v.javhdo.net Open in urlscan Pro
167.99.76.94  Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3hTd-1pW7atgUPsOyeOeFwiZ1J90l5VgJ7qPnoQBQvRP1hfdJZfvLSlELbP2hm2vwKuOEfHA HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1CPFxmjRfdILlkXhQyhP0iOaZTDXzRXnmx-Q4W_nQ2S9ShzUniKiYJJRrLHI5a9BwFLh0-xg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-603545186%3A1701255897453938&theme=glif

Request Chain 78

• https://xml.ezmob.com/thumbnail?i=r7RAqjrkT3Y_0&p=1701255898.483748&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.05&cpa=42ec7ceb-6621-49d3-99d2-8ec92b8c4146 HTTP 302
• https://static.ezmob.com/n254/ad/100x100_fKiRnQFwwHg3f1E0qQ7D.jpeg

Request Chain 79

• https://rtbrenab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MCwic3BhY2VpZCI6MCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlNEREUtNDYyJTJDVW5jZW5zb3JlZCUyQ0xlYWslMkNKYXYlMkNIRCUyQ1NEREUtNDYyJTJDVW5jZW5zb3JlZCUyQ0xlYWslMkNKYXYlMkNIRCUyQ0pBViUyQ09ubGluZSUyQ0pBVkhETywiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI0NTM2MzE2OCIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjIyOTEzLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MSwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX0sIm1ldHJpY3MiOnsidG9waWNzIjpbXX19XSwic2l0ZSI6eyJpZCI6IjIyOTEzIiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL3YuamF2aGRvLm5ldC9zZGRlLTQ2Mi12aWQzMTU2NDQifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiODAxMTNhYzZkZjE5ZmY2OWYzMjJmZmU0NWI2YzcwZjMiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIiLCJ3b3c2NCI6ZmFsc2V9fSwiZXh0Ijp7ImR0IjoxNzAxMjU1OTAwMzcxfX0= HTTP 302
• https://rtbrenab.com/banner/in/show/?mid=863922529318360468&pid=0&site=22913&sc=SG&usage_type=DCH&subid=45363168&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=v.javhdo.net&hostname=auc-banner-hz-13&site_id=0&spot_id=22913&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&pop_winurl=&ip=2001:df1:800:a00a:12::7&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=407&skin_test=&verify_hash=&score=1&ml=&tag_ab=a&v2=1&ttl=&space_id=0&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D22913%26source%3D45363168%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D22913%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DSDDE-462%252CUncensored%252CLeak%252CJav%252CHD%252CSDDE-462%252CUncensored%252CLeak%252CJav%252CHD%252CJAV%252COnline%252CJAVHDO%2C%26spot_id%3D22913%26p%3Dhttps%253A%252F%252Fv.javhdo.net%252Fsdde-462-vid315644%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=SDDE-462%2CUncensored%2CLeak%2CJav%2CHD%2CSDDE-462%2CUncensored%2CLeak%2CJav%2CHD%2CJAV%2COnline%2CJAVHDO,&stratagem=&ssp=3972&refresh=1&priority=0&bb=0.0001&label_ids=&site_id64=0&container=ClickadillaTuple&original_bid_usd=0&comeback=&topics=&o_d=&ectr=0 HTTP 302
• https://btds.zog.link/in/912/?sid=22913&source=45363168&idzone=0&w=1&h=1&mo=&ve=&site_id=22913&utm1=&utm2=&utm3=&utm4=&ad_tags=SDDE-462%2CUncensored%2CLeak%2CJav%2CHD%2CSDDE-462%2CUncensored%2CLeak%2CJav%2CHD%2CJAV%2COnline%2CJAVHDO,&spot_id=22913&p=https%3A%2F%2Fv.javhdo.net%2Fsdde-462-vid315644&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://cdn.1vag.com/1x1.png

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request sdde-462-vid315644 Show response v.javhdo.net/	62 KB 12 KB	44ms 19ms	Document text/html	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash c04bee6e65526553a8f43204e8ad01e232a46f3a8769d9fc2da215832ad15d58 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers content-encoding gzip content-length 12376 content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 11:04:53 GMT server Apache vary Accept-Encoding
GET H2	200	style.css v.javhdo.net/static/css/	397 KB 51 KB	17ms 15ms	Stylesheet text/css	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://v.javhdo.net/static/css/style.css?1234567 Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 3940ce9522b4d93a45df8bc9c7d6ac88191e177fbb67d62446347dec27b6dbb7 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/sdde-462-vid315644 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding gzip last-modified Tue, 23 Nov 2021 11:20:36 GMT server Apache etag "63221-5d172ee2da900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 51682
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	27ms 15ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 661221 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqKJx2XlcF61krz5MA%2BHk13p%2BKgvbCCRzND2ADSVm6%2FpTCHHxR1yyCtPJlM2DgrFstwQJYzaWOH%2Fnfvnt%2FHyO5%2BXc%2FFVwgUeLPh4pmM4Y4PXcaq0RXl3pkSSq3SA4ezrmIpjI5Qkcrjr6KdtL89JxjOI"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82da5f58cfd92f0a-SIN expires Mon, 18 Nov 2024 11:04:53 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 996 B	19ms 7ms	Stylesheet text/css	2404:6800:4003:c01::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A900&display=swap&ver=1.0.0 Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 11:04:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 11:04:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 11:04:53 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	24ms 12ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1421079 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27938 last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkNQQcVFPqAyuqT3gihUC2Td7CoQoNuH%2FnMGfYCcExlQbB23z3WKlLRvTe4C6YeSudikrUYDmWWFnIhHSf3aFlF38n4HZtSZuZwaHFFIpzfuvp9IZkE8rJtv8xKLCIUjvAv96A%2FnEJdkgDP2HgBzngmN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82da5f58cfda2f0a-SIN expires Mon, 18 Nov 2024 11:04:53 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 84 KB	74ms 44ms	Script application/javascript	2404:6800:4003:c1a::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-P8DZ2MSKCY Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eef4f624b65b54e8a8a07690cd8e9bf5314c84b137c248707d6cabeed5d56919 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85179 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Nov 2023 11:04:53 GMT
GET H2	200	x-728.gif media.discordapp.net/attachments/918179438494101527/1178675802515177562/	189 KB 190 KB	73ms 56ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1178675802515177562/x-728.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6a0cdb7fd47d9f86162bd331d08043c6641769404641474a01d79d6cda09b5e Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 166367 content-length 193945 last-modified Mon, 27 Nov 2023 12:36:50 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQEzFOS5UmUM65p%2Bb0ZWjc6wejxQcSHNmcItXrHaP%2FOC3nTLn36WYkNYxvFdoKx%2FR2gHfgzSNasD4wT4lu6NGbgJF9P8yg3gdGMNdi8yuDL4pgbBX7IjVwZcjY8Fh6ZMvA3hCCtm"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f58dd2b4cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	xs-720.1.gif media.discordapp.net/attachments/918179438494101527/1177560025808511008/	982 KB 984 KB	59ms 42ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1177560025808511008/xs-720.1.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d81eb1a57eaf1e879e3504b2cb91f2290210d7d9444c94e544a3ac10b216bba Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 51163 content-length 1005920 last-modified Fri, 24 Nov 2023 10:43:08 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9Fcz6b5SRKmWLfkOmaeD96BuhXEpVQzgUltSHqEaBe15gjL4bfKow00JC%2B6E35KHMmYPSxeeNY%2FgL3ntgonjl4GcAzfdkWRFug2WaJWfnNousHwL067pXhTCSPBv2lPEQjYFFJg"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f58dd304cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	ezgif.com-optimize_49.gif media.discordapp.net/attachments/918179438494101527/1175703516547911751/	1 MB 1 MB	34ms 30ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1175703516547911751/ezgif.com-optimize_49.