play/100001/poster.png
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3018 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2803f5032241a066b2affc7a5f55651dff9b4c93544580a935d39424019aa28c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2822
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
394182
last-modified
Thu, 22 Jul 2021 09:35:10 GMT
server
cloudflare
etag
"60f93bce-603c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FojpgD71bD9erXcCYQhcG3gSfioozLs1rQrT3k81sX4wLYFGz3%2FOfUbKIom4epX1lLRuv%2BQ%2BTah%2BwDb8leIrFowNy%2FSHPDTAoBIJb2sm2RMLy1J0wu%2BawQIeM92beBZGuTQwSD%2BMX44EYdu2zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bfece42dac580cc-NRT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2A31
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/cEgNeMjW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 19 Dec 2021 07:09:29 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 2A31
36 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Sun, 19 Dec 2021 07:09:29 GMT
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame 2A31
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 08:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sun, 19 Dec 2021 08:41:29 GMT
r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ480.m3u8
noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/hls480/ Frame 2A31
32 KB
32 KB
XHR
General
Full URL
https://noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/hls480/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ480.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2604:4300:a:167::2 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
96cf3d23753512ba3f8df8152271afd340690a0c8ff1cadb4e24f057ee2ce311

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:30 GMT
last-modified
Fri, 10 Dec 2021 05:35:23 GMT
server
nginx/1.20.1
etag
"61b2e71b-7f64"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
32612
1
mc.yandex.ru/watch/83308117/ Frame 2A31
Redirect Chain
  • https://mc.yandex.ru/watch/83308117?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FIuwYCYDRZBlGb3yWftnV&page-ref=https%3A%2F%2Fjavchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Av...
  • https://mc.yandex.ru/watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FIuwYCYDRZBlGb3yWftnV&page-ref=https%3A%2F%2Fjavchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3...
331 B
413 B
XHR
General
Full URL
https://mc.yandex.ru/watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FIuwYCYDRZBlGb3yWftnV&page-ref=https%3A%2F%2Fjavchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfpgygy7cm9r%3Afp%3A516%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A547540933146%3Ahid%3A891900863%3Az%3A0%3Ai%3A20211219070930%3Aet%3A1639897770%3Ac%3A1%3Arn%3A5777217%3Arqn%3A1%3Au%3A1639897770952525723%3Aw%3A1056x467%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639897768325%3Ads%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C603%2C0%2C%2C%2C%2C1000%3Adsn%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C608%2C1%2C%2C%2C%2C1000%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1639897770%3At%3AFC2-PPV-2498124.mp4&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
bb225dc25ee5f0b52534df2fb6fee69f25ffc4c9e61250a0920fefa60d1253b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Dec 2021 07:09:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 19-Dec-2021 07:09:30 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://emturbovid.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Sun, 19-Dec-2021 07:09:30 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Dec 2021 07:09:30 GMT
last-modified
Sun, 19-Dec-2021 07:09:30 GMT
location
/watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FIuwYCYDRZBlGb3yWftnV&page-ref=https%3A%2F%2Fjavchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfpgygy7cm9r%3Afp%3A516%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A547540933146%3Ahid%3A891900863%3Az%3A0%3Ai%3A20211219070930%3Aet%3A1639897770%3Ac%3A1%3Arn%3A5777217%3Arqn%3A1%3Au%3A1639897770952525723%3Aw%3A1056x467%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639897768325%3Ads%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C603%2C0%2C%2C%2C%2C1000%3Adsn%3A6%2C10%2C372%2C3%2C0%2C0%2C%2C608%2C1%2C%2C%2C%2C1000%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1639897770%3At%3AFC2-PPV-2498124.mp4&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://emturbovid.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 19-Dec-2021 07:09:30 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 2A31
43 B
136 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: emturbovid.com
URL: https://emturbovid.com/t/IuwYCYDRZBlGb3yWftnV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:30 GMT
last-modified
Wed, 15 Dec 2021 16:08:50 GMT
etag
"61b9e8e2-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 19 Dec 2021 08:09:30 GMT
r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ4800.ts
noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/hls480/ Frame 2A31
726 KB
727 KB
XHR
General
Full URL
https://noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/hls480/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ4800.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2604:4300:a:167::2 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
cfd58a1dddcd107e7b1cd86c193ae0de1f094a349e06e4255396a50aa07c6cf4

