jav.direct Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jav.direct/censored/sdnm-268/
Submission: On October 27 via manual (October 27th 2022, 3:53:07 am UTC) from JP — Scanned from NL

Summary HTTP 228 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 228 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is jav.direct.
TLS certificate: Issued by E1 on September 4th 2022. Valid for: 3 months.

This is the only time jav.direct was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
41	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	153.121.1.2 153.121.1.2	9370 (SAKURA-B ...) (SAKURA-B SAKURA Internet Inc.)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	133.242.19.204 133.242.19.204	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
3	42.124.124.32 42.124.124.32	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 12	2606:4700:311... 2606:4700:3110::6812:3b96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	175.41.244.45 175.41.244.45	16509 (AMAZON-02) (AMAZON-02)
1	59.106.233.149 59.106.233.149	9370 (SAKURA-B ...) (SAKURA-B SAKURA Internet Inc.)
8	2606:4700:311... 2606:4700:311f::6812:3f84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	2606:4700:311... 2606:4700:3110::6812:37dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
228	18

8 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

jav.direct	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 153.121.1.2 (Japan)

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)

img.ad-nex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 133.242.19.204 (Inzai, Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)

srv1.aaacompany.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 42.124.124.32 (Hamamatsu, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p032.net042124124.broadline.ne.jp

js.boost-next.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3110::6812:3b96 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.xlrdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creative.xlrdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.ktkjmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.41.244.45 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-244-45.ap-northeast-1.compute.amazonaws.com

ap.octopuspop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 59.106.233.149 (Japan)

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)

ad-nex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:311f::6812:3f84 (United States)

ASN13335 (CLOUDFLARENET, US)

img.strpst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2606:4700:3110::6812:37dc (United States)

ASN13335 (CLOUDFLARENET, US)

b-hls-04.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-19.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-24.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-08.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-12.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-11.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-20.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-07.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-06.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-17.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-23.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-hls-01.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	gstatic.com fonts.gstatic.com	604 KB
61	doppiocdn.com b-hls-04.doppiocdn.com — Cisco Umbrella Rank: 49309 b-hls-19.doppiocdn.com — Cisco Umbrella Rank: 42536 b-hls-24.doppiocdn.com — Cisco Umbrella Rank: 48931 b-hls-08.doppiocdn.com — Cisco Umbrella Rank: 39453 b-hls-12.doppiocdn.com — Cisco Umbrella Rank: 50186 b-hls-11.doppiocdn.com — Cisco Umbrella Rank: 47826 b-hls-20.doppiocdn.com — Cisco Umbrella Rank: 44991 b-hls-07.doppiocdn.com — Cisco Umbrella Rank: 40093 b-hls-06.doppiocdn.com — Cisco Umbrella Rank: 50444 b-hls-17.doppiocdn.com — Cisco Umbrella Rank: 37132 b-hls-23.doppiocdn.com — Cisco Umbrella Rank: 46481 b-hls-01.doppiocdn.com — Cisco Umbrella Rank: 76789	11 MB
41	wp.com i0.wp.com — Cisco Umbrella Rank: 2976	2 MB
11	xlrdr.com 1 redirects go.xlrdr.com — Cisco Umbrella Rank: 71647 creative.xlrdr.com — Cisco Umbrella Rank: 117690	141 KB
8	strpst.com img.strpst.com — Cisco Umbrella Rank: 11966	325 KB
8	jav.direct jav.direct	60 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	20 KB
3	boost-next.co.jp js.boost-next.co.jp — Cisco Umbrella Rank: 446471
3	ad-nex.com img.ad-nex.com — Cisco Umbrella Rank: 825972 ad-nex.com — Cisco Umbrella Rank: 707074	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	192 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	89 KB
2	aaacompany.net srv1.aaacompany.net	3 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44	90 KB
1	ktkjmp.com video.ktkjmp.com — Cisco Umbrella Rank: 17708	686 B
1	octopuspop.com ap.octopuspop.com — Cisco Umbrella Rank: 328311	1 KB
228	15

	Domain	Requested by
71	fonts.gstatic.com	fonts.googleapis.com
41	i0.wp.com	jav.direct
12	b-hls-06.doppiocdn.com	creative.xlrdr.com
9	b-hls-04.doppiocdn.com	creative.xlrdr.com
8	b-hls-24.doppiocdn.com	creative.xlrdr.com
8	img.strpst.com	jav.direct
8	jav.direct	jav.direct ajax.googleapis.com
7	b-hls-20.doppiocdn.com	creative.xlrdr.com
7	b-hls-19.doppiocdn.com	creative.xlrdr.com
7	creative.xlrdr.com	jav.direct creative.xlrdr.com
6	b-hls-23.doppiocdn.com	creative.xlrdr.com
6	b-hls-12.doppiocdn.com	creative.xlrdr.com
4	go.xlrdr.com	1 redirects creative.xlrdr.com
3	js.boost-next.co.jp	jav.direct
3	www.googletagmanager.com	jav.direct www.googletagmanager.com
2	b-hls-08.doppiocdn.com	creative.xlrdr.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	jav.direct cdnjs.cloudflare.com
2	srv1.aaacompany.net	jav.direct srv1.aaacompany.net
2	img.ad-nex.com	jav.direct ajax.googleapis.com
1	b-hls-01.doppiocdn.com	creative.xlrdr.com
1	b-hls-17.doppiocdn.com	creative.xlrdr.com
1	b-hls-07.doppiocdn.com	creative.xlrdr.com
1	b-hls-11.doppiocdn.com	creative.xlrdr.com
1	video.ktkjmp.com	creative.xlrdr.com
1	ad-nex.com	img.ad-nex.com
1	ap.octopuspop.com	srv1.aaacompany.net
1	fonts.googleapis.com	jav.direct
1	ajax.googleapis.com	jav.direct
228	30

This site contains links to these domains. Also see Links.

Domain
theporndude.com
ad-nex.com
go.xlrdr.com

Subject Issuer	Validity	Valid
*.jav.direct E1	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
img.ad-nex.com GlobalSign GCC R3 DV TLS CA 2020	`2022-04-27` - `2023-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.aaacompany.net R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.boost-next.co.jp GlobalSign GCC R3 DV TLS CA 2020	`2022-03-15` - `2023-04-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
xlrdr.com Cloudflare Inc ECC CA-3	`2022-01-03` - `2023-01-02`	a year	crt.sh
*.octopuspop.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
ad-nex.com GlobalSign GCC R3 DV TLS CA 2020	`2021-11-12` - `2022-12-14`	a year	crt.sh
video.ktkjmp.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
img.strpst.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://jav.direct/censored/sdnm-268/
Frame ID: B42AD93F0518C010FC47FF26BA536176
Requests: 140 HTTP requests in this frame

Frame: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
Frame ID: D9701973B5E62B129441DE775456A09B
Requests: 88 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SDNM-268 「お金よりも大切な何かを見つけに来ました…」冨田朝香 38歳第2章「10代の頃のようにトキメキました」’カメラ貸し’年下クンとGo To1日プライベートデート | モザあり | JAV.direct

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

228
Requests

96 %
HTTPS

65 %
IPv6

15
Domains

30
Subdomains

18
IPs

3
Countries

14564 kB
Transfer

16130 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://theporndude.com/ja
Title: PORNE DUDE

Search URL Search Domain Scan URL

URL: https://ad-nex.com/link.php?i=agugdycr4472&type=imp&coid=cg0qioxud1gl
Title: 【還暦】無料で熟女をセフレにして中出ししまくる方法がヤバいｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://go.xlrdr.com/?userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
Title: More

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://go.xlrdr.com/i?tag=girls%2Fchinese&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&showButton=0&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=0&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131&landing=WidgetV4Universal&autoplay=all&autoplayForce=1&campaignId=widget&thumbsMargin=10, HTTP 302
https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131

228 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
jav.direct/censored/sdnm-268/ 47 KB
12 KB 521ms
399ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770ab21c0e2f58a59dca5f46574cb146c5c7a5799ca938210b2720cf3eb9fd64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76087b635a27b748-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 03:52:58 GMT
link: <https://jav.direct/wp-json/>; rel="https://api.w.org/" <https://jav.direct/wp-json/wp/v2/posts/229226>; rel="alternate"; type="application/json" <https://jav.direct/?p=229226>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NgHPmfQL7JoTirKla9moyWwSInusZoAGgkSLllvRWPGAwvpJ5z3plGNFMcFUBeTewIcx4KibBnpVIl%2B4LhdMHOdCqCh1u6tRpkV%2FCyiSQFQpey8GbZdfzwsIw%2FvgMBF%2FRRjyXwTCPn%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 style.css
jav.direct/wp-content/themes/direct/ 16 KB
3 KB 37ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jav.direct/wp-content/themes/direct/style.css
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc47e4837502bb444112c33d79e211887ffa6de5dd733bfdc7807ab2b4a6069d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/censored/sdnm-268/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 08:26:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4869
etag: W/"40f9-6305e0ae-a6e0dda;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vf91Cdo802G1B9PhM7IXAqi35RTZWXIHlhTV0E3V5fIluq38CPRzU4IdeXE2ONznFqG2X4FjlULpppKpIHCnYcsNJJ85Kx4wwQK4rHdRT7pupwQmgjMqbL4mt%2FY2kA65R9sehbksT0LO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 76087b65fcd0b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Sep 2022 04:57:26 GMT

GET
H2 200 pagenavi-css.css
jav.direct/wp-content/plugins/wp-pagenavi/ 374 B
537 B 38ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jav.direct/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/censored/sdnm-268/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 May 2021 05:19:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3087
etag: W/"176-60ac88e9-a6c11fa;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QOm5Rxl0gTyt5rX5lbIdZwYEqPxCajhK%2FjD3HmFl0sGiFRatQdNliijUZu8C1TFZdxXkPRHdXk%2Bp5RK%2FwqqifyuAoHGHlhs%2BHE%2FZp8Ws1vIVGLoOOiEI7wKZtP4wCGtniQefj94i5lE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 76087b65fcd2b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Sep 2022 04:57:26 GMT

GET
H2 200 jquery.min.js Show response
jav.direct/wp-includes/js/jquery/ 87 KB
32 KB 395ms
391ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jav.direct/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/censored/sdnm-268/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 21 Jul 2021 05:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15db1-60f7ae70-a7204df;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPlYZqI1pHcq7NItmcJ82E2R3%2BOLC77PL%2FurPIXdLzJtrK8wndSISk3QFoMOcl7rAfsPcz8VQOIKTAwZQtjHDRPZVSnr7Zb%2BKE%2BauNJkjI1yuT7G3OulZCUd62fTFrJpPITLKQOPldhq"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 76087b65fcd4b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 13 Oct 2022 00:26:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
jav.direct/wp-includes/js/jquery/ 11 KB
5 KB 36ms
33ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jav.direct/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/censored/sdnm-268/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Dec 2020 02:20:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3087
etag: W/"2bd8-5fd18602-a7204d7;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzbchTYRCaLUaIRVpjxUxJLDWZqF8haCvmYkw5ySZrODgWU5zEk9AABkuRir0l5c%2FHpd9qzbPmIQ7LZylvl2j5kbAKHcHX%2BRfJXrpOnh3%2FGxjzVAOmiZuyYr6NUAqcXTYKIQm%2FHSlR5B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 76087b65fcd5b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Sep 2022 04:57:27 GMT

GET
H2 200 favorites.min.js Show response
jav.direct/wp-content/plugins/favorites/assets/js/ 19 KB
5 KB 32ms
30ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jav.direct/wp-content/plugins/favorites/assets/js/favorites.min.js?ver=2.3.2
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668e6f8a29d0bad03dd193213d3db5f7ac2c7a3abf4b4157d0ff03472c8c8083

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/censored/sdnm-268/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 May 2020 02:04:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3087
etag: W/"4d97-5eba043a-a6e00cf;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04Z%2BBAYuZzN8JGvfG%2BMXstwan8fDXUQZDUfEaHiMY%2FPiQZSFa4u3AyvCZl3hA9XDHmFFBi7vX3F2o1WhqmLmQDEaz2czPqDbCcGR3J7Hz9GvxizqOlT%2Brb0DRnIS4E%2BOaBQcmUUbpdYL"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 76087b65fcd6b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Sep 2022 04:57:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 150ms
70ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135987574-1