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c50449435195ebe443cb29b6407f0b5e9ec893cc77710213fae9d75d82c7241b Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 42682 content-length 1081953 last-modified Sun, 19 Nov 2023 07:46:01 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxAZYc9mQxxpl%2F7tO%2FZTNCY%2FYzXArjqpkJZAwDwSqbDB2UiTYHKohXoH7V2XF1H4B7mcRbwtzzNI1M0C8uPdRr85iS1OHgHJNpch%2BgXdHMYw5lj5Q%2Fapfy8YHTnwrnyY9%2Ft47CZ9"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f590d734cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	728-x-90.gif media.discordapp.net/attachments/918179438494101527/1075734765254230046/	625 KB 626 KB	57ms 53ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1075734765254230046/728-x-90.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8712718b097293de7ad23f7167652a913e0b839d34225fe0e82662c5dc03236 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 33771 content-length 640143 last-modified Thu, 16 Feb 2023 11:05:54 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6J%2FYC4T%2Bg6QQqWgB2PAyeWhQ81TkZmajXoEk4R5LyCkW%2FsJ8q2F0DweIy0hJxn22U0gS76xzgpQfcDkAFqJ9GD%2B3OkyZYLpnfGqeAiYBwbMHsSO04z%2FV5rp51N8Y5YO1zMh3Y2xc"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f590d784cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	code.js Show response meo257na3rch.com/lv/esnk/1879662/	101 KB 38 KB	52ms 19ms	Script application/javascript	23.106.127.156 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://meo257na3rch.com/lv/esnk/1879662/code.js Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.106.127.156 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software nginx / Resource Hash 3ec062a816cb45f188d7a06f93106875497ace20eaad36585679d781cb9a27da Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 11:34:35 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6565d04b-1929a" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	123.pc.gif media.discordapp.net/attachments/918179438494101527/1177491151784247406/	391 KB 392 KB	55ms 53ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1177491151784247406/123.pc.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4257f48de4bc878685e4b4e23c38c6614668d68b7ebff961e8d9e475d7e0ec9d Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 449457 content-length 400730 last-modified Fri, 24 Nov 2023 06:09:27 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yF6gUppGbouJKNs%2BPjAHHzx91zldRv2q1zYKMpnCfAIIJZsXmwwZHvMoKCHHy%2BWVos2Nbjqx8N8OMaDqnChZnoeOr9xmQQ99WHkOfHIQdhH10xbHXMJ4IygKIN2LkripqhO3K20k"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f590d7a4cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	ee.pc.gif media.discordapp.net/attachments/918179438494101527/1177491607939985458/	447 KB 447 KB	56ms 54ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1177491607939985458/ee.pc.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00f816fba7b578b3b5d10a9cdd571fd8a0f5ae1ac70f9aa48403926a7d30f178 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 449457 content-length 457248 last-modified Fri, 24 Nov 2023 06:11:16 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9G9F8hy6z2%2BdwAmViUxefIoTRWDFiCUYZeHGwmb4nC5Fztdvc7tVGY2iuFOKx69GuKnwf0UTGZcdzAoXVEUNn2HZkCm9ojo3Q%2FSzRoAL54ptnWcnrLX9btAtyz0CcoYAMX6iAA7"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f590d7b4cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	728x90-i9.gif media.discordapp.net/attachments/918179438494101527/1005746220943282216/	81 KB 81 KB	54ms 52ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1005746220943282216/728x90-i9.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e67d34ed5a81297254703fbe0c96c5ea1f7b793de019234377650f304e772866 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 634518 content-length 82664 last-modified Sun, 07 Aug 2022 07:56:24 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soVqdAq6l%2BL%2B2b8Pgi51CyhJBPKUtPr2g%2FQ7%2BJR6%2FqueWfkO7JHxCTiFXmBAqhJhjMXfQP88kEQn1ONyyB%2FIV8YGxpffM7MxuyEyPxmtBv0HvRJhyAcYTot9yc288i4CFhsF%2FYNt"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f590d7f4cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	E63097A2-737B-782-34-039AFDE29590.blpha Show response www.vipads.live/vn/	80 B 334 B	1511ms 497ms	Script text/html	172.247.89.236 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://www.vipads.live/vn/E63097A2-737B-782-34-039AFDE29590.blpha Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.247.89.236 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash fba7a8822fe3cf74bdd7d2471884fbbc6a7d5bd01860bd56d30a822c436370ef Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 29 Nov 2023 11:04:55 GMT server nginx vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * cache-control max-age=900 expires Wed, 29 Nov 2023 11:19:55 GMT
GET H2	200	code.js Show response rkgwzfwjgk.com/i/npage/1986889/	142 KB 48 KB	50ms 22ms	Script application/javascript	23.106.127.151 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://rkgwzfwjgk.com/i/npage/1986889/code.js Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.106.127.151 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software nginx / Resource Hash 1541ca91d19141968a2d51ec245f243dbef0321482d1b8a9275acec944b41d21 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 11:34:35 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6565d04b-23739" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	main.js Show response v.javhdo.net/static/js/	113 KB 33 KB	13ms 12ms	Script application/javascript	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://v.javhdo.net/static/js/main.js?12 Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 5a821731a168a9d28f544b97216c442012d9e2bc20e42e3140b0bf2f5e81cf8a Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/sdde-462-vid315644 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding gzip last-modified Sun, 21 Nov 2021 17:03:17 GMT server Apache etag "1c49e-5d14f7c06df40-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 33254
GET H2	200	r.php Show response phym18.org/ Frame F3B4	14 KB 4 KB	71ms 40ms	Document text/html	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 388340d70120e1e16b981ed7036a9b77ece3274178f89918f9c8b6022c6dbb4a Request headers Referer https://v.javhdo.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers content-encoding gzip content-length 3987 content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 11:04:53 GMT server Apache vary Accept-Encoding
GET H2	200	adila.js Show response v.javhdo.net/static/js/	6 KB 3 KB	27ms 27ms	Script application/javascript	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://v.javhdo.net/static/js/adila.js Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 501fa9c480320dba4b7b760b9bcf33307196992af60dd842256c3e00fa0a0b0b Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/sdde-462-vid315644 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT content-encoding gzip last-modified Mon, 08 Aug 2022 05:08:39 GMT server Apache etag "1903-5e5b3cf0a03c0-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2491