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:30 GMT
last-modified
Fri, 10 Dec 2021 05:35:18 GMT
server
nginx/1.20.1
etag
"61b2e716-b5930"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
743728
tag.js
mc.yandex.ru/metrika/
194 KB
66 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: javchill.com
URL: https://javchill.com/play/fc2-ppv-2498124
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a77e669d0fbd48d9b6cbe622278b5e4256316cd34310befbdb1a9335f68141bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:30 GMT
content-encoding
br
last-modified
Wed, 15 Dec 2021 16:08:50 GMT
etag
"61b9e8e2-10770"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67440
expires
Sun, 19 Dec 2021 08:09:30 GMT
f75df0c23cd89615ea64110e63123eef.js
hockeyhavoc.com/f7/5d/f0/
0
0
Script
General
Full URL
https://hockeyhavoc.com/f7/5d/f0/f75df0c23cd89615ea64110e63123eef.js
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Dec 2021 07:09:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173530880-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4524
date
Sun, 19 Dec 2021 05:54:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 19 Dec 2021 07:54:06 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=10962303&t=pageview&_s=1&dl=https%3A%2F%2Fjavchill.com%2Fplay%2Ffc2-ppv-2498124&ul=en-us&de=UTF-8&dt=FC2%20PPV%202498124%20100%25%20pure%20busty%20beautiful%20girl%20is%20%22completed%20for%20the%20first%20time%22%20Creampie%20that%20flows%20on%20the%20sofa%20%22Would%20you%20like%20to%20do%20it%20for%20the%20second%20time%3F%22%20Second%20time%2C%20mass%20facial%20cumshot%20privilege%20%7C%20JAVCHILL%20%7C%20JAV%20FULL%20HD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=307125125&gjid=1015535452&cid=1705590622.1639897771&tid=UA-173530880-1&_gid=1522254380.1639897771&_r=1&gtm=2ouc10&z=968701688
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://javchill.com/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Dec 2021 07:09:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://javchill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
86d089fc39fdc3312f5977a32a9acd87.js
hockeyhavoc.com/86/d0/89/
0
0
Script
General
Full URL
https://hockeyhavoc.com/86/d0/89/86d089fc39fdc3312f5977a32a9acd87.js
Requested by
Host: javchill.com
URL: https://javchill.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Dec 2021 07:09:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
66077494
mc.yandex.ru/watch/
331 B
451 B
XHR
General
Full URL
https://mc.yandex.ru/watch/66077494?wmode=7&page-url=https%3A%2F%2Fjavchill.com%2Fplay%2Ffc2-ppv-2498124&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfpgygy7cm9r%3Afp%3A1128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A984243710238%3Ahid%3A396298619%3Az%3A0%3Ai%3A20211219070930%3Aet%3A1639897771%3Ac%3A1%3Arn%3A843287943%3Arqn%3A1%3Au%3A1639897771226780369%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639897767270%3Ads%3A5%2C7%2C1018%2C2%2C1%2C0%2C%2C19%2C0%2C3283%2C3283%2C1%2C1063%3Adsn%3A5%2C7%2C1017%2C3%2C0%2C0%2C%2C22%2C0%2C3283%2C3283%2C1%2C1063%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1639897771%3At%3AFC2%20PPV%202498124%20100%25%20pure%20busty%20beautiful%20girl%20is%20%22completed%20for%20the%20first%20time%22%20Creampie%20that%20flows%20on%20the%20sofa%20%22Would%20you%20like%20to%20do%20it%20for%20the%20second%20time%3F%22%20Second%20time%2C%20mass%20facial%20cumshot%20privilege%20%7C%20JAVCHILL%20%7C%20JAV%20FULL%20HD&t=gdpr(14)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2f2d28da945810289f2826f901c84d667583944c6e6f266a4898ded74c64b944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Dec 2021 07:09:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 19-Dec-2021 07:09:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://javchill.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Sun, 19-Dec-2021 07:09:31 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
96 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://javchill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:31 GMT
last-modified
Wed, 15 Dec 2021 16:08:50 GMT
etag
"61b9e8e2-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 19 Dec 2021 08:09:31 GMT
f5ed5c9b-7c08-4c1d-b02f-bd0d5c3dfe05
https://emturbovid.com/ Frame 2A31
88 KB
0
Other
General
Full URL
blob:https://emturbovid.com/f5ed5c9b-7c08-4c1d-b02f-bd0d5c3dfe05
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fb034e3a989e7668e46fe1c8850622a25934eee36976c0bc4a83c64d0a8289a

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length
90231
Content-Type
text/javascript
r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ4801.ts
noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/hls480/ Frame 2A31
250 KB
251 KB
XHR
General
Full URL
https://noc19.litvp.com/stream/D/82/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ/hls480/r6m93QIxivhRDtow4RjUPRyONQKlWSHh7NZ4801.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2604:4300:a:167::2 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6bb9c2349e095bf0740fed14fa0251e3684ed9ffc1120dba22937b309ec05bcb