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3682d9f2d9e3b4583809cfce123786769e51a8a63241e2bcb7a1169c93b17598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43614
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 03:52:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 217ms
138ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-132Q2ED2FJ

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19625f048f503b823aa45eb397fcf70c51a8256ea72f16f26c305e01eedd4054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Oct 2022 03:52:59 GMT

GET
H2 200 262080_SDNM-268.webp
i0.wp.com/pic.7mmtv.sx/censored/b_webp/ 87 KB
87 KB 102ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.sx/censored/b_webp/262080_SDNM-268.webp

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e93ae477d1ed27b1448b28d4507f2bb32b1c13f1b09c22cdb4e3fd16fe039e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
x-content-type-options: nosniff
x-optim-disabled: true
content-length: 88816
x-nc: HIT ams 1
last-modified: Wed, 26 Oct 2022 11:40:06 GMT
server: nginx
etag: "da58b29501243202"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.sx/censored/b_webp/262080_SDNM-268.webp>; rel="canonical"
expires: Fri, 25 Oct 2024 23:40:06 GMT

GET
H2 200 ugmnbjn20oar.js Show response
img.ad-nex.com/file/universal_tag/mgeoamsepejb/ 2 KB
2 KB 2526ms
265ms Script
application/javascript 153.121.1.2
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ad-nex.com/file/universal_tag/mgeoamsepejb/ugmnbjn20oar.js
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 153.121.1.2 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 3503276e2f10b564ef3fa2b56e092e3b951c51544c385a57f88fe9624d3ad055

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:01 GMT
via: http/1.1 sv23-tky01-jp (ApacheTrafficServer-second [uIcRs f p eN:t cCNp s ]), http/1.1 sv16-tky01-jp (ApacheTrafficServer-first [uScSsNfUpSeN:t cCSpSs ])
last-modified: Mon, 15 Feb 2021 07:23:07 GMT
server: nginx
age: 0
etag: "602a215b-786"
x-cache: HIT
content-type: application/javascript
cache-control: s-maxage=300
accept-ranges: bytes
x-webaccel-origin-status: 304
content-length: 1926

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 186ms
59ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:07:06 GMT

GET
H2 200 load.js Show response
srv1.aaacompany.net/om/pr/a/ 15 KB
3 KB 1496ms
279ms Script
text/html 133.242.19.204
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://srv1.aaacompany.net/om/pr/a/load.js?spot_id=63813
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 133.242.19.204 Inzai, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: f5ce06360d06c5b7284499fe556a3151ddaa6036ec82ad58c2882e65be6d301a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:00 GMT
content-encoding: br
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 403 a100004317.js
js.boost-next.co.jp/t/004/317/ 0
0 943ms
278ms Script
application/javascript 42.124.124.32
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.boost-next.co.jp/t/004/317/a100004317.js
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.124.124.32 Hamamatsu, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p032.net042124124.broadline.ne.jp
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H2 403 a100004181.js
js.boost-next.co.jp/t/004/181/ 0
0 943ms
278ms Script
application/javascript 42.124.124.32
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.boost-next.co.jp/t/004/181/a100004181.js
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.124.124.32 Hamamatsu, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p032.net042124124.broadline.ne.jp
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H2 403 a100002669.js
js.boost-next.co.jp/t/002/669/ 0
0 944ms
279ms Script
application/javascript 42.124.124.32
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.boost-next.co.jp/t/002/669/a100002669.js
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.124.124.32 Hamamatsu, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p032.net042124124.broadline.ne.jp
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 headroom.min.js Show response
jav.direct/wp-content/themes/direct/js/ 5 KB
2 KB 36ms
35ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jav.direct/wp-content/themes/direct/js/headroom.min.js
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9142d64a8885e954464bb36b402f61a97947132da732e3161b275487ae93e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/censored/sdnm-268/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2020 05:21:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5644
etag: W/"14ef-5ea125e1-a6e0f19;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUUdDfwrgd9kb%2B3jQ%2BeJkUCjA1HotM289p54HaydgNgHijzm9ZBPShJWu65DIvjyhaIxDrbwVYkhJCIBYyYwvYIXmY0ja%2FV9eFhA7Z9AI5GnF7Jdn2XxkGyZ6weu%2Bu6ZHKwMhj%2Fjql%2By"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 76087b68a855b813-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Sep 2022 17:35:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 216 KB
60 KB 218ms
88ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Requested by

Host: jav.direct
URL: https://jav.direct/wp-content/themes/direct/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23a782edfbd111ba08a4836e27b9eae430d184280f229407a1de7ea3e6c0f1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 03:52:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 03:52:58 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 89ms
31ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: jav.direct
URL: https://jav.direct/wp-content/themes/direct/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1841600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10472
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76087b669a1bb981-AMS
expires: Tue, 17 Oct 2023 03:52:58 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 193ms
70ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:06:12 GMT
x-content-type-options: nosniff
age: 197207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 21:06:12 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 65ms
31ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 647511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80252
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
vary: Accept-Encoding
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76087b68ee7cb95a-AMS
expires: Tue, 17 Oct 2023 03:52:59 GMT

GET
H2 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.119.woff2
fonts.gstatic.com/s/mplus1p/v27/ 13 KB
14 KB 177ms
58ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e1fddde9901c3161358d62d3cb389668cc6d3ae1e05d191d640c8254b11c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:12:27 GMT
x-content-type-options: nosniff
age: 182432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13440
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:12:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 181ms
58ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135987574-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3061
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 27 Oct 2022 05:01:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 190ms
74ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-132Q2ED2FJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135987574-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0652636ea247db7c206c8f345bff980a1c90142e27cb8a255023316d6f190171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:52:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Oct 2022 03:52:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 79ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-132Q2ED2FJ&gtm=2oeaq0&_p=216718186&cid=233145546.1666842779&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666842779&sct=1&seg=0&dl=https%3A%2F%2Fjav.direct%2Fcensored%2Fsdnm-268%2F&dt=SDNM-268%20%E3%80%8C%E3%81%8A%E9%87%91%E3%82%88%E3%82%8A%E3%82%82%E5%A4%A7%E5%88%87%E3%81%AA%E4%BD%95%E3%81%8B%E3%82%92%E8%A6%8B%E3%81%A4%E3%81%91%E3%81%AB%E6%9D%A5%E3%81%BE%E3%81%97%E3%81%9F%E2%80%A6%E3%80%8D%E5%86%A8%E7%94%B0%E6%9C%9D%E9%A6%99%2038%E6%AD%B3%20%E7%AC%AC2%E7%AB%A0%20%E3%80%8C10%E4%BB%A3%E3%81%AE%E9%A0%83%E3%81%AE%E3%82%88%E3%81%86%E3%81%AB%E3%83%88%E3%82%AD%E3%83%A1%E3%82%AD%E3%81%BE%E3%81%97%E3%81%9F%E3%80%8D%E2%80%99%E3%82%AB%E3%83%A1%E3%83%A9%E8%B2%B8%E3%81%97%E2%80%99%E5%B9%B4%E4%B8%8B%E3%82%AF%E3%83%B3%E3%81%A8Go%20To1%E6%97%A5%E3%83%97%E3%83%A9%E3%82%A4%E3%83%99%E3%83%BC%E3%83%88%E3%83%87%E3%83%BC%E3%83%88%20%7C%20%E3%83%A2%E3%82%B6%E3%81%82%E3%82%8A%20%7C%20JAV.direct&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-132Q2ED2FJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 03:52:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jav.direct
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 183ms
65ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=216718186&t=pageview&_s=1&dl=https%3A%2F%2Fjav.direct%2Fcensored%2Fsdnm-268%2F&ul=en-us&de=UTF-8&dt=SDNM-268%20%E3%80%8C%E3%81%8A%E9%87%91%E3%82%88%E3%82%8A%E3%82%82%E5%A4%A7%E5%88%87%E3%81%AA%E4%BD%95%E3%81%8B%E3%82%92%E8%A6%8B%E3%81%A4%E3%81%91%E3%81%AB%E6%9D%A5%E3%81%BE%E3%81%97%E3%81%9F%E2%80%A6%E3%80%8D%E5%86%A8%E7%94%B0%E6%9C%9D%E9%A6%99%2038%E6%AD%B3%20%E7%AC%AC2%E7%AB%A0%20%E3%80%8C10%E4%BB%A3%E3%81%AE%E9%A0%83%E3%81%AE%E3%82%88%E3%81%86%E3%81%AB%E3%83%88%E3%82%AD%E3%83%A1%E3%82%AD%E3%81%BE%E3%81%97%E3%81%9F%E3%80%8D%E2%80%99%E3%82%AB%E3%83%A1%E3%83%A9%E8%B2%B8%E3%81%97%E2%80%99%E5%B9%B4%E4%B8%8B%E3%82%AF%E3%83%B3%E3%81%A8Go%20To1%E6%97%A5%E3%83%97%E3%83%A9%E3%82%A4%E3%83%99%E3%83%BC%E3%83%88%E3%83%87%E3%83%BC%E3%83%88%20%7C%20%E3%83%A2%E3%82%B6%E3%81%82%E3%82%8A%20%7C%20JAV.direct&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1253630054&gjid=285994589&cid=233145546.1666842779&tid=UA-135987574-1&_gid=2001876216.1666842779&_r=1&gtm=2ouaq0&z=1405115856

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jav.direct/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 03:52:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jav.direct
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sc_ugmnbk8u2kz6.js Show response
img.ad-nex.com/file/universal_tag/mgeoamsepejb/ugmnbjn20oar/ 282 B
615 B 267ms
267ms Script
application/javascript 153.121.1.2
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ad-nex.com/file/universal_tag/mgeoamsepejb/ugmnbjn20oar/sc_ugmnbk8u2kz6.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 153.121.1.2 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: a3aa9ade9f6c90e84da77a52f1999c63093c968341bbb4065046a25d68aa1dbc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:01 GMT
via: http/1.1 sv13-tky01-jp (ApacheTrafficServer-second [uIcHs f p eN:t cCNp s ]), http/1.1 sv16-tky01-jp (ApacheTrafficServer-first [uScSsNfUpSeN:t cCSpSs ])
last-modified: Mon, 15 Feb 2021 07:23:07 GMT
server: nginx
age: 0
etag: "602a215b-11a"
x-cache: HIT
content-type: application/javascript
cache-control: s-maxage=300
accept-ranges: bytes
x-webaccel-origin-status: 304
content-length: 282

GET
H2

200

/ Show response
creative.xlrdr.com/widgets/v4/Universal/ Frame D970
Redirect Chain

https://go.xlrdr.com/i?tag=girls%2Fchinese&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&showButton=0&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thu...
https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hi...