GET H2	200	x-600x400.gif media.discordapp.net/attachments/918179438494101527/1178675680909733888/	618 KB 619 KB	160ms 158ms	Image image/gif	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1178675680909733888/x-600x400.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 549c0fb4babc0c68d653afd3e9821d9e5fa5c588d766f346b6c3a68e3ce540a2 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 166366 content-length 633073 last-modified Mon, 27 Nov 2023 12:36:21 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ%2BF2Z1BSSPdJoD0b5WWrOKhFuMNEEVbx6CBkCoWzMKc%2BbNcyd0J3nCoOdRPyXA1a%2BfZONWSXMIKbpgvPzt%2FAqQ0RxWsrpE0QBDuFHqfF%2FC%2BrCBYQIlB3WUbXpq6b3uTH3kTvAOJ"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f593dba4cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	400x300.jpeg media.discordapp.net/attachments/918179438494101527/1076794842404888646/	86 KB 87 KB	57ms 56ms	Image image/jpeg	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1076794842404888646/400x300.jpeg Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8122d0303b74eb10ddcb6fefd08b4fee6f3d3550ac18e886b76563ddbed70037 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 45735 content-length 88306 last-modified Sun, 19 Feb 2023 09:18:16 GMT cf-bgj h2pri server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEDghmoKeUNfY1j4cdiioApzUODpwFCcYn1xpt11VOmEfM54aEUFAnxKhU1mKmnBvKgEBiJ7kgESeFTq3pio%2BxqpAXpFDibAc3283fcN7Ea9S1EkGViHOzTVxItJrtqf5AjZBBn4"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f593dbb4cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:53 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	114ms 45ms	Font font/woff2	2404:6800:4003:c1a::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A900&display=swap&ver=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://v.javhdo.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 16:19:27 GMT x-content-type-options nosniff age 326727 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15752 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 16:19:27 GMT
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	101ms 61ms	Font application/octet-stream	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Origin https://v.javhdo.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 42972 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAT5Qce4fXRhwzjHjEwaxibCRhtp6jCOvwlDXPyB%2Bsxg7eXLlDb98WTQKGG6Fa5o3URUHtN1uxweNF1Ta1A5jYXAZ0q1XmDf6RNYcD37VdQc6DZ1xOTM1mF9L6JTyuYuo%2FtBb9yT7wzM22AYc02dpDCv"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82da5f59af913ddc-SIN expires Mon, 18 Nov 2024 11:04:54 GMT
GET H2	200	jquery.min.js Show response phym18.org/static/js/ Frame F3B4	94 KB 33 KB	108ms 105ms	Script application/javascript	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/static/js/jquery.min.js Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip last-modified Wed, 12 May 2021 11:45:28 GMT server Apache etag "1762a-5c2208c0da600-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 33225
GET H2	200	jwplayer.js Show response phym18.org/static/js/ Frame F3B4	111 KB 37 KB	55ms 52ms	Script application/javascript	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/static/js/jwplayer.js?1.712345 Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 5bb0d9f1c43b0d384d58a095042406233a439135295255b53ee7213f45079c97 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip last-modified Thu, 16 Sep 2021 07:06:04 GMT server Apache etag "1bde8-5cc1772afef00-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 37359
GET H2	200	color.css phym18.org/static/css/ Frame F3B4	534 KB 79 KB	120ms 118ms	Stylesheet text/css	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/static/css/color.css?1.0 Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash b6066fe3bf0f1b98d44840067439222d26db65319cba976f420be1ff99bcbfb9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip last-modified Thu, 13 May 2021 00:49:50 GMT server Apache etag "8592a-5c22b812ac780-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	loading_film.gif phym18.org/static/ Frame F3B4	2 KB 2 KB	80ms 78ms	Image image/gif	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://phym18.org/static/loading_film.gif Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT last-modified Wed, 12 May 2021 15:44:41 GMT server Apache accept-ranges bytes etag "784-5c223e38f0c40" content-length 1924 content-type image/gif
GET H2	200	main.min.js Show response phym18.org/static/js/ Frame F3B4	17 KB 6 KB	80ms 79ms	Script application/javascript	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/static/js/main.min.js Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip last-modified Wed, 12 May 2021 11:45:27 GMT server Apache etag "4453-5c2208bfe63c0-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5629
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame F3B4	240 KB 83 KB	39ms 38ms	Script application/javascript	2404:6800:4003:c1a::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-D8MW7V6XTG Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2da5ab51e3bd138b10ae1d8c7979850ea623e7e266bcf9a3d7bee84ec8486086 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85183 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Nov 2023 11:04:54 GMT
GET H2	200	1879662 Show response meo257na3rch.com/get/	6 KB 2 KB	46ms 46ms	Script text/javascript	23.106.127.156 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://meo257na3rch.com/get/1879662?zoneid=1879662&jp=_clhj51jkzc3sfdfm093hyx&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-480&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4896568110385664&eclog=0&sp=1&im=1&freq=0 Requested by Host: meo257na3rch.com URL: https://meo257na3rch.com/lv/esnk/1879662/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.106.127.156 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software nginx / Resource Hash 3e89344c0da3a547817a85987bbbf6fd18a6d63b421a7c977bae29288d41c7dd Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin *
POST H2	204	collect www.google-analytics.com/g/	0 243 B	112ms 41ms	Ping text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-P8DZ2MSKCY&gtm=45je3b81v881587792&_p=1701255893920&gcd=11l1l1l1l1&dma=0&cid=781770841.1701255894&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701255894&sct=1&seg=0&dl=https%3A%2F%2Fv.javhdo.net%2Fsdde-462-vid315644&dt=SDDE-462%20Uncensored%20Leak%20Jav%20HD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=311 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-P8DZ2MSKCY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 11:04:54 GMT server Golfe2 content-type text/plain access-control-allow-origin https://v.javhdo.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame F3B4	52 KB 2 KB	42ms 40ms	Stylesheet text/css	2404:6800:4003:c01::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese Requested by Host: phym18.org URL: https://phym18.org/static/css/color.css?1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c6d9d0a4b02024a935a74a55fbd3a92aaaaa5d746d5166b353ad5bda09be7a13 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 11:04:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 11:04:54 GMT
GET H2	200	css fonts.googleapis.com/ Frame F3B4	14 KB 940 B	39ms 38ms	Stylesheet text/css	2404:6800:4003:c01::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese Requested by Host: phym18.org URL: https://phym18.org/static/css/color.css?1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 313182bb88231cafe93374dc3287fbc25869b96d3e9986532dc43b587c392010 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 11:04:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 11:04:54 GMT
GET H2	200	css fonts.googleapis.com/ Frame F3B4	30 KB 1 KB	40ms 39ms	Stylesheet text/css	2404:6800:4003:c01::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i Requested by Host: phym18.org URL: https://phym18.org/static/css/color.css?1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 10:31:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 11:04:54 GMT
GET H2	200	eac8e8369f822993a74bcd42cff79241c50fd011.gif cdn.bncloudfl.com/bn/eac/8e8/369/ Frame D54A	42 KB 43 KB	181ms 73ms	Image image/webp	2606:4700:3037::6815:233e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:233e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-proxy-cache HIT date Wed, 29 Nov 2023 11:04:54 GMT x-openstack-request-id txdf5cf0c8059146788e813-0064410ba3 cf-cache-status HIT age 130631 cf-polished origFmt=gif, origSize=59549 content-disposition inline; filename="eac8e8369f822993a74bcd42cff79241c50fd011.webp" alt-svc h3=":443"; ma=86400 content-length 43008 x-trans-id txdf5cf0c8059146788e813-0064410ba3 cf-bgj imgq:100,h2pri last-modified Thu, 20 Apr 2023 09:38:39 GMT server cloudflare etag 8288ed0e1e132023537dfdcdda356cd2 vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=432000 x-timestamp 1681983518.92304 accept-ranges bytes cf-ray 82da5f5baebd6044-SIN access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Wed, 29 Nov 2023 22:47:43 GMT