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emturbovid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 19 Dec 2021 07:09:31 GMT
last-modified
Fri, 10 Dec 2021 05:35:18 GMT
server
nginx/1.20.1
etag
"61b2e716-3e9b0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
256432

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR object| _gsScope function| $ function| jQuery object| _gsQueue object| jQuery1111019612831854012813 object| angular function| WOW function| Plyr function| gtag object| dataLayer function| ym function| auto function| pause object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter66077494 boolean| __cfRLUnblockHandlers

16 Cookies

Domain/Path Name / Value
javchill.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNzNDFTeThLV2NBU1JabUEzbDU1NXc9PSIsInZhbHVlIjoiR3Vqcm1CL2czSy95Rm5zWW1sTnZxdTVaSDdxa2plSUc1bUo3T2pXZ3U4SmFMYks4OTZlYk9QMkFGUDRzRlNKVCIsIm1hYyI6IjAxOGViNGQwZjYyY2ZiZWRiNmY3ZDlmNTJmNWZmNDBhN2EzMmU4MmZmZTBkMmU0ODFiYjg4MGIzYzk0OWQ2NmUifQ%3D%3D
javchill.com/ Name: laravel_session
Value: eyJpdiI6IkU1MWhqMldrWVlCRTY3TWtsSC9TSmc9PSIsInZhbHVlIjoiWk16MUUwS3B1TW9USGlEU0NReTRNWGdzUGl0c09keGQ1K2NBa05pTmtuaXc3aHFjczJ0aHhnT0JkZ0x3R0NoTiIsIm1hYyI6Ijg3ZDc1OTI2MWI5MWVlNGJiY2MyNDE1ZDQyMTU1OWRkMWJiNTMwYzg2NTIxMTRjMThmYzg1ZGE1YWRiNjIxOTQifQ%3D%3D
.emturbovid.com/ Name: _ym_uid
Value: 1639897770952525723
.emturbovid.com/ Name: _ym_d
Value: 1639897770
.yandex.ru/ Name: yandexuid
Value: 3527003431639897770
.yandex.ru/ Name: yuidss
Value: 3527003431639897770
mc.yandex.ru/ Name: yabs-sid
Value: 2613691621639897770
.yandex.ru/ Name: i
Value: iOiQ14IeEMYZO2YuppiG3Rvl9FYt3OzeQRT7zhMpWz/Q7Z9x31yMy7uke+bZbRo3zhLfPqdAKRuuyTaiRjTXEKRA5fg=
.yandex.ru/ Name: ymex
Value: 1955257770.yrts.1639897770#1955257770.yrtsi.1639897770
.emturbovid.com/ Name: _ym_isad
Value: 2
.javchill.com/ Name: _ga
Value: GA1.2.1705590622.1639897771
.javchill.com/ Name: _gid
Value: GA1.2.1522254380.1639897771
.javchill.com/ Name: _gat_gtag_UA_173530880_1
Value: 1
.javchill.com/ Name: _ym_uid
Value: 1639897771226780369
.javchill.com/ Name: _ym_d
Value: 1639897771
.javchill.com/ Name: _ym_isad
Value: 2