852 B
576 B

47ms
34ms

Document
text/html

2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000fe7f9fbba7908363a55d0fa802c5ca734e8a99c2e157ae941b5a4ca894202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://jav.direct/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=10
cf-cache-status: HIT
cf-ray: 76087b7918d1b7a9-AMS
content-encoding: br
content-type: text/html
date: Thu, 27 Oct 2022 03:53:01 GMT
expires: Thu, 27 Oct 2022 03:53:10 GMT
last-modified: Tue, 25 Oct 2022 07:07:11 GMT
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76087b78c883b7a9-AMS
content-length: 0
date: Thu, 27 Oct 2022 03:53:01 GMT
location: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
server: cloudflare

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.117.woff2
fonts.gstatic.com/s/mplus1p/v27/ 6 KB
6 KB 177ms
59ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e72eb94b982d12ec117a7eda90e5a39dbcbc84cebe1a415b2594a3b14046e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:19:28 GMT
x-content-type-options: nosniff
age: 182013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5832
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:19:28 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.119.woff2
fonts.gstatic.com/s/mplus1p/v27/ 13 KB
13 KB 191ms
73ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e7c850b2851d0974ed88b964e58e88b40ff175114eb0f3c96768b059c76ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:18:32 GMT
x-content-type-options: nosniff
age: 182069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13360
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:18:32 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.118.woff2
fonts.gstatic.com/s/mplus1p/v27/ 10 KB
10 KB 233ms
111ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

520505304d2d20a9391a851ef394b7e86f570faddf9fad68cd893cb6e2791061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:19:57 GMT
x-content-type-options: nosniff
age: 181984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10588
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:19:57 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.118.woff2
fonts.gstatic.com/s/mplus1p/v27/ 10 KB
10 KB 414ms
294ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d0ba1430c3d3a2f15e40e096de1052d5e7eee18fd310938861876c72e60ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:18:28 GMT
x-content-type-options: nosniff
age: 182073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10440
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:18:28 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.116.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 292ms
175ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffa6a4486a3632fdbdb7450749f4f36b94186cafa30f65e2b0fc51ae310936a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:57:56 GMT
x-content-type-options: nosniff
age: 179705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7396
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:57:56 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.113.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 285ms
168ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6832fa4959b1e1745a11928701a5ec37da26a9422dcd0b6cc6eb7eeabf40e7e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:27:18 GMT
x-content-type-options: nosniff
age: 177943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7208
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:03:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:27:18 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.112.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 250ms
133ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d66d7ec0a4036600bc3cfdeaab759d14946f73852df6956090b16c81f8119a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:27:43 GMT
x-content-type-options: nosniff
age: 177918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7684
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:27:43 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.114.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 426ms
309ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4f0245287798fd0c2947832d2c17c6d88a8365d1e54e566ab5ef378e794733d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:46:39 GMT
x-content-type-options: nosniff
age: 180382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6860
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:46:39 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.109.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 426ms
310ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72aba7fa3171c7e9ab275bc4d9bc91ccb6610ca6f047c91fddb46e881a4dcd2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:07:47 GMT
x-content-type-options: nosniff
age: 175514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7516
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:06:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:07:47 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.108.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 419ms
302ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194fea35c30f85825e63125f3efe2865407e6bdbf578fe8a2067eb1ce20d0f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8716
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.97.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 416ms
300ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.97.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc07cfa21e2353a8b6a9ded6a59a01cfd511bfd887b62ea9a8268cb0d54fa1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:58:34 GMT
x-content-type-options: nosniff
age: 172467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8272
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:58:34 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.70.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 421ms
304ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.70.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd6204f07e4058d13b959283546d6823364d73292f10cf8aaf754f1f54c0fcf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 17:02:27 GMT
x-content-type-options: nosniff
age: 471034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9524
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:02:27 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.104.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 305ms
191ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c8294b268aec0a16dd2d640cddda3ab8ba3430e65da8c0d1954a579c32de5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8312
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.59.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 302ms
188ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.59.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f677aa49eae745d0772b605e6b0f34e19f8966cc3ce134b6b5cde810182c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
age: 162200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9148
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 06:49:41 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.115.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 286ms
172ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d5783126d77bab981a0af1d207bcfce2850d20497446b1ecbe5175969c9af75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7352
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.113.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 293ms
180ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6fe00413319dba11d3e86a10c0151dabe9929f439cbc0553f84fd320e5d124a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7100
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.116.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 412ms
300ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9644832cd82d985903188bb9f7a08dca84fcd94215e6f0ba29a24069aa379774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:37:00 GMT
x-content-type-options: nosniff
age: 180961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:37:00 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.107.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 294ms
183ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9654966572d429caad715a7836219837537345123faabd602f57dcedd293882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7944
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.114.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 399ms
290ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2216c68321722d48dfc3915b720dc9b90527665c7b23f3859e067d67692273cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6804
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.109.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 389ms
279ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b06832b3461d248ba6a201c3a3d7bfae8776092d20a1ee222a96fd8df8f02a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7464
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.108.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 388ms
279ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64b5e2c06548357a0019b2c42020a33fbc38df1b10afcdcd529b623437d8c7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8624
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.70.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 375ms
265ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.70.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1805b1f1af150245d22ad94aec96c8cc8ff81f617f22430dccae7dbf446b0894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9184
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.106.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 380ms
270ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb0266c64407e1e49fc1d01d2a2ed40af97717a057f74922d9a61cc822e3ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9024
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.117.woff2
fonts.gstatic.com/s/mplus1p/v27/ 6 KB
6 KB 365ms
254ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2b456dff807092e7ae796357182b18fabaf119f98e099a97684311b1fa04e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5660
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.112.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 351ms
240ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33695c3b048eb06bd12503d995f373babea01e39af4a1d8a45bd2ef77468e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.102.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 337ms
227ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.102.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6a4316911f672a7dccac438b462483dbdb15fc5c187cdbe4d5375394ad29442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:03:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.99.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 327ms
217ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.99.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e4f0ff83b407aad615289766b5a5d69a148880a8e9de35d5738af245521ac0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:46:12 GMT
x-content-type-options: nosniff
age: 176809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8852
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:46:12 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.94.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 345ms
236ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.94.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29e84bf41dd2bb54ba1e127cf41264aea771ab46ef0c48ae4c49931fc67a6dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8516
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.96.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 191ms
83ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.96.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f2f7b5c689edc0c26d5a42c515f232f7ddf5def1dd581c29f65d0fbe385858c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8116
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.92.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 400ms
293ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.92.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f8938f4760c857f51f5afd59fe8f42cd8b3f140bafd3bcfcb2a5a7dd541ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:46:12 GMT
x-content-type-options: nosniff
age: 176809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8444
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:09:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:46:12 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.105.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 404ms
296ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d8a416518f7d863010061933e8e7cbb2b4d323310f4cc5c4fb6817fee2b5c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8184
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.111.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 394ms
287ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53ca6a8fb2aa888c91fca05f40003a73e21ecf4200d90aefc62def53152895f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7980
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.97.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 393ms
289ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.97.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73942e99ba1619c78f0f5c8f330a1fae0a38914cd46e32cb0e6357adfa8e44ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8204
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.86.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 398ms
295ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.86.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62e9db01cebba872e7cc67b322df3519886bdae3c8edef9db21d3679b74e14a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:46:12 GMT
x-content-type-options: nosniff
age: 176809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7780
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:09:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:46:12 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.101.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 418ms
311ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.101.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002a4d23223a84c58b7aab29331abca923cefbc17a287b0ed7db0a42e3455e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:50:27 GMT
x-content-type-options: nosniff
age: 176554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7560
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:50:27 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.104.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 418ms
313ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62c580bbbf9ea923daa4d5dd2a272469173da1b35fbdff594fb76a2630c02a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8064
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.90.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 415ms
310ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.90.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

009fc1896060c835293e5d65d9d4470c8d70621a48b4697a03bf47c1927973f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:52:45 GMT
x-content-type-options: nosniff
age: 172816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8588
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:52:45 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.93.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 420ms
315ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.93.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071902c895e08874b55a92c171decb604992d0fe8a58095f3440a447e66d66c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8112
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.77.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 411ms
307ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.77.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ac3b1c457b6570ea82b348144cdc8f3f6a9d848f041c536795cf3e9e826dece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9060
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.103.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 226ms
123ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8175f0d67fffd9c42e7f46cd13f054bdee56c4d055cbc16c2f4f5eec08a309c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8164
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.88.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 264ms
162ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.88.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60292e7162b2a8fca35d9f1282f8204d5a5b0bf6344df2c9699d7def66f89146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8104
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.76.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 254ms
153ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.76.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c384f81ef95aeab96bc3cf7eea5a2c8c9c3971123250ef759003873f9113a376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:52:44 GMT
x-content-type-options: nosniff
age: 172817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8580
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:52:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.91.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 200ms
99ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.91.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0535542e64a92a1ffda5486c552ea11a1739044cf079f5904f389e691f75b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8456
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.110.woff2
fonts.gstatic.com/s/mplus1p/v27/ 7 KB
7 KB 192ms
91ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28b2683f6d8a1827d834a03be577a432e46a503475ca1e86f74b0a24c1e95d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7364
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.68.woff2
fonts.gstatic.com/s/mplus1p/v27/ 10 KB
10 KB 355ms
257ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.68.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6cda2a9ecbce025519397dcf09340097f89391b5166f004813bbb01bee17ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:52:45 GMT
x-content-type-options: nosniff
age: 172816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9916
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:06:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:52:45 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.98.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 364ms
267ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.98.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2b5fd38c34f7a2c1afd575f051f6b6d83dd8cc814a68ab4f793b1759f76c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8512
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.82.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 369ms
272ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.82.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43ad8ddaafb1eec43d6eb8c31ba4a615c6e6b50097f84af9f819d5a68d7deba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:52:44 GMT
x-content-type-options: nosniff
age: 172817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8732
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:52:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.100.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 363ms
266ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.100.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

932a590c370c7eb2f0eebb3f0a7b2533696c3b87972da7011897c332343afb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:26:44 GMT
x-content-type-options: nosniff
age: 181577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8920
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:06:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 01:26:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.80.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 395ms
299ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.80.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8faabf81d60b9c3c0e4523814becd24865f15e6e75669d4862b1c2865df7ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8616
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H2 200 258624_SDNM-263.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 48 KB
48 KB 97ms
94ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/258624_SDNM-263.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

eb4be7710947803be36393a742d29f56a4f8200477f761049ab91e205f95bf86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 3
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "dc9222c234c7f040"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/258624_SDNM-263.jpg>; rel="canonical"
content-length: 49246
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 264226_SDNM-272.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 60 KB
60 KB 91ms
89ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/264226_SDNM-272.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e00c81783a88368c42ef9d6237840a781caa7c8513266341b87f238aa5a3848c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 3
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "158810d9fb0758b6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/264226_SDNM-272.jpg>; rel="canonical"
content-length: 61574
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 268054_SDNM-282.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 59 KB
59 KB 96ms
94ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/268054_SDNM-282.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d4419dba414e1bc85cc4db4b750546af18ae048fdbb1ba627edeb6d4355d3af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "8bff69880ed9d807"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/268054_SDNM-282.jpg>; rel="canonical"
content-length: 60696
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 269947_SDNM-289.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 53 KB
53 KB 26ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/269947_SDNM-289.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

16b80d4db67b106ccbdf440deeb10fea86e205f4832eb1ecaad27cf720a3c751

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 11:42:16 GMT
server: nginx
etag: "a444454e79735bde"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/269947_SDNM-289.jpg>; rel="canonical"
content-length: 54156
expires: Fri, 25 Oct 2024 23:42:16 GMT

GET
H2 200 265711_SDNM-273.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 61 KB
61 KB 91ms
89ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/265711_SDNM-273.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1fd24411bb5510d7d77b3213f237362c2405377f51c4ba3e3f4be47423ff6207

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 2
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "468a192ef8066891"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/265711_SDNM-273.jpg>; rel="canonical"
content-length: 62400
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 189656_SDNM-153.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 54 KB
54 KB 89ms
87ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/189656_SDNM-153.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

435e2fdb276488605f14195823d3c4d4c87da051cb5f2882c9fca491dc572ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 8
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "c43dad628e494aec"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/189656_SDNM-153.jpg>; rel="canonical"
content-length: 55528
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 290497_SDNM-317.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 44 KB
44 KB 26ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/290497_SDNM-317.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c7d91ac40ac3878ada6d2032c56700965c6fffa6d17b8b4e5781793c52e597d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 11:42:16 GMT
server: nginx
etag: "071a7c328e4fcb30"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/290497_SDNM-317.jpg>; rel="canonical"
content-length: 45144
expires: Fri, 25 Oct 2024 23:42:16 GMT

GET
H2 200 192852_SDNM-157.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 61 KB
62 KB 89ms
88ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/192852_SDNM-157.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2252e14f1c4b539590dbe4e767fad5ae3035cae9e6a0ebe49691e977b1c883f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "00bc5f9860cd4aaf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/192852_SDNM-157.jpg>; rel="canonical"
content-length: 62782
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 275104_SDNM-297.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 61 KB
61 KB 96ms
94ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/275104_SDNM-297.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