GET H2	200	r.png media.discordapp.net/attachments/918179438494101527/1126534820651090081/ Frame F3B4	10 KB 11 KB	190ms 189ms	Image image/png	162.159.128.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/918179438494101527/1126534820651090081/r.png Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fad99d56145f772942093483b695b163a3a0b0a91a0a084d10cf4f2549340cb Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 45383 content-length 10660 last-modified Thu, 06 Jul 2023 15:27:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZMN9CCUpTLlpLJtcweom8ngeYmiilS5HHsJkSt0%2Fwwvccm4xpYVewz93BPFWpb5iVI0KAcRV0Kjj5f2nioKbcBqQXzH248O5MNmN98CM1HBmPGmGsHOA2Qc6dTz4kOCohL%2FWNqM"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes, bytes cf-ray 82da5f5b78614cad-SIN x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Thu, 28 Nov 2024 11:04:54 GMT
GET H2	200	fontawesome-webfont.woff2 phym18.org/static/fonts/ Frame F3B4	75 KB 75 KB	68ms 68ms	Font font/woff2	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/static/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: phym18.org URL: https://phym18.org/static/css/color.css?1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://phym18.org/static/css/color.css?1.0 Origin https://phym18.org accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip last-modified Wed, 12 May 2021 12:07:34 GMT server Apache etag "12d68-5c220db16cd80-gzip" vary Accept-Encoding content-type font/woff2 accept-ranges bytes
GET H2	200	vast.js Show response ssl.p.jwpcdn.com/player/plugins/vast/v/8.8.6/ Frame F3B4	100 KB 29 KB	622ms 179ms	Script text/plain	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/plugins/vast/v/8.8.6/vast.js Requested by Host: phym18.org URL: https://phym18.org/static/js/jwplayer.js?1.712345 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2a6b05869c16292e6b31a6a5265cf918b7b4107d4312679fe90d9a8ebd9092d9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip via 1.1 varnish age 3561949 x-cache HIT content-length 29095 x-served-by cache-bom4728-BOM last-modified Wed, 18 Nov 2020 22:18:32 GMT server AmazonS3 x-timer S1701255895.779909,VS0,VE0 etag "44af2932f13913d39f17092eaac34a54" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 8
GET H2	200	jwpsrv.js Show response ssl.p.jwpcdn.com/player/v/8.19.1/ Frame F3B4	57 KB 17 KB	688ms 246ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.19.1/jwpsrv.js Requested by Host: phym18.org URL: https://phym18.org/static/js/jwplayer.js?1.712345 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip via 1.1 varnish age 613 x-cache HIT content-length 17364 x-served-by cache-bom4728-BOM last-modified Wed, 24 Mar 2021 14:50:54 GMT server AmazonS3 x-timer S1701255895.780346,VS0,VE1 etag "2d642e2770c705fe7a30a5a3a28396ea" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=900, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	jwplayer.core.controls.html5.js Show response ssl.p.jwpcdn.com/player/v/8.19.1/ Frame F3B4	334 KB 89 KB	686ms 245ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.19.1/jwplayer.core.controls.html5.js Requested by Host: phym18.org URL: https://phym18.org/static/js/jwplayer.js?1.712345 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1ccda3101464651da7c790c85225d947792a91e08741893cd8a5d3b40a5f0514 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT content-encoding gzip via 1.1 varnish age 4109779 x-cache HIT content-length 91094 x-served-by cache-bom4728-BOM last-modified Mon, 08 Mar 2021 21:57:48 GMT server AmazonS3 x-timer S1701255895.780366,VS0,VE1 etag "8950970ce7c22e0ac837b278a318d217" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	chicken.gif meo257na3rch.com/ Frame D54A	43 B 479 B	42ms 41ms	Image image/gif	23.106.127.156 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Show image Full URL https://meo257na3rch.com/chicken.gif?z=1879662&pb=49e708195957b4af17636ae65ae8960f1701263094&psp=iSZyXO-neWVGwdSaaqkPdmZSpsAVA26fs3DJycpyhOaa9SgxT0kYcxnCnq3TIMjmWYKg7QH7DKHzPb8oCrhyiBiWikivat7wJErh3oa-7777NlMai70Cq03r9XNCMPA9CHoXs7uXph-de2skLGH3xkCTI5VzQxUUSKTrlSTMoXBALOMezXbzj009hofnAeYYEOP34y8In05rY-noN6pkJNxuiUGIRGxVwPbUd6uS8plrwshIeLYFI9Ml9C1uuP7jqtj7KRM9KyYq3eDwRG6HDzucq0rmve21n98jjkm3OTpttNxoxa9HLM3wzK4qvbcaUC6r5Yff7rihT9G7Z1EAmCeszbAgcMLsbYtP638MAvDCNEFjG_iYCQ4K3-YmywW-sJ0KDglh9s0nWcU9YcWztzIodJOes5nGw1i48alzlxi3EOW2XhbiOw84oeQ9jgm2G1eLEEKncw-m69qEkLi_45WK-zKLb0MjIzwcX08xqbv1Efsemy99DTw1Boz2IZqNCGyHB6T9k7pxmpk48WghDiI8qlI3CAh9--ItuMtp0H-sfZWTu06hGmfh-9BZMyKe3QeA1W-KiqTHgjwqC4qMSPVSqyqKcjIiysStTYDFxktbIHDjYIkEza-HBU1ROh6ZVv3Cvo28_t6fIYGLPNa5IzOr4J0MBKVlTo7uLceaGXnpD33ZZ28nBAl-ch74DWQDwY7twSfVlM4ifnSEVpyridfQ2SS5MuofdjHxY0Tx5pFCJ9hhTSHrS8jPZVy2XjjSEsvUePBoGMaVHM4vKIWwrxc5iBr3QVZaVRZOOziifsOUediH2kObHfoweDRwGtSz58QCUGNNhIFxC_C4XoinoWIYnwzUTA8_zltr3qy4-R8Y7yPK_uTY3joyWqXCUAh8IkJUCL0jZ73_jy5p_YAX81I0yp_SfTt8LZi3Ar0OXEqh1hbZv5VYtskEr-AEoNsmTj0l5bQefWYkVFTjH-h0bQ3pky5J9GJAGroxY8bupWQ6uAHI4sQClwnQnW0xY3GuBX6pk69niy2qlgU7fgGTRGVkUd79z6LmQn8DNjHexDW-nz1HPs9rbLWqfsUiZSrKHQt23_xjHfaC5c5X3e5gmxSXefYgCUXvZLkt3LzAEbpHzyFk9PvIsbzxOkWEKbzYSKmtDQhLgC-twZnWc1jJkaZbUxv6WcJRk7zWSPEuUs4j-sA3PiBi8_s7x9ve3vbpEmTCXx92nC1_T-Eu22n24NeBqgK1Om450QXrOmm_&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-480&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4896568110385664&eclog=0&sp=1&im=1&pload=321 Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.106.127.156 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:54 GMT x-route-id stats.impression server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET DATA	200 OK	truncated / Frame F3B4	253 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml;charset=UTF-8
GET H2	400	GCCG.json Show response entitlements.jwplayer.com/ Frame F3B4	71 B 227 B	287ms 41ms	XHR application/json	152.195.62.252 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://entitlements.jwplayer.com/GCCG.json Requested by Host: phym18.org URL: https://phym18.org/static/js/jwplayer.js?1.712345 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.62.252 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (hkc/BD0B) / Resource Hash f28df38bea81995fd78f9077bff2dfc9d60ee13b8c414bc426c61c0e1b0bee86 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT last-modified Wed, 29 Nov 2023 07:34:02 GMT server ECAcc (hkc/BD0B) age 12653 x-cache 400-HIT content-type application/json access-control-allow-origin * cache-control max-age=1800, s-maxage=11700 accept-ranges bytes content-length 71
GET H2	200	tt.vtt Show response phym18.org/sub/ Frame F3B4	144 B 233 B	6ms 6ms	XHR text/plain	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/sub/tt.vtt Requested by Host: phym18.org URL: https://phym18.org/static/js/jwplayer.js?1.712345 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 6463764f47edc58768e520854488f6593e256d0db349bb343f76af263530cf80 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT content-encoding gzip last-modified Thu, 06 Jul 2023 17:58:17 GMT server Apache etag "90-5ffd542c6e040-gzip" vary Accept-Encoding accept-ranges bytes content-length 134