6 Console Messages

Source Level URL
Text
security warning URL: https://javchill.com/play/fc2-ppv-2498124
Message:
Mixed Content: The page at 'https://javchill.com/play/fc2-ppv-2498124' was loaded over HTTPS, but requested an insecure element 'http://javchill.com/frontend/image/search1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://hockeyhavoc.com/86/d0/89/86d089fc39fdc3312f5977a32a9acd87.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://hockeyhavoc.com/f7/5d/f0/f75df0c23cd89615ea64110e63123eef.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://faultsderange.com/56/b3/dd/56b3dd90d94032ccdd5265129d462d93.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://hockeyhavoc.com/f7/5d/f0/f75df0c23cd89615ea64110e63123eef.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://hockeyhavoc.com/86/d0/89/86d089fc39fdc3312f5977a32a9acd87.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
cdn.jwplayer.com
cdn.plyr.io
emturbovid.com
faultsderange.com
hockeyhavoc.com
javchill.com
maxcdn.bootstrapcdn.com
mc.yandex.ru
noc19.litvp.com
ssl.p.jwpcdn.com
ver1.sptvp.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
192.243.59.13
192.243.59.20
2404:6800:4004:801::2001
2404:6800:4004:801::2003
2404:6800:4004:812::200a
2404:6800:4004:820::2008
2404:6800:4004:823::200e
2600:9000:21d2:a200:1:a3fa:7cc0:93a1
2604:4300:a:167::2
2606:4700:20::681a:b28
2606:4700:3030::6815:3018
2606:4700:3031::6815:799
2606:4700:3031::ac43:8303
2606:4700::6812:bcf
2a02:6b8::1:119
2a04:4e42:600::626
0dd4780a641049b305ef4b3d4ef6e5f1783ef6f35982bda57e7800f86cff4260
0e46b9f160259b07d55b4cb66371847386cc4888c61969707af4455edee2dfaa
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
258c912432f6a17ae766da1afa7e659603c86cf1f67f970b365bcdc52aca59c0
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
27a8994f0042dd97f1c28c64f1bea4684051f26145ec751d6ad82f7649c65947
2803f5032241a066b2affc7a5f55651dff9b4c93544580a935d39424019aa28c
28884e5a2d9593675e46812d3786fbad9d68f16b001626a5aea41f4199002751
2e0b56a2ff72b300d49f00c2c68c49e7a3f4269d34d1aad83b4fd2b25d6b5bd7
2f2d28da945810289f2826f901c84d667583944c6e6f266a4898ded74c64b944
2fbf62cbbcef4baba4bd69c9a875818e85f275342c3ddd084b8399d62d19277d
301f206b4a53e0e0246fbf94a7c4417c53fe78be5f5f39cb3881ba8a1bbc8d93
35146c6d3ea2d404279e28e6bb63055f51085e1cfdb0b8f0e38f6e2597eefdec
351c1feefc0956d001e941eeba754c49c76d7d1bc39819451b4c7608963e3649
36e426b0256f47cac4020a07f5369bc86e8a7c6664fdf842eea40f8b84f240c1
5360aee41b4d814adb618a6981cd98a6c355ee3bf6b80892db11260227076caa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6065cce63ae2142e1c6b9593b119e80a71588f6d56cfb605c2c2683de3748789
659a585a581408b1bb487598b858361b3b69e82be1661576c4f0ccfc1f9da0d8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb9c2349e095bf0740fed14fa0251e3684ed9ffc1120dba22937b309ec05bcb
6bcf229892a6a37c8033b07e6bf6d8225571c319021bf323d13c4c4ae80f6611
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7be5773afade685232a88dc41efe61c133d536973dcfd3dcb4de8fcc60866678
7f795abdae1bc1dd126f5d5eb607c85973452b3ea45f8f7c0616f08f7744019f
7fb034e3a989e7668e46fe1c8850622a25934eee36976c0bc4a83c64d0a8289a
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e
8436c6cae8d2c0b34f67fcdb1238de7119467203470e29ff890e71af96070336
8a2d214cf3cff71bc972a8a291a51c6faf1a0ce0a077a6b02e21968c7bf3c346
8d23e3be696afaad10348841a79eb4f72e3c6be63aa17b9dfb8fbde1fb14050d
908960c2a1f08610e3e67be90df480e590627cb61f03dfa9801499b848650eb7
96cf3d23753512ba3f8df8152271afd340690a0c8ff1cadb4e24f057ee2ce311
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4b77d76c5d960935ea0411fb8df6ec58395230e1c132ffed79a5fd9c6a32c85
a77e669d0fbd48d9b6cbe622278b5e4256316cd34310befbdb1a9335f68141bd
ac999c2a0642dd3621bf7157190b8bb18c21cc7610e6d074882ab2812d7b7253
aeed3e048c48afe67688b5b1663bedad6a150aedcbf956f85b8b61a722d61e5b
b119cfd0659ef1002930dfae283e2e95df6ff72db04396de6113ad00397fb6ef
b7f3fc935ae44d451db4f79c39da00fce950477776b2db24048e0b1006dbfdde
bb225dc25ee5f0b52534df2fb6fee69f25ffc4c9e61250a0920fefa60d1253b0
cb3786b441efc18d639615407c276af45797727a1da7050360d9daeb09c53883
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cfd58a1dddcd107e7b1cd86c193ae0de1f094a349e06e4255396a50aa07c6cf4
d2e08b01918c43542fd10850dbfaf9e76e4269908d5652f1cc4516d0cccb39a7
d442ee58c2d6e1c9d8dae9dd65c402d7a0e1796cf6f6c99d65862bb5323c12d6
d9993bac529eb3754ea4b88a4abae634ab35a426c02a02b335eba6dfe97b6866
e01223113376512a70de49ebaab3a76d1e0e96145f99b68c9eba81639f7026db
ee13d9e5dc020570b9d92a76e0f106ed4c65603ef12b5608975787197358b986
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f156f82df794964b4bffefe79013aab76f8b8210eb2fb093667e5448c515253c
f6afac557154a633bed23202648647980d8537e86ae8762fb63328487e1b57cb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d