75c7598d378779775958a7118cad9b0d2385424aefc98760068761c9892a909a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 3
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "0ce7c71f708e5866"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/275104_SDNM-297.jpg>; rel="canonical"
content-length: 62258
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 283865_SDNM-317.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 57 KB
57 KB 47ms
46ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/283865_SDNM-317.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ac3922bc0a779a6a5cb7ee8396be4ace9fb792afd9e861934a0debe88995bc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 11:42:24 GMT
server: nginx
etag: "bc101cdd33aac707"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/283865_SDNM-317.jpg>; rel="canonical"
content-length: 58034
expires: Fri, 25 Oct 2024 23:42:24 GMT

GET
H2 200 210942_SDNM-199.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 62 KB
62 KB 110ms
109ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/210942_SDNM-199.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1ee71becf48accfc1cc6c57a9d577747e1cf06951ab2c6c77b1ea56236e5d312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 5
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "5aae0b28cc878557"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/210942_SDNM-199.jpg>; rel="canonical"
content-length: 63632
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.72.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 388ms
298ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b92579e44937686ef0dfce34f42cd9074b6830aa8535ea12826c072a68206812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:52:44 GMT
x-content-type-options: nosniff
age: 172817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9580
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:06:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:52:44 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.78.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 392ms
305ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.78.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d5603ae7114d49f67464441c0f57b3e660cf750b43174ca4ad44466e409d82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9356
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.81.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 339ms
254ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.81.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66c2936d41727fc72548ff21dbc45783904e6e0bf7b25e569b6eeef90f94d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8540
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:03:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.83.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
9 KB 333ms
249ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.83.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5404ebdaf6e380b089278bbd30a58a7ac2be5b5d678f350e45266de3a28fa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8668
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:03:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.79.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 345ms
262ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.79.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4618235b4ad3f3b65ec47ab5264afe3c7b7499e3111d61ffa9fba986ff31f604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9184
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.87.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 334ms
251ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.87.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9f44cf9c77003453db338c1f0d419f282a69fda01b2c30759e458047ac0d7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:46:12 GMT
x-content-type-options: nosniff
age: 176809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8996
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:46:12 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.40.woff2
fonts.gstatic.com/s/mplus1p/v27/ 10 KB
10 KB 340ms
258ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.40.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3aee03b2c2136357d1bb99f167403ab5040f30bcda170fdb09c9f7159d4fdde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 12:50:55 GMT
x-content-type-options: nosniff
age: 140526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10456
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 12:50:55 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.48.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 320ms
239ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.48.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9c6ae56f8ee73ce2607968dc211a8d899e9f6ad0bad00cba7a8ba9b0f1626d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:51:59 GMT
x-content-type-options: nosniff
age: 147662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9396
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:51:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.85.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 326ms
245ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.85.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41705acc9cf3971b43326111bc8f30710fd0107dbfc83ae5d3634ee31360fb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8380
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.75.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 326ms
246ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.75.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7568f342e911567ca1f444d607e2d637516bed16ff41fcd0e2da1e59bd168d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8732
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.66.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 309ms
230ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.66.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e62370c1e9d5a3b580b550019afa6b2408fd6a1349c00c51522adb74843ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:33:23 GMT
x-content-type-options: nosniff
age: 170378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8604
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:06:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 04:33:23 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.84.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 310ms
233ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.84.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d298b9954f7a2546984fc2ea1128a6be842a26479cdc24bdd55c3833a01b64ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.63.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 276ms
200ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.63.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61693998b38b3395108b8167891a4927d2fc674d7b20d5d78e6b0526505af00c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:52:45 GMT
x-content-type-options: nosniff
age: 172816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8588
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:52:45 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.73.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 269ms
197ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.73.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8922dad33ecf57d632e8ad7710f632cd1c07dbc149e2fc4a3d3af2d7eaaf509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:46:12 GMT
x-content-type-options: nosniff
age: 176809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9332
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:09:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:46:12 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.89.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 262ms
193ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.89.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3359b6fdf8f25f04b8087416b6b6d06b16d4e68fbca625b48e43c4d664f37099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:09:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.95.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 279ms
211ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.95.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ab70839c9873cad09e01e31acdf6a4975d7de69f1e616ca7459ae9ad42efaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:45:59 GMT
x-content-type-options: nosniff
age: 176822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8020
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:45:59 GMT

GET
H3 200 e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.74.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
8 KB 213ms
146ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tjeuShHdiFyPFzBRro_VYUcXm4y4YtjOJGYMp5iAw4B3f5iUc.74.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d7d1d029d6499c5e6947ac63e6def878425be23a7ae62d9a810abbced4967ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:48 GMT
x-content-type-options: nosniff
age: 175933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8516
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:00:48 GMT

GET
H2 200 278343_SDNM-305.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 57 KB
57 KB 90ms
84ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/278343_SDNM-305.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3beb45c5201b952fe178ffd2b7be10090110fc267beebc0c2443f7d9f06e949d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 5
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "2167b2ab55f6f154"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/278343_SDNM-305.jpg>; rel="canonical"
content-length: 57950
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 244092_SDNM-244.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 48 KB
48 KB 79ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/244092_SDNM-244.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

fca9c225d542a2ce51be9cb38f58585d80c3ee084e1053e8af4b98326e3e6b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "6f28645e98ce52c0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/244092_SDNM-244.jpg>; rel="canonical"
content-length: 48866
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 151980_SDNM-098.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 66 KB
66 KB 80ms
73ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/151980_SDNM-098.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

da2f043e42b736f89525276429e49fba445b1aaf7d5e521aa1dfeccabe2fe2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 5
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "e9d795b3466fcc78"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/151980_SDNM-098.jpg>; rel="canonical"
content-length: 67772
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 292639_SDNM-327.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 51 KB
51 KB 103ms
96ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/292639_SDNM-327.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4b04ec209c248d5c8b8c05d0544f2d4d33f6d53a24e88f0645e0ce34826b58bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 8
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "5c828ccc27d69094"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/292639_SDNM-327.jpg>; rel="canonical"
content-length: 52308
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 309959_SDNM-360.jpg
i0.wp.com/pic.7mmtv.sx/censored/b/ 59 KB
59 KB 31ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.sx/censored/b/309959_SDNM-360.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3e73e82953511c91a832851d5de4836c2cfbcc0e6632fee7589c8466733f624b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Oct 2022 23:01:51 GMT
server: nginx
etag: "736e9a5031fa9afb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.sx/censored/b/309959_SDNM-360.jpg>; rel="canonical"
content-length: 60266
expires: Fri, 04 Oct 2024 11:01:51 GMT

GET
H2 400 287301_SDNM-327.jpg
i0.wp.com/99avcdn.xyz/censored/b/ 87 B
87 B 380ms
374ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/99avcdn.xyz/censored/b/287301_SDNM-327.jpg?w=640
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i0.wp.com
Software: nginx /
Resource Hash: 3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 216215_SDNM-208.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 55 KB
55 KB 79ms
73ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/216215_SDNM-208.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

03fe8aeff2a69dc110ff4d267829c4789b2825568491218d690284ecf4c73310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "dc7140f5556ec3b9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/216215_SDNM-208.jpg>; rel="canonical"
content-length: 56226
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 220709_SDNM-214.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 57 KB
57 KB 43ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/220709_SDNM-214.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

19b914e165b922b7c082fe2279e139f424f8d186f5e01eecd7f675ea78370f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 03:51:30 GMT
server: nginx
etag: "158f0b90afae7c7a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/220709_SDNM-214.jpg>; rel="canonical"
content-length: 58558
expires: Wed, 23 Oct 2024 15:51:30 GMT

GET
H2 200 227275_SDNM-222.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 51 KB
51 KB 102ms
96ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/227275_SDNM-222.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

00bf3f4d6a434654f5643369286014f83d862f480b75a35b4901e1bc981816f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 2
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "71302745ea304d51"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/227275_SDNM-222.jpg>; rel="canonical"
content-length: 52034
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 230295_SDNM-228.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 52 KB
52 KB 84ms
79ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/230295_SDNM-228.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9392044dd1de61a4de2b91fcdee2253700374b0f0f8012e1635e593a36bf760f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 1
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "6a21ae6dad96b14f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/230295_SDNM-228.jpg>; rel="canonical"
content-length: 52784
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 231449_SDNM-230.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 46 KB
47 KB 43ms
38ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/231449_SDNM-230.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

cf9ae6be7f87dcf54d29e17fba565e46034ff417cebc77eb3e0045534d557c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 12:21:02 GMT
server: nginx
etag: "3a92e0a4da7e394f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/231449_SDNM-230.jpg>; rel="canonical"
content-length: 47594
expires: Sat, 26 Oct 2024 00:21:02 GMT

GET
H2 200 234806_SDNM-234.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 51 KB
51 KB 87ms
82ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/234806_SDNM-234.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e31854139b7c0712ee61758157a864ca588c7ff5d24afcf75b0275583dd3f333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "c977a3bac552c205"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/234806_SDNM-234.jpg>; rel="canonical"
content-length: 52190
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 248583_SDNM-248.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 54 KB
54 KB 38ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/248583_SDNM-248.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1d8a42464121fe72fa22207e7cec3c34320a96b2767f9e8766b785320f95c044

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 12:21:31 GMT
server: nginx
etag: "13b163211c0dd6f6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/248583_SDNM-248.jpg>; rel="canonical"
content-length: 55224
expires: Sat, 26 Oct 2024 00:21:31 GMT

GET
H2 200 254615_SDNM-251.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 55 KB
55 KB 41ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/254615_SDNM-251.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d7fc083dede8129b75216c3d536bb5340a61ae5c0ca8a8b8dafd8e88788d3d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Oct 2022 17:51:29 GMT
server: nginx
etag: "17b36a2b3034993c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/254615_SDNM-251.jpg>; rel="canonical"
content-length: 56408
expires: Fri, 25 Oct 2024 05:51:29 GMT

GET
H2 200 257644_SDNM-257.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 50 KB
51 KB 42ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/257644_SDNM-257.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

01b218d0e18ca5fd713988ee3819a366be44145c932ad7ccc026f3412395fb0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Oct 2022 17:51:29 GMT
server: nginx
etag: "d50d873df09ccee1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/257644_SDNM-257.jpg>; rel="canonical"
content-length: 51692
expires: Fri, 25 Oct 2024 05:51:29 GMT

GET
H2 200 267287_SDNM-278.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 54 KB
54 KB 100ms
95ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/267287_SDNM-278.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

924fd261c75be7e4c5b8d84d254e2c8f474ea2607549bd6f9b2a0eb83e3b97ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "4585ae36e268177a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/267287_SDNM-278.jpg>; rel="canonical"
content-length: 54828
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 268050_SDNM-283.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 52 KB
52 KB 100ms
96ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/268050_SDNM-283.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4bb6fc4b6356569f1ed8d939c7b29cd0fadb5f966153c55a313312e119fc28bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "bd6947ce0c564eac"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/268050_SDNM-283.jpg>; rel="canonical"
content-length: 53200
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 275108_SDNM-302.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 57 KB
57 KB 86ms
82ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/275108_SDNM-302.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d07dc5cd86bae282426289b439034271c69ba75375367097dd018b9ec2cfd57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "885a1f65efc6f535"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/275108_SDNM-302.jpg>; rel="canonical"
content-length: 58158
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 208446_SDNM-194.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 57 KB
57 KB 101ms
97ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/208446_SDNM-194.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e3dcaa82d905f675a02080c66ca7de22453239e8ea536977a22fd23c2f4308d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 1
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "0386eb2566384b96"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/208446_SDNM-194.jpg>; rel="canonical"
content-length: 58224
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 223756_SDNM-218.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 54 KB
54 KB 86ms
82ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/223756_SDNM-218.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

49d7f2c7cabc989296006f823a67c007f975ddccdbbe91d9f0b67dc2c320d3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 2
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "e314ec2e7279df71"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/223756_SDNM-218.jpg>; rel="canonical"
content-length: 55092
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 225756_SDNM-221.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 56 KB
56 KB 54ms
51ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/225756_SDNM-221.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

08262c3ee2a4012b9a4325efba33e8ee446516bfb1cb862a22e7e221c4fdb21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 11:42:31 GMT
server: nginx
etag: "6eec6863473a6129"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/225756_SDNM-221.jpg>; rel="canonical"
content-length: 57526
expires: Fri, 25 Oct 2024 23:42:31 GMT