GET H2	200	polyfills.webvtt.js Show response ssl.p.jwpcdn.com/player/v/8.19.1/ Frame F3B4	10 KB 4 KB	178ms 178ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.19.1/polyfills.webvtt.js Requested by Host: phym18.org URL: https://phym18.org/static/js/jwplayer.js?1.712345 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 07dd63cdcd7db90b650119dff96d237ddc66726d06ffa16e5deb124eeedef492 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT content-encoding gzip via 1.1 varnish age 47641 x-cache HIT content-length 4390 x-served-by cache-bom4728-BOM last-modified Mon, 08 Mar 2021 21:57:50 GMT server AmazonS3 x-timer S1701255895.445464,VS0,VE1 etag "14b128326043d1d6ce551f8618e82e59" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	t69.jpg tuoi69.cam/static/ Frame F3B4	405 KB 405 KB	37ms 10ms	Image image/jpeg	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://tuoi69.cam/static/t69.jpg?v1 Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 434910937854cd17fa863e173639f6655869f73f8356830326d9d77a11d94284 Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT last-modified Thu, 06 Jul 2023 06:28:59 GMT server Apache accept-ranges bytes etag "6523a-5ffcba1a5e0c0" content-length 414266 content-type image/jpeg
GET H2	200	vttparser.js Show response ssl.p.jwpcdn.com/player/v/8.19.1/ Frame F3B4	5 KB 2 KB	188ms 188ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.19.1/vttparser.js Requested by Host: phym18.org URL: https://phym18.org/static/js/jwplayer.js?1.712345 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 10a76f9e66e107b245d12cb1ac85c9110eb475a5dd5d5d0f3cd9b184f06ce7fc Request headers accept-language zh-SG,zh;q=0.9 Referer https://phym18.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT content-encoding gzip via 1.1 varnish age 3153743 x-cache HIT content-length 2145 x-served-by cache-bom4728-BOM last-modified Mon, 08 Mar 2021 21:57:52 GMT server AmazonS3 x-timer S1701255896.514466,VS0,VE1 etag "1ac7e836af08e347ede3a0154296a216" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	404	blank phym18.org/ Frame F3B4	257 B 307 B	14ms 14ms	Media text/html	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/blank Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash f21e41d46ba3be864b133ee092f20de2887e84261cc484ac52f2109175e82473 Request headers Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Accept-Encoding identity;q=1, *;q=0 accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Range bytes=0- Response headers date Wed, 29 Nov 2023 11:04:55 GMT server Apache content-length 257 content-type text/html; charset=iso-8859-1
GET H2	200	61ee6469b078831cd512b250defbd6b2.js Show response 119c0c90cd.e46271be93.com/	162 KB 50 KB	439ms 5ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Requested by Host: v.javhdo.net URL: https://v.javhdo.net/static/js/adila.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 76a6563e1b32988a00acd346df3386a8e5c8e3fa51ecf5db77670da8109ea398 Request headers Referer https://v.javhdo.net/ Origin https://v.javhdo.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Wed, 29 Nov 2023 11:09:55 GMT date Wed, 29 Nov 2023 11:04:55 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 12:01:41 GMT server nginx/1.18.0 etag W/"6565d6a5-288d5" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	1986889 Show response rkgwzfwjgk.com/get/	37 B 681 B	8ms 7ms	Script text/javascript	23.106.127.151 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Full URL https://rkgwzfwjgk.com/get/1986889?zoneid=1986889&jp=_clta8dga8cjiw92w8dh1zy&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-480&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=8837217784385536&eclog=0&sp=1&im=1&freq=0 Requested by Host: rkgwzfwjgk.com URL: https://rkgwzfwjgk.com/i/npage/1986889/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.106.127.151 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software nginx / Resource Hash c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript x-route-id config timing-allow-origin *
POST H2	200	ajax.php Show response v.javhdo.net/	66 B 148 B	17ms 17ms	XHR application/json	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://v.javhdo.net/ajax.php Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 16f6f4e06e8ae4988cc4b73c40ce9875198bccc89fcb5a6e98dbef68183cf95a Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://v.javhdo.net/sdde-462-vid315644 X-Requested-With XMLHttpRequest accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 29 Nov 2023 11:04:55 GMT content-encoding gzip server Apache content-length 72 vary Accept-Encoding content-type application/json; charset=UTF-8
GET H2	404	blank phym18.org/ Frame F3B4	257 B 285 B	5ms 4ms	Media text/html	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/blank Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash f21e41d46ba3be864b133ee092f20de2887e84261cc484ac52f2109175e82473 Request headers Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Accept-Encoding identity;q=1, *;q=0 accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Range bytes=0- Response headers date Wed, 29 Nov 2023 11:04:55 GMT server Apache content-length 257 content-type text/html; charset=iso-8859-1
GET H2	404	blank phym18.org/ Frame F3B4	257 B 285 B	4ms 4ms	Media text/html	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/blank Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash f21e41d46ba3be864b133ee092f20de2887e84261cc484ac52f2109175e82473 Request headers Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Accept-Encoding identity;q=1, *;q=0 accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Range bytes=0- Response headers date Wed, 29 Nov 2023 11:04:55 GMT server Apache content-length 257 content-type text/html; charset=iso-8859-1
GET H2	404	blank phym18.org/ Frame F3B4	257 B 285 B	4ms 4ms	Media text/html	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phym18.org/blank Requested by Host: phym18.org URL: https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash f21e41d46ba3be864b133ee092f20de2887e84261cc484ac52f2109175e82473 Request headers Referer https://phym18.org/r.php?fid=315644&t=1701255712&eids=%221069536%22,%221069617%22,%221069537%22 Accept-Encoding identity;q=1, *;q=0 accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Range bytes=0- Response headers date Wed, 29 Nov 2023 11:04:55 GMT server Apache content-length 257 content-type text/html; charset=iso-8859-1
GET H2	200	bg.jpg recurbate.net/static/	21 KB 21 KB	53ms 21ms	Image image/jpeg	111.90.140.71 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://recurbate.net/static/bg.jpg Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 111.90.140.71 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS mail1.euro-store.online Software Apache / Resource Hash 182a79e36353e7fa47c92a15aee3aa95c3c33bb5ca4259c122b9a2ada5ea3e41 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:10:08 GMT last-modified Fri, 30 Dec 2022 01:48:34 GMT server Apache accept-ranges bytes etag "5394-5f101cca24080" content-length 21396 content-type image/jpeg
GET H2	200	bg480.jpg allnudex.com/static/	16 KB 16 KB	28ms 9ms	Image image/jpeg	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://allnudex.com/static/bg480.jpg Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash d32b304dc64086ea53cff32e8870050a2e692bdcbcff5305d952b88b1fdec0b6 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT last-modified Thu, 29 Dec 2022 01:45:01 GMT server Apache accept-ranges bytes etag "40df-5f0eda218c140" content-length 16607 content-type image/jpeg
GET H2	200	bg480.jpg kr18plus.net/images/	73 KB 74 KB	25ms 6ms	Image image/jpeg	167.99.76.94 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://kr18plus.net/images/bg480.jpg Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.76.94 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 8a44c4216a7d3b3e9d32e53b8b968ec1ef600c942dc5a6256a88711f9ba9ca97 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT last-modified Fri, 04 Nov 2022 18:23:38 GMT server Apache accept-ranges bytes etag "125b4-5eca92c27fe80" content-length 75188 content-type image/jpeg