GET
H2 200 171249_SDNM-124.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 68 KB
69 KB 100ms
97ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/171249_SDNM-124.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3d9b8707482df2a33600f1d2086cf29adce3dcca5255350f50dc4c12fbcc5cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 7
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "66cae96b35e755f2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/171249_SDNM-124.jpg>; rel="canonical"
content-length: 70078
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 174355_SDNM-131.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 66 KB
66 KB 87ms
84ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/174355_SDNM-131.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a36524cdf4681afed2ffe025d87c3843ee1f6bec6f60c1eef9eeb400e91c973d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 7
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "746046956363436a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/174355_SDNM-131.jpg>; rel="canonical"
content-length: 67690
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 175479_SDNM-133.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 54 KB
54 KB 129ms
126ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/175479_SDNM-133.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c3c32e2750a681aeba821149626067612acfd15fb0224593748652f5cd7378c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "6de160f6aca26178"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/175479_SDNM-133.jpg>; rel="canonical"
content-length: 55306
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 177993_SDNM-137.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 64 KB
64 KB 99ms
96ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/177993_SDNM-137.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6de619998d7dd33a67b45b9e61cb692749b82b283aea647162a05bd2d7999acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 7
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "624c61e6097f34d3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/177993_SDNM-137.jpg>; rel="canonical"
content-length: 65770
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 182208_SDNM-143.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 50 KB
50 KB 111ms
109ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/182208_SDNM-143.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

014e2bdb3fff9d6ba9204693125c663471b48d39fde999671301d7dc8039de3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: nginx
etag: "495f0b57d647a1f1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/182208_SDNM-143.jpg>; rel="canonical"
content-length: 51486
expires: Sat, 26 Oct 2024 15:53:01 GMT

GET
H2 200 185836_SDNM-147.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 52 KB
52 KB 61ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/185836_SDNM-147.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

621bb84a54d9bd74726864af45fe5fb634d83210a276a51a7e4d51e3b0252e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 03:51:32 GMT
server: nginx
etag: "5831f2375010e743"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/185836_SDNM-147.jpg>; rel="canonical"
content-length: 53246
expires: Wed, 23 Oct 2024 15:51:32 GMT

GET
H2 200 188686_SDNM-152.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 58 KB
58 KB 54ms
51ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/188686_SDNM-152.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b8925170ef62d53ba4a73fb70e441d9bb370e8582d27a78cc2cf78198e7c0b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 12:21:41 GMT
server: nginx
etag: "c7d8b2316588410c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/188686_SDNM-152.jpg>; rel="canonical"
content-length: 59150
expires: Sat, 26 Oct 2024 00:21:41 GMT

GET
H2 200 201085_SDNM-173.jpg
i0.wp.com/pic.7mmtv.tv/censored/b/ 58 KB
59 KB 54ms
52ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/pic.7mmtv.tv/censored/b/201085_SDNM-173.jpg?w=640

Requested by

Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b2b8cbd76cb2ccf0da5846457b85be561ddd45fdb2160a4ec85705c481fe1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 27 Oct 2022 03:53:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Oct 2022 12:21:02 GMT
server: nginx
etag: "783cbe0cf91ad891"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://pic.7mmtv.tv/censored/b/201085_SDNM-173.jpg>; rel="canonical"
content-length: 59860
expires: Sat, 26 Oct 2024 00:21:02 GMT

GET
H/1.1 200
OK / Show response
ap.octopuspop.com/deliver/ 629 B
1 KB 1024ms
277ms XHR
application/json 175.41.244.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.octopuspop.com/deliver/?_spot=63813&_iphone_type=&_ver=1666842781510
Requested by: Host: srv1.aaacompany.net
URL: https://srv1.aaacompany.net/om/pr/a/load.js?spot_id=63813
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.244.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-244-45.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 57e096df82a102f10ed5fcb95753450de991867b64dab80276410b0d61d7252a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 03:53:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin: https://jav.direct
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Cookie, Content-Type, Origin, User-Agent, Cache-Control, Keep-Alive, X-Requested-With, Accept, Accept-Encoding, Accept-Language, Connection, Content-Length, Host, Referer, Pragma
Content-Length: 311
Access-Control-Allow-Method: GET, POST, OPTIONS

GET
H3 200 main.472cfe03682923a44833.css
creative.xlrdr.com/widgets/v4/Universal/ Frame D970 13 KB
4 KB 60ms
32ms Stylesheet
text/css 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.css
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ec4684ec9818d68b90f8bbdad62d7d1303f3cc6a93f24abe1238671c416fd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 27 Oct 2022 03:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 07:09:56 GMT
server: cloudflare
age: 6
etag: W/"63578bc4-3407"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10
cf-ray: 76087b798d39d0c5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 03:53:04 GMT

GET
H3 200 main.472cfe03682923a44833.js Show response
creative.xlrdr.com/widgets/v4/Universal/ Frame D970 264 KB
76 KB 69ms
41ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb35797431f0e49d3c0ed064e0937265dba901fffabb1cce46fda19ce57267c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 27 Oct 2022 03:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 07:09:56 GMT
server: cloudflare
age: 1
etag: W/"63578bc4-41fc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 76087b799d3dd0c5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 03:53:05 GMT

GET
H/1.1 200
OK data.php Show response
ad-nex.com/ 2 KB
2 KB 1423ms
256ms Script
text/javascript 59.106.233.149
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-nex.com/data.php?id=agmnbk8tzx56
Requested by: Host: img.ad-nex.com
URL: https://img.ad-nex.com/file/universal_tag/mgeoamsepejb/ugmnbjn20oar/sc_ugmnbk8u2kz6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.106.233.149 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: Apache / PHP/7.0.33
Resource Hash: 8a67ec49699d94f37489b62d31cb452fa3744eae0cc4363d73a31215db60f1d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P: CP='UNI CUR OUR'
Date: Thu, 27 Oct 2022 03:53:03 GMT
Server: Apache
Connection: close
X-Powered-By: PHP/7.0.33
Content-Length: 1619
Content-Type: text/javascript;charset=UTF-8

GET
H3 200 en.json Show response
creative.xlrdr.com/widgets/v4/Universal/lang/ Frame D970 172 B
321 B 30ms
29ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlrdr.com/widgets/v4/Universal/lang/en.json
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 27 Oct 2022 03:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 07:07:11 GMT
server: cloudflare
age: 0
etag: W/"63578b1f-ac"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=10
cf-ray: 76087b7a8e55d0c5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 03:53:06 GMT

GET
H3 200 config Show response
go.xlrdr.com/ Frame D970 7 KB
2 KB 68ms
40ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.xlrdr.com/config?url=https%3A%2F%2Fcreative.xlrdr.com%2Fwidgets%2Fv4%2FUniversal%2F%3FactionButtonPlacement%3Dbottom%26autoplay%3Dall%26autoplayForce%3D1%26campaignId%3Dwidget%26domain%3Dstripchat%26hideButtonOnSmallSpots%3D0%26hideModelNameOnSmallSpots%3D0%26hideTitleOnSmallSpots%3D0%26isXhDesign%3D0%26showButton%3D0%26showLiveBadge%3D1%26showModelName%3D1%26showTitle%3D0%26sound%3Doff%26tag%3Dgirls%252Fchinese%26thumbSizeKey%3Dbig%26thumbsMargin%3D10%252C%26trackOff%3D1%26userId%3Db44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9996acfb8a70af416faa9c72fa12aa6820e18fc51b368a759a00211ef6fdea4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:49:41 GMT
server: cloudflare
age: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 76087b7abfed1e75-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
video.ktkjmp.com/ Frame D970 16 B
686 B 96ms
32ms Fetch
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.ktkjmp.com/adsbygoogle.js
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:01 GMT
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status: HIT
x-amz-request-id: 3YWDZBTT5KXYP4SY
age: 351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-amz-id-2: JkCGjUrgnBgB5Ldx8o/A8ASqNLV5nPIAdv57lupABlhL2wyLLTncvB9KXBxRs01tDEzM0AFmFH4=
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag: "3d7f7a60216d40dea48e495fef6903c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://creative.xlrdr.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76087b7ae8b541c2-AMS
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires: Thu, 27 Oct 2022 07:53:01 GMT

GET
H3 200 core.34b30cde2ed8622605f0.js Show response
creative.xlrdr.com/widgets/v4/Universal/ Frame D970 3 KB
1 KB 33ms
32ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlrdr.com/widgets/v4/Universal/core.34b30cde2ed8622605f0.js
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d31838cb90e196f86dc55b17e8297a5c36436fab92741ddd2f28df889cd91a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 27 Oct 2022 03:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 07:09:56 GMT
server: cloudflare
age: 2
etag: W/"63578bc4-aa6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 76087b7b6f84d0c5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 03:53:03 GMT

GET
H3 200 models Show response
go.xlrdr.com/api/ Frame D970 14 KB
2 KB 63ms
63ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.xlrdr.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a738ae8e0a36ca09e5978869aed097111cd5a45c081bd510602a0d68a749b48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.xlrdr.com
access-control-allow-credentials: true
cf-ray: 76087b7b6f88d0c5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 59689843
img.strpst.com/thumbs/1666842301/ Frame D970 39 KB
39 KB 293ms
58ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/59689843
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94392ee65edf4a0c6771680b01b2ebbc9028d409cdb6ae5d9751fc564f8e6c0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 432
cf-polished: origSize=41713, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40155
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:45:08 GMT
server: cloudflare
etag: "2bb098990e455d3fb2552bd717b78743"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76087b7d5c67b94a-AMS
access-control-allow-headers: *
expires: Thu, 27 Oct 2022 03:58:02 GMT

GET
H2 200 71164333
img.strpst.com/thumbs/1666842301/ Frame D970 44 KB
45 KB 268ms
34ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/71164333
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa3d60698df20eaa7b5ca2e74540492d83eb5eb853d3ac50be08d14230de9e8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 429
cf-polished: origSize=47351, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45377
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:45:15 GMT
server: cloudflare
etag: "f46ee8c2cc899aacdd581b4a32cc90a8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 76087b7d5c68b94a-AMS
expires: Thu, 27 Oct 2022 03:58:02 GMT

GET
H2 200 89443470
img.strpst.com/thumbs/1666842301/ Frame D970 35 KB
35 KB 265ms
30ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/89443470
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4482ef66c2e7d0fa0fb641e355686f8add440e81e6032b7c284170fcc6e6c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 415
cf-polished: origSize=36770, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35683
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:44:45 GMT
server: cloudflare
etag: "94abf68809c1d8812252bbc3a96ad420"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76087b7d5c69b94a-AMS
access-control-allow-headers: *
expires: Thu, 27 Oct 2022 03:58:02 GMT

GET
H2 200 89192716
img.strpst.com/thumbs/1666842301/ Frame D970 55 KB
56 KB 291ms
57ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/89192716
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 396ce3177fe5c1798b9a3285d36e470547aed193093ff23926931b2dfa8ed848

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 415
cf-polished: origSize=58981, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56737
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:45:14 GMT
server: cloudflare
etag: "eae6f6cb5f13000e800fc3529bcab01e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 76087b7d5c6bb94a-AMS
expires: Thu, 27 Oct 2022 03:58:02 GMT

GET
H2 200 78136647
img.strpst.com/thumbs/1666842301/ Frame D970 41 KB
42 KB 290ms
57ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/78136647
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7028a687ad4bf4ada6c0f9155fbc195c1cdf63d2df78938eea05ee09f879e685

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 430
cf-polished: origSize=43845, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42346
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:45:29 GMT
server: cloudflare
etag: "d51bf95bab8f021ea08688fae9a20db6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 76087b7d5c6fb94a-AMS
expires: Thu, 27 Oct 2022 03:58:02 GMT

GET
H2 200 79992438
img.strpst.com/thumbs/1666842301/ Frame D970 24 KB
24 KB 293ms
59ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/79992438
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d40ee9ac45d1223c18206b3fe66d56739f1a2a5b07f9a74d6053e83b22bb91a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 413
cf-polished: origSize=25247, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24546
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:44:59 GMT
server: cloudflare
etag: "dff00d2a790e93011601fbf660dfdd87"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 76087b7d5c6db94a-AMS
expires: Thu, 27 Oct 2022 03:58:02 GMT

GET
H2 200 80551434
img.strpst.com/thumbs/1666842301/ Frame D970 34 KB
34 KB 244ms
33ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/80551434
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 332f176d977c82978952ed6d251f60b1f9da86f22b3a258f096126a0cf0ecb8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 432
cf-polished: origSize=36293, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35078
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:45:13 GMT
server: cloudflare
etag: "bf43940a0b4912015522656d893747a7"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76087b7d5c64b94a-AMS
access-control-allow-headers: *
expires: Thu, 27 Oct 2022 03:58:02 GMT

GET
H2 200 75537298
img.strpst.com/thumbs/1666842301/ Frame D970 50 KB
50 KB 267ms
56ms Image
image/jpeg 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1666842301/75537298
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a66d62e05af443a3f6784c28e0c212b6a0cbe112a26564928741fccea44a896b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
age: 429
cf-polished: origSize=53353, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51328
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Oct 2022 03:45:36 GMT
server: cloudflare
etag: "1593aa95f3fdf20af9b60195f366b1ba"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 76087b7d5c66b94a-AMS
expires: Thu, 27 Oct 2022 03:58:02 GMT

POST
H3 200 view Show response
go.xlrdr.com/thumbs/ Frame D970 286 B
335 B 53ms
53ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.xlrdr.com/thumbs/view
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ed914275921a9f72b9c34b7f45d8031075149c2b8b653ee7e8e8aec1c3b374

Request headers

Referer: https://creative.xlrdr.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
cf-ray: 76087b7cb9491e75-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vendors~hls.1607c4ce624b3d74b257.js Show response
creative.xlrdr.com/widgets/v4/Universal/ Frame D970 174 KB
53 KB 38ms
37ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8670e0365a11c2951da60262f1389a48f7e124a2b135efc90193efc3ffc737e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 07:09:56 GMT
server: cloudflare
age: 7
etag: W/"63578bc4-2b969"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 76087b7dcaf7d0c5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 03:52:55 GMT

GET
H3 200 hls.af383202db4cb5b7b12d.js Show response
creative.xlrdr.com/widgets/v4/Universal/ Frame D970 61 B
310 B 67ms
66ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlrdr.com/widgets/v4/Universal/hls.af383202db4cb5b7b12d.js
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/main.472cfe03682923a44833.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d5bef571c6a9e14d8a182bc2ed9cbe64d353a86dcba0387440760cbeed8f53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&campaignId=widget&domain=stripchat&hideButtonOnSmallSpots=0&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=0&isXhDesign=0&showButton=0&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&tag=girls%2Fchinese&thumbSizeKey=big&thumbsMargin=10%2C&trackOff=1&userId=b44a4f8461a0c2ec67035a0d40b3050247e2829b31680e19122675ebd78dc131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 07:09:56 GMT
server: cloudflare
age: 7
etag: W/"63578bc4-3d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 76087b7dcaf8d0c5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Oct 2022 03:52:56 GMT

GET
H2 200 59689843_480p.m3u8 Show response
b-hls-04.doppiocdn.com/hls/59689843_480p/master/ Frame D970 153 B
403 B 102ms
40ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843_480p/master/59689843_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d104005822c4697b7f04c33ddf3bf778a73480dec410b18d37811beeb371c6fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b7ea80bb748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 59689843_480p.m3u8 Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 585 B
546 B 56ms
30ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b9ef402d2b8624a63b8b6cc0df6e5e847689ddd8e00c2631d7ef2392a7e1c7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:00 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b7f1b2db92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 om_res.php Show response
srv1.aaacompany.net/ 535 B
540 B 807ms
267ms XHR
application/json 133.242.19.204
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://srv1.aaacompany.net/om_res.php?spot=63813&article=112948&_=1666842782536
Requested by: Host: srv1.aaacompany.net
URL: https://srv1.aaacompany.net/om/pr/a/load.js?spot_id=63813
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 133.242.19.204 Inzai, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d49d24b86a510891c46765cd258713565bef6a32b07291f9ffcc45033e6d72bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 03:53:03 GMT
x-signature: KUSANAGI
content-encoding: br
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-f-cache: BYPASS
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 59689843_480p_926_zG5EJDt4Ft0Y7D5p.ts Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 312 KB
313 KB 31ms
31ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p_926_zG5EJDt4Ft0Y7D5p.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7797ba12aa72a54c39f42553a33d3e156c92732555d57290a6811f39a6135295

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:55 GMT
server: cloudflare
age: 5
etag: "635a0097-4e1e8"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b7f4b6fb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 319976

GET
BLOB 200
OK 1f064cfd-f144-42ef-8e37-43975544c8c2
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/1f064cfd-f144-42ef-8e37-43975544c8c2
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

GET
H3 200 59689843_480p_927_SPtje73dEHY9ZKiW.ts Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 318 KB
318 KB 35ms
35ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p_927_SPtje73dEHY9ZKiW.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df63c76f98f0f7417bc244aba3adb995bf982b80270def94aa25c63af095f7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:57 GMT
server: cloudflare
age: 3
etag: "635a0099-4f678"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b805cc8b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 325240

GET
H2 200 71164333_480p.m3u8 Show response
b-hls-19.doppiocdn.com/hls/71164333_480p/master/ Frame D970 153 B
187 B 48ms
34ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-19.doppiocdn.com/hls/71164333_480p/master/71164333_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f431b05b054eeb52da1419e1c0e6a62e0046e52a05364cb5e81aa8d8cedeac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b8069c8b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 71164333_480p.m3u8 Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 589 B
326 B 104ms
29ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360a20a46deba8e900c8182b30be23708d798807a0f2b573f9997f1c62ad0474

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b811a73b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 59689843_480p_928_9iHTMltA3Nnb2OV6.ts Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 303 KB
303 KB 30ms
29ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p_928_9iHTMltA3Nnb2OV6.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f33bc2b963ec8885edcaeb671d13bf53d3b08dbdcd9bcab73dd6c1400988a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:59 GMT
server: cloudflare
age: 1
etag: "635a009b-4bc74"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b80ed8cb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 310388

GET
H3 200 71164333_480p_7061_dzmfcJoOwZSi7UsF.ts Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 295 KB
295 KB 33ms
33ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p_7061_dzmfcJoOwZSi7UsF.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d098dad16bec37f5a2951d50367668bc11ecf788877b7f00cabdaa18cd8450b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:02 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:56 GMT
server: cloudflare
age: 5
etag: "635a0098-49c24"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b814e07b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302116

GET
BLOB 200
OK 192e9d23-7be6-49bd-9845-704ba87e420a
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/192e9d23-7be6-49bd-9845-704ba87e420a
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

GET
H3 200 71164333_480p_7062_J9s4QldxxVUydE2n.ts Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 302 KB
303 KB 30ms
30ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p_7062_J9s4QldxxVUydE2n.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2dc983081a69a507a9edb203da57734bc347e99ad57c2960d2e3f0ad3b3fafa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:58 GMT
server: cloudflare
age: 4
etag: "635a009a-4b8c8"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b81ce9fb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 309448

GET
H2 200 89443470.m3u8 Show response
b-hls-08.doppiocdn.com/hls/89443470/master/ Frame D970 148 B
229 B 43ms
34ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-08.doppiocdn.com/hls/89443470/master/89443470.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa9acb11fe36d44b1630cd5e6a054e7f6c4ed2f52af03eb84b3d36470394395

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b81db64b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 89443470.m3u8 Show response
b-hls-12.doppiocdn.com/hls/89443470/ Frame D970 574 B
323 B 42ms
32ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-12.doppiocdn.com/hls/89443470/89443470.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee826e9de23abdc965fc72a11bd6a1b7505cb174f5222b671d320d46249ccf5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b821baeb748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 71164333_480p_7063_hsEYnr5zdXedDV6E.ts Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 309 KB
309 KB 34ms
34ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p_7063_hsEYnr5zdXedDV6E.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a970163defc751281b017f877766217b0f2fa0db2fc259e0be9523d16eda40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:00 GMT
server: cloudflare
age: 2
etag: "635a009c-4d3f4"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b823f2fb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 316404

GET
H3 200 89443470_4824_bs08B45byWpGPQY9.ts Show response
b-hls-12.doppiocdn.com/hls/89443470/ Frame D970 471 KB
471 KB 61ms
61ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-12.doppiocdn.com/hls/89443470/89443470_4824_bs08B45byWpGPQY9.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b476b4954d5a053c447d528facf930ce7d87af2854a094a16f6cdde8806631cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:56 GMT
server: cloudflare
age: 3
etag: "635a0098-75bac"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b825f78b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 482220

GET
BLOB 200
OK 7edbe027-d42d-445f-a6d3-bc5c412ce784
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/7edbe027-d42d-445f-a6d3-bc5c412ce784
Requested by: Host: jav.direct
URL: https://jav.direct/censored/sdnm-268/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

POST
H3 200 admin-ajax.php Show response
jav.direct/wp-admin/ 136 B
717 B 596ms
595ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jav.direct/wp-admin/admin-ajax.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e176c43cdbb2c2086f235770f7100b27e55a0b3f9abccc36aa024f45bf33817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://jav.direct/censored/sdnm-268/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control: no-cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://jav.direct
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6g7pW9XMZ9fYU55gTZAuB0ANdpCt4dLp1Z5xfd4Eme%2BVNeoPyLda%2BPN1bu4UGEgNXDZ01%2BlyzELtsxJqiDB%2Ffa0Bvz3x6Uxik0MLmK05w09t2KbMLqtVC%2BxLHUch27XboWYxzuHaen%2Fv"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 76087b830cacb813-AMS
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.94.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.94.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b993e0a8190d4a8de1f8eaf69c449e1ccb6b9484a5feefc6de9b50b6a184331e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:43:43 GMT
x-content-type-options: nosniff
age: 173360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8716
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 03:43:43 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.77.woff2
fonts.gstatic.com/s/mplus1p/v27/ 9 KB
9 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.77.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

375a69212e6ce1e917654054cd2cf3e2b308f141e36ec08e51607d87193879b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:53:42 GMT
x-content-type-options: nosniff
age: 147561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9148
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:53:42 GMT

GET
H3 200 e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.98.woff2
fonts.gstatic.com/s/mplus1p/v27/ 8 KB
9 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mplus1p/v27/e3tmeuShHdiFyPFzBRrQRBEgfivGoOYmg_dUa_BuiDU9F33s7CtHVU4.98.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|M+PLUS+1p:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

283393f0f29c30c6a2b8341eff59c30e0b2bae24ac18d2718ebb3c1ea1db09f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jav.direct
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 06:25:54 GMT
x-content-type-options: nosniff
age: 509229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8688
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 06:25:54 GMT

GET
H3 200 89443470_4825_2kxmwGIDltjcpquf.ts Show response
b-hls-12.doppiocdn.com/hls/89443470/ Frame D970 434 KB
435 KB 32ms
31ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-12.doppiocdn.com/hls/89443470/89443470_4825_2kxmwGIDltjcpquf.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b238e51823ba8e88a314019b715830e99c8fe6a441b5372fe0f35a1a995496f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:59 GMT
server: cloudflare
age: 2
etag: "635a009b-6c988"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b8328ccb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 444808

GET
H2 200 89192716_480p.m3u8 Show response
b-hls-11.doppiocdn.com/hls/89192716_480p/master/ Frame D970 153 B
196 B 81ms
36ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-11.doppiocdn.com/hls/89192716_480p/master/89192716_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e5eb3a87f1de0bc7fbd7a18daf500d0aa1ebef568a69244362b5aa7bff71acb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b83ad9eb748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 89443470_4826_ypJwZkueHYZvD3lm.ts Show response
b-hls-12.doppiocdn.com/hls/89443470/ Frame D970 474 KB
474 KB 33ms
32ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-12.doppiocdn.com/hls/89443470/89443470_4826_ypJwZkueHYZvD3lm.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1f5faf8b46547c48dfeade948717bff13df9a8542be5f03e2f540d19092547

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
etag: "635a009d-76828"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b83c9d5b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 485416