GET H2	200	thefap-480x360-mask.jpg thefap.net/assets/	107 KB 107 KB	51ms 19ms	Image image/jpeg	111.90.140.71 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://thefap.net/assets/thefap-480x360-mask.jpg Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 111.90.140.71 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS mail1.euro-store.online Software Apache / Resource Hash 90322a119be457c45d93fe511e077ab53e60509a003c61e3516c13c47c8ea630 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:10:08 GMT last-modified Mon, 06 Mar 2023 06:57:53 GMT server Apache accept-ranges bytes etag "1aa12-5f635d05cde40" content-length 109074 content-type image/jpeg
GET H2	200	eac8e8369f822993a74bcd42cff79241c50fd011.gif cdn.bncloudfl.com/bn/eac/8e8/369/ Frame D54A	42 KB 42 KB	11ms 10ms	Image image/webp	2606:4700:3037::6815:233e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif Requested by Host: meo257na3rch.com URL: https://meo257na3rch.com/lv/esnk/1879662/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:233e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-proxy-cache HIT date Wed, 29 Nov 2023 11:04:55 GMT x-openstack-request-id txdf5cf0c8059146788e813-0064410ba3 cf-cache-status HIT age 130632 cf-polished origFmt=gif, origSize=59549 content-disposition inline; filename="eac8e8369f822993a74bcd42cff79241c50fd011.webp" alt-svc h3=":443"; ma=86400 content-length 43008 x-trans-id txdf5cf0c8059146788e813-0064410ba3 cf-bgj imgq:100,h2pri last-modified Thu, 20 Apr 2023 09:38:39 GMT server cloudflare etag 8288ed0e1e132023537dfdcdda356cd2 vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=432000 x-timestamp 1681983518.92304 accept-ranges bytes cf-ray 82da5f650adf6044-SIN access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Wed, 29 Nov 2023 22:47:43 GMT
GET H2	200	chicken.gif meo257na3rch.com/ Frame D54A	43 B 479 B	7ms 5ms	Image image/gif	23.106.127.156 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Show image Full URL https://meo257na3rch.com/chicken.gif?z=1879662&pb=49e708195957b4af17636ae65ae8960f1701263094&psp=iSZyXO-neWVGwdSaaqkPdmZSpsAVA26fs3DJycpyhOaa9SgxT0kYcxnCnq3TIMjmWYKg7QH7DKHzPb8oCrhyiBiWikivat7wJErh3oa-7777NlMai70Cq03r9XNCMPA9CHoXs7uXph-de2skLGH3xkCTI5VzQxUUSKTrlSTMoXBALOMezXbzj009hofnAeYYEOP34y8In05rY-noN6pkJNxuiUGIRGxVwPbUd6uS8plrwshIeLYFI9Ml9C1uuP7jqtj7KRM9KyYq3eDwRG6HDzucq0rmve21n98jjkm3OTpttNxoxa9HLM3wzK4qvbcaUC6r5Yff7rihT9G7Z1EAmCeszbAgcMLsbYtP638MAvDCNEFjG_iYCQ4K3-YmywW-sJ0KDglh9s0nWcU9YcWztzIodJOes5nGw1i48alzlxi3EOW2XhbiOw84oeQ9jgm2G1eLEEKncw-m69qEkLi_45WK-zKLb0MjIzwcX08xqbv1Efsemy99DTw1Boz2IZqNCGyHB6T9k7pxmpk48WghDiI8qlI3CAh9--ItuMtp0H-sfZWTu06hGmfh-9BZMyKe3QeA1W-KiqTHgjwqC4qMSPVSqyqKcjIiysStTYDFxktbIHDjYIkEza-HBU1ROh6ZVv3Cvo28_t6fIYGLPNa5IzOr4J0MBKVlTo7uLceaGXnpD33ZZ28nBAl-ch74DWQDwY7twSfVlM4ifnSEVpyridfQ2SS5MuofdjHxY0Tx5pFCJ9hhTSHrS8jPZVy2XjjSEsvUePBoGMaVHM4vKIWwrxc5iBr3QVZaVRZOOziifsOUediH2kObHfoweDRwGtSz58QCUGNNhIFxC_C4XoinoWIYnwzUTA8_zltr3qy4-R8Y7yPK_uTY3joyWqXCUAh8IkJUCL0jZ73_jy5p_YAX81I0yp_SfTt8LZi3Ar0OXEqh1hbZv5VYtskEr-AEoNsmTj0l5bQefWYkVFTjH-h0bQ3pky5J9GJAGroxY8bupWQ6uAHI4sQClwnQnW0xY3GuBX6pk69niy2qlgU7fgGTRGVkUd79z6LmQn8DNjHexDW-nz1HPs9rbLWqfsUiZSrKHQt23_xjHfaC5c5X3e5gmxSXefYgCUXvZLkt3LzAEbpHzyFk9PvIsbzxOkWEKbzYSKmtDQhLgC-twZnWc1jJkaZbUxv6WcJRk7zWSPEuUs4j-sA3PiBi8_s7x9ve3vbpEmTCXx92nC1_T-Eu22n24NeBqgK1Om450QXrOmm_&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-480&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4896568110385664&eclog=0&sp=1&im=1&pload=1686 Requested by Host: v.javhdo.net URL: https://v.javhdo.net/sdde-462-vid315644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.106.127.156 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:55 GMT x-route-id stats.impression server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	14678 Show response 119c0c90cd.e46271be93.com/551a6bc83240c0fdd7c382f92ae9e16a/	5 KB 5 KB	287ms 287ms	XHR application/json	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://119c0c90cd.e46271be93.com/551a6bc83240c0fdd7c382f92ae9e16a/14678?version_name=a Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash d427c581774f5b236da02ebefa1acb88f44656aea609f0dd883bc138a89ae3c9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Wed, 29 Nov 2023 11:04:56 GMT cache-control max-age=300 x-proxy-cache EXPIRED server nginx/1.18.0 content-type application/json expires Wed, 29 Nov 2023 11:09:56 GMT
GET H2	200	advertising.js Show response js.capndr.com/	0 238 B	14ms 3ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/advertising.js Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Wed, 29 Nov 2023 11:09:56 GMT date Wed, 29 Nov 2023 11:04:56 GMT last-modified Fri, 14 Jul 2023 08:23:25 GMT server nginx/1.18.0 etag "64b105fd-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H2	200	tags Show response notification.tubecup.net/	7 KB 7 KB	941ms 176ms	XHR application/json	94.130.197.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://notification.tubecup.net/tags?tag_id=14678&timezone_olson=Asia/Singapore&version_name=a Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.130.197.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.197.130.94.clients.your-server.de Software nginx/1.18.0 / Resource Hash 4baafbd75c17377ca10d37dfc5219089f7378432aa18b9862f58fa70895c0d1c Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 11:04:57 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 7080
GET H2	200	count.html Show response storage.multstorage.com/log/ Frame F8EA	882 B 901 B	205ms 173ms	Document text/html	2606:4700:3032::ac43:ae33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://storage.multstorage.com/log/count.html Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2 Request headers Referer https://v.javhdo.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82da5f6e89d35f93-SIN content-encoding br content-type text/html date Wed, 29 Nov 2023 11:04:57 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7%2F5SpbTedvQLxznLJbhoHxx78tWT%2Fucbc3aGzd5onK3oyEUbEt6eSFqmdQCQMQr6vwlDsu8Pid8dy984CzzNDUb1nAPfCU99fDFJ7B4ZllH9bJlEkX7o07sHVYZ6jLcqt2HQ1OKAuneY2y4utG6JhY2k%2F1KDA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-request-id 6ea57f0f5e18c7851e45dcc2a17c0855
GET H2	200	track Show response 6f9978f41d.f3e3a6cea1.com/in/	0 207 B	740ms 169ms	XHR text/plain	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://6f9978f41d.f3e3a6cea1.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDM5MTAzODQ2ODA0NzgwNjAwMCIsInRpbWV6b25lIjo4LCJ2ZXIiOiIzLjkzLjEiLCJ0YWdfaWQiOjE0Njc4LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiQXNpYS9TaW5nYXBvcmUiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4yNywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiU0RERS00NjIlMkNVbmNlbnNvcmVkJTJDTGVhayUyQ0phdiUyQ0hEJTJDU0RERS00NjIlMkNVbmNlbnNvcmVkJTJDTGVhayUyQ0phdiUyQ0hEJTJDSkFWJTJDT25saW5lJTJDSkFWSERPIn0= Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 11:04:58 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	ea309d521ee5679b176f2c71710dd002.js Show response 119c0c90cd.e46271be93.com/	47 KB 15 KB	11ms 4ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://119c0c90cd.e46271be93.com/ea309d521ee5679b176f2c71710dd002.js Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash a185a3a3a2e013881fe114e18d86d09cf7749018f63b94586830307a5a00088b Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Wed, 29 Nov 2023 11:09:57 GMT date Wed, 29 Nov 2023 11:04:57 GMT content-encoding gzip last-modified Wed, 22 Nov 2023 08:24:19 GMT server nginx/1.18.0 etag W/"655dbab3-ba40" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	b38489e8e1638459a87e6258a21db08f.js Show response 119c0c90cd.e46271be93.com/	521 KB 130 KB	19ms 12ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://119c0c90cd.e46271be93.com/b38489e8e1638459a87e6258a21db08f.js Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash bf2ac9341e55ae24ae73a746d6c27e4fa4f68e3778943b6a4f519e4664a6ca6a Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Wed, 29 Nov 2023 11:09:57 GMT date Wed, 29 Nov 2023 11:04:57 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 13:39:38 GMT server nginx/1.18.0 etag W/"6565ed9a-824e7" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	build.m.js Show response js.cabnnr.com/banner-admanager/	53 KB 18 KB	25ms 12ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.cabnnr.com/banner-admanager/build.m.js Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 2acb8b5e738c3e88e2f8a111c5fbb60bc81e724f230d3fce37fc78652c615570 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Wed, 29 Nov 2023 11:09:57 GMT date Wed, 29 Nov 2023 11:04:57 GMT content-encoding gzip last-modified Fri, 24 Nov 2023 09:13:53 GMT server nginx/1.18.0 etag W/"65606951-d3d5" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	506ms 172ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=14678 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://v.javhdo.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://v.javhdo.net Connection keep-alive Date Wed, 29 Nov 2023 11:04:57 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	58 B 431 B	729ms 385ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=14678 Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/61ee6469b078831cd512b250defbd6b2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash 09411f8aeae50edf65c841f20662ecb75f446fc011b158637e4dfb24701ddc8b Request headers Referer https://v.javhdo.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Wed, 29 Nov 2023 11:04:58 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://v.javhdo.net Access-Control-Allow-Credentials true Connection keep-alive Content-Length 58
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3hTd-1pW7atgUPsOyeOeFwiZ1J90l5VgJ7qPnoQBQvRP1hfdJZfvLSl... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1CPFxmjRfdILlkXhQyhP0iOaZTDXzRXnmx-Q4W_nQ2S9ShzUniKiYJJRrLHI5a9BwFLh0-xg&passive...	0 0	20ms 20ms	Image text/html	2404:6800:4003:c0f::54 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1CPFxmjRfdILlkXhQyhP0iOaZTDXzRXnmx-Q4W_nQ2S9ShzUniKiYJJRrLHI5a9BwFLh0-xg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-603545186%3A1701255897453938&theme=glif Protocol H3 Server 2404:6800:4003:c0f::54 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Redirect headers date Wed, 29 Nov 2023 11:04:57 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-mppBczSYqeuiQLGne-rXvA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 406 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1CPFxmjRfdILlkXhQyhP0iOaZTDXzRXnmx-Q4W_nQ2S9ShzUniKiYJJRrLHI5a9BwFLh0-xg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-603545186%3A1701255897453938&theme=glif cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	multy 7b808c74be.f3277f96a7.com/in/ Frame	0 0	1001ms 165ms	Preflight	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://7b808c74be.f3277f96a7.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://v.javhdo.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Wed, 29 Nov 2023 11:04:58 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	dip Show response nereserv.com/in/	0 201 B	524ms 180ms	XHR text/plain	94.130.198.6 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=1&event_id=130cfdab-d27b-4527-a31d-f26d82e46fc5&subid=1367162653&sid=1598156667&spot_id=11762&created_at=2023-11-29&timezone=8&ver=8.120.0&is_native=1 Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/b38489e8e1638459a87e6258a21db08f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.130.198.6 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.6.198.130.94.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 11:04:57 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
POST H2	200	multy Show response 7b808c74be.f3277f96a7.com/in/	36 KB 5 KB	690ms 689ms	XHR application/json	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://7b808c74be.f3277f96a7.com/in/multy Requested by Host: 119c0c90cd.e46271be93.com URL: https://119c0c90cd.e46271be93.com/b38489e8e1638459a87e6258a21db08f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 74f4298181c6768ea372f17c0aca6f9c99f1c2922ecfae9bac3921c76f975110 Request headers Referer https://v.javhdo.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers pragma no-cache date Wed, 29 Nov 2023 11:04:59 GMT content-encoding gzip server nginx/1.18.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 4892
GET H2	200	SG_24ada73cd8e8512c872073ddd6a67999a05ad8fa_icon.webp static.bookmsg.com/creatives/SG/	710 B 868 B	498ms 161ms	Image image/webp	78.47.181.156 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/SG/SG_24ada73cd8e8512c872073ddd6a67999a05ad8fa_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.05&cpa=0ada3886-c139-483e-bf1c-e3cf798e4e39 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.47.181.156 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.156.181.47.78.clients.your-server.de Software nginx/1.18.0 / Resource Hash 6c5949e861812eaa0e5b912d74acac8796a281c07458f81d36d444f8598d7797 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:59 GMT last-modified Mon, 30 Nov 2020 08:59:31 GMT server nginx/1.18.0 etag "5fc4b473-2c6" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 710
GET H2	200	SG_24ada73cd8e8512c872073ddd6a67999a05ad8fa.webp static.bookmsg.com/creatives/SG/	3 KB 4 KB	498ms 162ms	Image image/webp	78.47.181.156 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/SG/SG_24ada73cd8e8512c872073ddd6a67999a05ad8fa.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.47.181.156 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.156.181.47.78.clients.your-server.de Software nginx/1.18.0 / Resource Hash 1e6c2280c9ced3f48cceb285a02661211b2832ec4bc6bcc6fe731bf270d7cbbf Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:04:59 GMT last-modified Mon, 30 Nov 2020 08:59:30 GMT server nginx/1.18.0 etag "5fc4b472-dcc" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 3532
GET H2	200	/ 7b808c74be.f3277f96a7.com/in/show/	0 201 B	503ms 168ms	Image text/plain	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://7b808c74be.f3277f96a7.com/in/show/?tag_ab=a&site_id=3111762&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fv.javhdo.net%2Fsdde-462-vid315644&refdom=v.javhdo.net&auction_time=1701255898&subid=1367162653&sid=1598156667&tcid=0&ver=8.120.0&ver_c=&spot_id=11762&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-29&iabcat=IAB25-3&keywords=japanese&user_fp=6690969066474170650&score=83.52903729780881&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1367162653%26spot_id%3D11762%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fv.javhdo.net%252Fsdde-462-vid315644%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=503c85ee8df49110fb8bbd42a212ccfb&url=https%3A%2F%2Fpodefr.net%2Fb2%2Fl%2Fc%2Fredir%3Fcid%3D1%26did%3DempIR0Q%26eid%3D722%26n%3D45b155e43e201f56e966af71%26nid%3D1%26sid%3Dr4BmeKxJoCsVgTSyuBzlSbav%252FdBp44%252Fw%252BGNtJy0rhSIKuGSebRk1Mm%252BRxm46wA4doR7XYisydUaOYvijaKAjodNef5WG0aXDBrHkqv9C5Gtt67FBF%252FLP2wGIsN2piqGvOaGFWx6zp0w%252F4djQDip8STt9KsiY9udurjsPU8pCnDU1YbMJWg2SxP%252FBzHQ%252Bpj6PNo6mjRoLQaxa3dHBj9TfBVZth9oeXa7wMnrL8Nm%252BDG0v00QpcrbPb6NQ1rU%252FOjPVPb6C1455PcTjoYPCWueXHoaMJmSF5SIuKvUe04%252B31xnTWfJouj5DWrD4Duatm7RZIPzYsS2fGlU8YaR5BohewRBSl%252BTW8qqonVcIcZl8o%252B9aWgAkb5PEsCpGuqPXECNCeGsb7Pwb5ennp%252BA4FN1xPiL%252BmLmZcZR6zP2erQTn8%252Baeu4ZGxcP4004cIrebiuiqjFIedPOSKubQSghcuTjdOwgp9nvuwB1NqkD968P7tmcPiiSH4DPv1y9VXJ5MSpkVSCT%252BSzTt05HxQoyqx%252FQCgdFP2d4QTlSl77nqcdXanYtxCe8gbv%252B1Fmeuogdkck0wXqrbQ2s2wNcQg2%252B0U1Qwxgt1V1%252FhC48G49q0jhvpf6X55ng1kwnYpv1lu8WepJ2r1TC77Qv1RKJ0U663ZtUlM8s1Aal%252Ba%252F1MJjYiZGAYZRBxqndox%252FWFpPeddx%252F2%252BUeecppNQChcKIZvBDjb56Amm62YBUWf6esFfJCsjEF9QaH6k%252Fq8uSD3G%252BfXwDmMN2Hd%252Fwx1w2owrnQ66F7YVHZsCE5dYhnFTlBFLs8YMiIKtVqL2q88Q22%252BzRwXQVsfWIPDoULjoGiWpPUKIScfN7ysPKpOJDvQitJJXBabLD%252BMC18c0xrWzqiNEliGCNXJ0b2uMAXX0zG4UUMeyFOPTThfsVTGPqISZUU3iYfB9%252BV0DTfvgHSEoU%252FChPWvWmDKDTgBGe%252B%252FSBCDxNoToerXc4lvLX3waRLqO8e38QZPpVwsT8YDg6hYa3NJs0Zx421ksSIGhgiunNfUEPI0YqOqErKxIe5wU5q%252FKU1SXubM6KiHrpinP7Lj0RnBGYwWW4lC4dueUiA7ecVZRgCGhL97ULGANCcM0tKwqaSQPIBo%252B5HcpbqR09SGO%252B4%252FYhJ%252FnRetj9Q57Lbc0V6XgmICnGTLEwBcStHyz6VNcdfKjZLBQKqWk8sATBR%252Bn0VbtVfi9JTEIrDV7ZUF6G%252BWBJgjOK9DifwcevjnfcG%252FuDUO%252BfZ4HRVtZm2MNvvtzZXLajuYffOFteKswZfP%252Biow7ovrjSG1DCAEk7%252BLlGeWUv5X9YyGFyXt6LCPEXzOOVtMMrhbvRvNro5XxZf3kl%252BRhfn4UT2MooieiptD6u0yOGIWwU9aceOO37Mkn4vjnQsTbiYdaZ2%252FeqIcDktIrtqzGevnQ4BEVvX4%252FyuNn6r2HdfcY73xLRTSzQUd0KTWk4kfDJO3GuLv8caLAhEUppBp52MTg49Y9DaL%252BKI0hcdvKOONB4nvs9NvN57qNp3n5TrEJEQxBTuTQdktzfFwcKfIeD6auzhWDvdxQm1mhHCmxR0Wxg5tb8zRqvAoZxU20x%252BgAQGrc1S8WAC0fpePwkO1v%252FJ3hJS7P6bjawr1f%252F2MfK5YsdHRlkhtOpDpCqm6HuSb1jZXXOCtR9JFijNSAALLxeNrGgSPRvmmW6r1iBQtS6V8YenW7eHnzsAH9TthPs0Xr7IImoBUj%252B%252B2yIoTTjDEavgq06lmua2hZmvboPDX4BxmuUQ226MqmUmduFHXSokSYiHTLKAqTO2%252FsHR5HJ%252BMIJqMm7PGetU6R8DvyMP6vtBU7u88jKpqwo0B%252FIx3F7wZpzqyGuwSULgXapLcXgAta%252F%252FjguWvX0KurpjFjlvgvFY0Dy%252Bf5ywdgI1M1oop%26ssid%3D3298729702mfprcHFG%26ts%3D1701255898%26ttl%3D14400%26v%3Dv5.8.7&icons=SHqy3HhyW05uW4KvUSgMkamKYFEldRHTgRz4c2-1PTH4sCVPtj3uqWDLGvKEUGOE2MyLqyfpbBt87Kpcvkz5HdXiYsk-aFELPYgw-vaSKn17BOBAn9fogVcJbr1o2MnBC1IfPIFBjXDHzqqWkuHcW-fSCAcfQipPpUur4swEbsOzTGt4Ag&ext_cid=0&px_id=3111762&min_cpm=0.007696163483795171&out_id=1&campaign_type=lq-pop&aid=61&cid=2883&uniq=&mid=3100960221393809609&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.024312889894865762&cpm=0&verify_hash=47eb76571091c63f8b052720f395c742&is_native=2&real_bid=0.00039475700000000003&original_bid_usd=0&original_bid=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.159%20Safari%2F537.36&ip_mismatch=2001:df1:800:a00a:12::7&geo=SG&carrier=-&label_ids=123,4,59,89,108,0&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1701277498&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_24ada73cd8e8512c872073ddd6a67999a05ad8fa.webp&site=native-push-adult&price=0.00039475700000000003&hostname=auc-inpage-hz-4-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Asia/Singapore&topics=&historical_keywords=&pop_cpc=0.00000039475700000000005&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.05&cpa=00354f42-c0c6-4bc4-a0fa-0d27ab3c2634 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 11:04:59 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET DATA	200 OK	truncated / Frame EC9F	483 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ 7b808c74be.f3277f96a7.com/in/show/	0 200 B	486ms 168ms	Image text/plain	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://7b808c74be.f3277f96a7.com/in/show/?tag_ab=a&site_id=3111762&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fv.javhdo.net%2Fsdde-462-vid315644&refdom=v.javhdo.net&auction_time=1701255898&subid=1367162653&sid=1598156667&tcid=0&ver=8.120.0&ver_c=&spot_id=11762&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-29&iabcat=IAB25-3&keywords=japanese&user_fp=6690969066474170650&score=83.52903729780881&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1367162653%26spot_id%3D11762%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fv.javhdo.net%252Fsdde-462-vid315644%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=9d87ca5f4fb245a8a72dce58ee986b6a&url=https%3A%2F%2Fxml.ezmob.com%2Fclick%3Fi%3Dr7RAqjrkT3Y_0%26p%3D1701255898.483748&icons=9PKuyFk0LL_wGpjAaWXtbJImz6pIhih9Miu5kkN1WwYjRaF2pfwHDDeyPwAPxN5GbjfWJZkr2svNYa_OmAez9d9uKNZA-h8O454zMY5a-5yVv5DRCwgWLFgY2mYQSsFxTen7PaSyh72a7GcAIJ2aTu2Xz9bs&ext_cid=0&px_id=7311762&min_cpm=0.00029908225539288457&out_id=0&campaign_type=hq&aid=3330&cid=14052&uniq=&mid=3100960221393809609&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.0029726563208569423&cpm=0&verify_hash=48e2c2c3278cd703643645a36949c454&is_native=1&real_bid=0.001242&original_bid_usd=0.001242&original_bid=0.001242&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.159%20Safari%2F537.36&ip_mismatch=2001:df1:800:a00a:12::7&geo=SG&carrier=-&label_ids=4,90,5,98&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1701342298&image_url=&site=native-push-adult&price=0.001242&hostname=auc-inpage-hz-4-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Asia/Singapore&topics=&historical_keywords=&pop_cpc=0.0000012420000000000001&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.05&cpa=1692c4dd-15cc-4c3e-8a9d-75bd8f2eb5d2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://v.javhdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 11:04:59 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H/1.1	200 OK	100x100_fKiRnQFwwHg3f1E0qQ7D.jpeg static.ezmob.com/n254/ad/ Frame EC9F Redirect Chain https://xml.ezmob.com/thumbnail?i=r7RAqjrkT3Y_0&p=1701255898.483748&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.05&cpa=42ec7ceb-6621-49d3-99d2... https://static.ezmob.com/n254/ad/100x100_fKiRnQFwwHg3f1E0qQ7D.jpeg	2 KB 3 KB	298ms 5ms	Image image/jpeg	2403:e800:e80b::2a63:8cd9
General Check archive.org Show headers Download Go to Show image Full URL https://static.ezmob.com/n254/ad/100x100_fKiRnQFwwHg3f1E0qQ7D.jpeg Protocol HTTP/1.1 Server 2403:e800:e80b::2a63:8cd9 -, , ASN (), Reverse DNS Software nginx / Resource Hash 0b0093643ececef2181b042a49d67b7f43e01a53b90c7391353126cf94b1285c Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 11:05:00 GMT Last-Modified Sat, 02 Sep 2023 11:33:15 GMT Server nginx ETag "64f31d7b-8b8" CDN-Origin-Protocol HTTP Content-Type image/jpeg Cache-Control max-age=21025 Connection keep-alive Accept-Ranges bytes X-Forward-Proto http Content-Length 2232 Expires Wed, 29 Nov 2023 16:55:25 GMT Redirect headers Location https://static.ezmob.com/n254/ad/100x100_fKiRnQFwwHg3f1E0qQ7D.jpeg Date Wed, 29 Nov 2023 11:04:59 GMT Cache-Control no-store Server nginx Connection keep-alive Content-Length 0
GET H2	200	1x1.png Show response cdn.1vag.com/ Frame 66EA Redirect Chain https://rtbrenab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MCwic3BhY2VpZCI6MCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiY... https://rtbrenab.com/banner/in/show/?mid=863922529318360468&pid=0&site=22913&sc=SG&usage_type=DCH&subid=45363168&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&re... https://btds.zog.link/in/912/?sid=22913&source=45363168&idzone=0&w=1&h=1&mo=&ve=&site_id=22913&utm1=&utm2=&utm3=&utm4=&ad_tags=SDDE-462%2CUncensored%2CLeak%2CJav%2CHD%2CSDDE-462%2CUncensored%2CLeak... https://cdn.1vag.com/1x1.png	68 B 334 B	21ms 2ms	Document image/png	45.133.44.25
General Check archive.org Show headers Download Go to Full URL https://cdn.1vag.com/1x1.png Requested by Host: js.cabnnr.com URL: https://js.cabnnr.com/banner-admanager/build.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 -, , ASN (), Reverse DNS Software nginx/1.20.1 / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Referer https://v.javhdo.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=3600 content-length 68 content-type image/png date Wed, 29 Nov 2023 11:05:01 GMT etag "5e970c67-44" expires Wed, 29 Nov 2023 12:05:01 GMT last-modified Wed, 15 Apr 2020 13:30:15 GMT server nginx/1.20.1 x-proxy-cache HIT x-request-id d7313fa85b60a650a7546da72c025bdb Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 11:05:01 GMT location https://cdn.1vag.com/1x1.png pragma no-cache server nginx/1.20.1 vary *