GET
H2 200 89192716_480p.m3u8 Show response
b-hls-20.doppiocdn.com/hls/89192716/ Frame D970 585 B
348 B 75ms
31ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-20.doppiocdn.com/hls/89192716/89192716_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e49b171c4f8099e9c2a8429b2077134b741c9d8af342a33b8d03ec46e2d0355

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b842e32b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 89192716_480p_709_TjSXpukjzTgx9eNk.ts Show response
b-hls-20.doppiocdn.com/hls/89192716/ Frame D970 314 KB
314 KB 43ms
43ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-20.doppiocdn.com/hls/89192716/89192716_480p_709_TjSXpukjzTgx9eNk.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f2508214682054c118d394263fb96a21619c09425e686bc480b85bea5a4846b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:58 GMT
server: cloudflare
age: 3
etag: "635a009a-4e650"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b845a99b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 321104

GET
BLOB 200
OK 724d4f48-9f65-431f-8a57-f5c86075056c
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/724d4f48-9f65-431f-8a57-f5c86075056c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

GET
H3 200 89192716_480p_710_nVysA1YIZ5a3JB2J.ts Show response
b-hls-20.doppiocdn.com/hls/89192716/ Frame D970 310 KB
310 KB 31ms
30ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-20.doppiocdn.com/hls/89192716/89192716_480p_710_nVysA1YIZ5a3JB2J.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdaa43aa61087056150974e6f6f9f489a9a090309c13ca47d685fb8de4f73bbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:00 GMT
server: cloudflare
age: 0
etag: "635a009c-4d85c"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b84db66b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 317532

GET
H2 200 78136647_480p.m3u8 Show response
b-hls-07.doppiocdn.com/hls/78136647_480p/master/ Frame D970 153 B
187 B 64ms
51ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-07.doppiocdn.com/hls/78136647_480p/master/78136647_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a9154d6ec23482366dbe9cbb1e06de4cd6863a9fe2f9cafb75cbc8c6375eb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b84ff20b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 78136647_480p.m3u8 Show response
b-hls-06.doppiocdn.com/hls/78136647/ Frame D970 589 B
321 B 50ms
33ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/78136647/78136647_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 394230b85f2ea4c8afd90284c504db7dea3331af3f0d9797cc6cf0d7044e85a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b856faab748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 89192716_480p_711_g5u7O9A5rHaf80kq.ts Show response
b-hls-20.doppiocdn.com/hls/89192716/ Frame D970 308 KB
308 KB 47ms
47ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-20.doppiocdn.com/hls/89192716/89192716_480p_711_g5u7O9A5rHaf80kq.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a25e432bcb35ebe439d913a099d7bf18cbb8674e4bbfcd2b57c76ffe4e1ca83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
etag: "635a009e-4ce14"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b858c2cb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 314900

GET
H3 200 78136647_480p_1275_IHQCV3ICgru0bUBa.ts Show response
b-hls-06.doppiocdn.com/hls/78136647/ Frame D970 331 KB
331 KB 84ms
83ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/78136647/78136647_480p_1275_IHQCV3ICgru0bUBa.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4fe74f586a177f294e62aa9edc995078aaa405e8d6415e7587c95bf57b81213

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:57 GMT
server: cloudflare
age: 2
etag: "635a0099-52a9c"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b85ac4bb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 338588

GET
BLOB 200
OK 3059121e-c195-4135-8d00-cf6067a3f1e1
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/3059121e-c195-4135-8d00-cf6067a3f1e1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

GET
H3 200 78136647_480p_1276_dhQMQlglmp4yy4Pb.ts Show response
b-hls-06.doppiocdn.com/hls/78136647/ Frame D970 338 KB
339 KB 39ms
38ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/78136647/78136647_480p_1276_dhQMQlglmp4yy4Pb.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6d0993a2ea843703f6faba44a78d2cc6453255cff27a722c7ac18c9aa999a56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:59 GMT
server: cloudflare
age: 0
etag: "635a009b-548b8"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b868d7eb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 346296

GET
H2 200 79992438_480p.m3u8 Show response
b-hls-17.doppiocdn.com/hls/79992438_480p/master/ Frame D970 153 B
187 B 50ms
40ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-17.doppiocdn.com/hls/79992438_480p/master/79992438_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7621cb43749ca44e5b1a23f1d8ae1c5be5892cd282421be6605399fb762aec6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b8698fab748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 79992438_480p.m3u8 Show response
b-hls-19.doppiocdn.com/hls/79992438/ Frame D970 589 B
512 B 41ms
40ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-19.doppiocdn.com/hls/79992438/79992438_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade956aa3ae837dd872c34366aa34aaa91c1241b13aaae810117fd0855e6fd04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:00 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b86ddf7b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 79992438_480p_1400_CWk7qfu15syr2NnO.ts Show response
b-hls-19.doppiocdn.com/hls/79992438/ Frame D970 325 KB
325 KB 31ms
30ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-19.doppiocdn.com/hls/79992438/79992438_480p_1400_CWk7qfu15syr2NnO.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ac22ed40b473ca2dd510b2cbe084e0a18ad1145312da6bb63a6312ab36da7d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:57 GMT
server: cloudflare
age: 0
etag: "635a0099-51260"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b872e62b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 332384

GET
BLOB 200
OK debcf2de-21bd-4951-b661-399e151c327a
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/debcf2de-21bd-4951-b661-399e151c327a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

GET
H3 200 78136647_480p_1277_xQ4Flazd2GE4GzPw.ts Show response
b-hls-06.doppiocdn.com/hls/78136647/ Frame D970 308 KB
308 KB 59ms
58ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/78136647/78136647_480p_1277_xQ4Flazd2GE4GzPw.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9627924cbf0248685d2b018373d28a3ebfbe2c6c7a8f1bbb3449069f39d53c9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
age: 0
etag: "635a009d-4d048"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b875e90b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 315464

GET
H3 200 79992438_480p_1401_qb9THowBVBo9ViiX.ts Show response
b-hls-19.doppiocdn.com/hls/79992438/ Frame D970 313 KB
313 KB 35ms
34ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-19.doppiocdn.com/hls/79992438/79992438_480p_1401_qb9THowBVBo9ViiX.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 682cfc635bf5299f1b03b66c42034377444e142ce0b217aec133428f89492484

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:59 GMT
server: cloudflare
etag: "635a009b-4e360"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b87cf1eb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 320352

GET
H3 200 80551434_480p.m3u8 Show response
b-hls-08.doppiocdn.com/hls/80551434_480p/master/ Frame D970 153 B
377 B 105ms
105ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-08.doppiocdn.com/hls/80551434_480p/master/80551434_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50897f2e280e88505c150dc8537dddc4bceaac0388e23d8ed44c389ba387001d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b87cf20b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 80551434_480p.m3u8 Show response
b-hls-23.doppiocdn.com/hls/80551434/ Frame D970 589 B
347 B 51ms
39ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-23.doppiocdn.com/hls/80551434/80551434_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 269ee2c0c39055d93a76acbbb8f7604a983ec3bf1565f2f5d9a106b808380f91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b888b6fb748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 79992438_480p_1402_AQSIaro81SheawuO.ts Show response
b-hls-19.doppiocdn.com/hls/79992438/ Frame D970 316 KB
316 KB 35ms
34ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-19.doppiocdn.com/hls/79992438/79992438_480p_1402_AQSIaro81SheawuO.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f218d7730dffba6702870f6fdbd1aabb8f96f7a6fa3f8415f9a10744d5170e2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
etag: "635a009d-4f098"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b88a838b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 323736

GET
H3 200 80551434_480p_4732_8mPxW98GNXTp1IMA.ts Show response
b-hls-23.doppiocdn.com/hls/80551434/ Frame D970 301 KB
301 KB 56ms
56ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-23.doppiocdn.com/hls/80551434/80551434_480p_4732_8mPxW98GNXTp1IMA.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f01edaffa0646a0461c150856789e0d7546a56538d2d5218b8d803d0deecfe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:58 GMT
server: cloudflare
age: 3
etag: "635a009a-4b22c"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b88c899b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307756

GET
BLOB 200
OK 565f7ba6-be5d-4dcf-9a96-c47602f128d5
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/565f7ba6-be5d-4dcf-9a96-c47602f128d5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

GET
H3 200 80551434_480p_4733_1ER24YBt9fSG6LMe.ts Show response
b-hls-23.doppiocdn.com/hls/80551434/ Frame D970 312 KB
312 KB 35ms
35ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-23.doppiocdn.com/hls/80551434/80551434_480p_4733_1ER24YBt9fSG6LMe.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd37342a23015141b4e4a5698b0f69b6c1979dea5c5d4f946113ff4b24e9991

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:00 GMT
server: cloudflare
age: 1
etag: "635a009c-4e070"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b898977b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 319600

GET
H2 200 75537298_480p.m3u8 Show response
b-hls-01.doppiocdn.com/hls/75537298_480p/master/ Frame D970 153 B
187 B 46ms
37ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-01.doppiocdn.com/hls/75537298_480p/master/75537298_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa4b5ccf3715b75625bfd974249ecadb3ebcbc2109770cb583c2f064e52f0ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b899c91b748-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 75537298_480p.m3u8 Show response
b-hls-06.doppiocdn.com/hls/75537298/ Frame D970 585 B
511 B 35ms
35ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/75537298/75537298_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b225fa7ee31875f4209c48f08aa201df694cb5beda3ce1e1dd6fe5ff90408442

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b89d9efb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 76ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-132Q2ED2FJ&gtm=2oeaq0&_p=216718186&cid=233145546.1666842779&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666842779&sct=1&seg=0&dl=https%3A%2F%2Fjav.direct%2Fcensored%2Fsdnm-268%2F&dt=SDNM-268%20%E3%80%8C%E3%81%8A%E9%87%91%E3%82%88%E3%82%8A%E3%82%82%E5%A4%A7%E5%88%87%E3%81%AA%E4%BD%95%E3%81%8B%E3%82%92%E8%A6%8B%E3%81%A4%E3%81%91%E3%81%AB%E6%9D%A5%E3%81%BE%E3%81%97%E3%81%9F%E2%80%A6%E3%80%8D%E5%86%A8%E7%94%B0%E6%9C%9D%E9%A6%99%2038%E6%AD%B3%20%E7%AC%AC2%E7%AB%A0%20%E3%80%8C10%E4%BB%A3%E3%81%AE%E9%A0%83%E3%81%AE%E3%82%88%E3%81%86%E3%81%AB%E3%83%88%E3%82%AD%E3%83%A1%E3%82%AD%E3%81%BE%E3%81%97%E3%81%9F%E3%80%8D%E2%80%99%E3%82%AB%E3%83%A1%E3%83%A9%E8%B2%B8%E3%81%97%E2%80%99%E5%B9%B4%E4%B8%8B%E3%82%AF%E3%83%B3%E3%81%A8Go%20To1%E6%97%A5%E3%83%97%E3%83%A9%E3%82%A4%E3%83%99%E3%83%BC%E3%83%88%E3%83%87%E3%83%BC%E3%83%88%20%7C%20%E3%83%A2%E3%82%B6%E3%81%82%E3%82%8A%20%7C%20JAV.direct&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-132Q2ED2FJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jav.direct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 03:53:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jav.direct
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 75537298_480p_796_UCGxFF4wPOJE2nyC.ts Show response
b-hls-06.doppiocdn.com/hls/75537298/ Frame D970 301 KB
301 KB 30ms
30ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/75537298/75537298_480p_796_UCGxFF4wPOJE2nyC.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a514d01bdcbed2b81dacaa3fa597cea4888541ab8d7ceadeaa73d5aa0bbdc70

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:56 GMT
server: cloudflare
age: 4
etag: "635a0098-4b3a4"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b8a1a45b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 308132

GET
BLOB 200
OK bbe4d474-3c03-4728-880a-7df24ec81b1a
https://creative.xlrdr.com/ Frame D970 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.xlrdr.com/bbe4d474-3c03-4728-880a-7df24ec81b1a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62322
Content-Type: text/javascript

GET
H3 200 80551434_480p_4734_F32vvtiLtZeQYfWB.ts Show response
b-hls-23.doppiocdn.com/hls/80551434/ Frame D970 324 KB
324 KB 72ms
72ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-23.doppiocdn.com/hls/80551434/80551434_480p_4734_F32vvtiLtZeQYfWB.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42c6a1dbb4eebc5faab85994a831fe1a2e0a860f8a70bc9c990f1191eed5a0c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 1
etag: "635a009e-50eb4"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b8a2a67b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 331444

GET
H3 200 75537298_480p_797_ptu1mcgIZi8HLD2r.ts Show response
b-hls-06.doppiocdn.com/hls/75537298/ Frame D970 323 KB
323 KB 33ms
33ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/75537298/75537298_480p_797_ptu1mcgIZi8HLD2r.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3f422c63e0eb7c789ee005c21baa9673d71051367ac98a4d5db271fa405506

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:52:58 GMT
server: cloudflare
age: 2
etag: "635a009a-50c80"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b8aab01b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 330880

GET
H3 200 75537298_480p_798_kuR0FhM529c0ASim.ts Show response
b-hls-06.doppiocdn.com/hls/75537298/ Frame D970 306 KB
306 KB 32ms
31ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/75537298/75537298_480p_798_kuR0FhM529c0ASim.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e86f981dacdad91e46d771d3c77991aa72de116f7ae0b835b2145cddc2f094bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:00 GMT
server: cloudflare
age: 1
etag: "635a009c-4c600"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b8b3bc5b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 312832

GET
H3 200 59689843_480p.m3u8 Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 585 B
511 B 54ms
54ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6262287aefb2edf5062c2158752582fc4f29578fcf5e200f131b7a097c79f335

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b8b6bf9b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 59689843_480p_929_UEZ0UhsWZ3ztPHD3.ts Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 305 KB
305 KB 31ms
31ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p_929_UEZ0UhsWZ3ztPHD3.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84bb7b9d0eb5476ded3cc4c767ae206ad8c9c78e22444f608ae4848f73e7c551

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:01 GMT
server: cloudflare
age: 1
etag: "635a009d-4c3cc"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b8bcc64b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 312268

GET
H3 200 71164333_480p.m3u8 Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 589 B
516 B 32ms
31ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f116c20c21be4369da738ed2ca44ff93a351d5ce9c0e6a8451389e44848690

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b8d2e67b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 71164333_480p_7064_0h2cP0wczjXuSati.ts Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 294 KB
294 KB 32ms
31ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p_7064_0h2cP0wczjXuSati.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e36b9592a7020eedf62fe5fec9e901414a4435360476245bdf61d0774161a2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:04 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 1
etag: "635a009e-49644"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b8d6eb1b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 300612

GET
H3 200 89192716_480p.m3u8 Show response
b-hls-20.doppiocdn.com/hls/89192716/ Frame D970 585 B
514 B 32ms
32ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-20.doppiocdn.com/hls/89192716/89192716_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e49b171c4f8099e9c2a8429b2077134b741c9d8af342a33b8d03ec46e2d0355

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b905b75b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 89443470.m3u8 Show response
b-hls-12.doppiocdn.com/hls/89443470/ Frame D970 574 B
512 B 30ms
30ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-12.doppiocdn.com/hls/89443470/89443470.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee826e9de23abdc965fc72a11bd6a1b7505cb174f5222b671d320d46249ccf5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b910c62b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 78136647_480p.m3u8 Show response
b-hls-06.doppiocdn.com/hls/78136647/ Frame D970 589 B
513 B 32ms
32ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/78136647/78136647_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e135b8d78d32b104a182fbb15dba1851f657ebbc39caeea08b2cc068e8ac28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b91dd82b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 78136647_480p_1278_tF2B5mge7vqkq7An.ts Show response
b-hls-06.doppiocdn.com/hls/78136647/ Frame D970 316 KB
316 KB 49ms
49ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/78136647/78136647_480p_1278_tF2B5mge7vqkq7An.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfb57889b8f1ec95f824d80916822dd740dbcfe3197212f2de682c431c31afc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:05 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
etag: "635a009f-4ee64"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b920dddb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 323172

GET
H3 200 79992438_480p.m3u8 Show response
b-hls-19.doppiocdn.com/hls/79992438/ Frame D970 589 B
515 B 31ms
30ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-19.doppiocdn.com/hls/79992438/79992438_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b8e342bd77a01c95d3cf3842e52c3ddf41a76f585b4fa6e4b1d76c797339d7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b936fd1b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 79992438_480p_1403_b9NZ1ofP0jlo4lr8.ts Show response
b-hls-19.doppiocdn.com/hls/79992438/ Frame D970 300 KB
300 KB 42ms
42ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-19.doppiocdn.com/hls/79992438/79992438_480p_1403_b9NZ1ofP0jlo4lr8.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5506cacc99c101d0e2b43b82f40d7c1e7794753d9acd41487f9fa7eb51bcefa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:05 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
etag: "635a009f-4af3c"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b93984bb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307004

GET
H3 200 80551434_480p.m3u8 Show response
b-hls-23.doppiocdn.com/hls/80551434/ Frame D970 589 B
515 B 29ms
29ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-23.doppiocdn.com/hls/80551434/80551434_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a556d58e2e8d6c9cc08aefba3ab420ebea32840b5d7dd9482b17cf027dd3d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:05 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b94fa34b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 80551434_480p_4735_31lMEI6zSyZ89e2s.ts Show response
b-hls-23.doppiocdn.com/hls/80551434/ Frame D970 316 KB
316 KB 37ms
37ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-23.doppiocdn.com/hls/80551434/80551434_480p_4735_31lMEI6zSyZ89e2s.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d2ea5473541981a738c29ed93898d51617b82cd6c08d0ab8ab1e0f56dcb24b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
etag: "635a00a0-4efdc"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b952a91b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 323548

GET
H3 200 75537298_480p.m3u8 Show response
b-hls-06.doppiocdn.com/hls/75537298/ Frame D970 585 B
515 B 31ms
31ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/75537298/75537298_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2f9ec2466a223469eeb4d8a1a6d6853b4fd601f7e7c06b472ddada9732b2f6e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b965c5db92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 89192716_480p.m3u8 Show response
b-hls-20.doppiocdn.com/hls/89192716/ Frame D970 585 B
512 B 37ms
37ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-20.doppiocdn.com/hls/89192716/89192716_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11bef8cb9276254caf5a952aa1a0d4aed7131a22804ed3e907535168f41b4241

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:05 GMT
server: cloudflare
age: 0
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b96dd1fb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 59689843_480p.m3u8 Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 585 B
517 B 31ms
31ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983765d8040b5e041195509d709c5c7a5968e71a7eeda26290ef23940d69e6f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b97ee77b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 75537298_480p_799_kgxVwx14HTothIvI.ts Show response
b-hls-06.doppiocdn.com/hls/75537298/ Frame D970 292 KB
292 KB 31ms
31ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-06.doppiocdn.com/hls/75537298/75537298_480p_799_kgxVwx14HTothIvI.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f4540e418a5a890b5636c72aa70193a9bce8bcafc8f3d9f3f13f8846aba0fc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:02 GMT
server: cloudflare
age: 0
etag: "635a009e-48eec"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b97fe86b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 298732

GET
H3 200 89192716_480p_712_lbE0vGtpZUi6XsLA.ts Show response
b-hls-20.doppiocdn.com/hls/89192716/ Frame D970 323 KB
324 KB 53ms
53ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-20.doppiocdn.com/hls/89192716/89192716_480p_712_lbE0vGtpZUi6XsLA.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c2a904f64fe59392ab7cd3423e79f9fe3282de2f627ebc37aacc57fe35ede86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
age: 0
etag: "635a00a0-50df8"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b97fe88b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 331256

GET
H3 200 59689843_480p_930_nmPiOoROoIt2oVww.ts Show response
b-hls-04.doppiocdn.com/hls/59689843/ Frame D970 354 KB
354 KB 105ms
104ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-04.doppiocdn.com/hls/59689843/59689843_480p_930_nmPiOoROoIt2oVww.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bfe5c38038fe87f634717ed78b61bd807d648a2460f1c543d984f65c9fbb73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:03 GMT
server: cloudflare
age: 1
etag: "635a009f-58668"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b981ec0b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 362088

GET
H3 200 89443470.m3u8 Show response
b-hls-12.doppiocdn.com/hls/89443470/ Frame D970 574 B
514 B 56ms
56ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-12.doppiocdn.com/hls/89443470/89443470.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee826e9de23abdc965fc72a11bd6a1b7505cb174f5222b671d320d46249ccf5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b98cf95b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 71164333_480p.m3u8 Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 589 B
515 B 31ms
31ms XHR
application/x-mpegurl 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p.m3u8
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fd9d9041f493fa28051e36404743b500f44d1fd81909fe7d2eea49348141dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:05 GMT
server: cloudflare
age: 1
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1, stale-while-revalidate=1, max-stale=1, stale-if-error=1
cf-ray: 76087b99a89ab92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 71164333_480p_7065_hLCC96McIbMo0EP2.ts Show response
b-hls-24.doppiocdn.com/hls/71164333/ Frame D970 298 KB
298 KB 31ms
31ms XHR
video/mp2t 2606:4700:3110::6812:37dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-24.doppiocdn.com/hls/71164333/71164333_480p_7065_hLCC96McIbMo0EP2.ts
Requested by: Host: creative.xlrdr.com
URL: https://creative.xlrdr.com/widgets/v4/Universal/vendors~hls.1607c4ce624b3d74b257.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:37dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48b66e09d589c928ff8973ba4e27def7ddbedf9d2c96d9c503fa32d87ee333d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://creative.xlrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:53:06 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 03:53:04 GMT
server: cloudflare
age: 1
etag: "635a00a0-4a8a0"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=120, stale-while-revalidate=1, max-stale=1, stale-if-error=1
accept-ranges: bytes
cf-ray: 76087b99d8e6b92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 305312

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jav.direct/	1970-01-20 16:36:42	Name: _ga_132Q2ED2FJ Value: GS1.1.1666842779.1.0.1666842779.0.0.0
.jav.direct/	1970-01-20 16:36:42	Name: _ga Value: GA1.2.233145546.1666842779
.jav.direct/	1970-01-20 07:02:09	Name: _gid Value: GA1.2.2001876216.1666842779
.jav.direct/	1970-01-20 07:00:42	Name: _gat_gtag_UA_135987574_1 Value: 1
go.xlrdr.com/	1970-01-20 07:02:05	Name: __cflb Value: 02DiuDfsBaY2bRYJiCeSF4mw3pyDiW7px5xg21MzRpBrC

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://js.boost-next.co.jp/t/004/317/a100004317.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://js.boost-next.co.jp/t/004/181/a100004181.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://js.boost-next.co.jp/t/002/669/a100002669.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://i0.wp.com/99avcdn.xyz/censored/b/287301_SDNM-327.jpg?w=640 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-nex.com
ajax.googleapis.com
ap.octopuspop.com
b-hls-01.doppiocdn.com
b-hls-04.doppiocdn.com
b-hls-06.doppiocdn.com
b-hls-07.doppiocdn.com
b-hls-08.doppiocdn.com
b-hls-11.doppiocdn.com
b-hls-12.doppiocdn.com
b-hls-17.doppiocdn.com
b-hls-19.doppiocdn.com
b-hls-20.doppiocdn.com
b-hls-23.doppiocdn.com
b-hls-24.doppiocdn.com
cdnjs.cloudflare.com
creative.xlrdr.com
fonts.googleapis.com
fonts.gstatic.com
go.xlrdr.com
i0.wp.com
img.ad-nex.com
img.strpst.com
jav.direct
js.boost-next.co.jp
region1.google-analytics.com
srv1.aaacompany.net
video.ktkjmp.com
www.google-analytics.com
www.googletagmanager.com
133.242.19.204
153.121.1.2
175.41.244.45
192.0.77.2
2001:4860:4802:34::36
2606:4700:3110::6812:37dc
2606:4700:3110::6812:3b96
2606:4700:311f::6812:3f84
2606:4700::6811:190e
2a00:1450:4001:801::2003
2a00:1450:4001:806::200e
2a00:1450:4001:812::200a
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a06:98c1:3120::3
42.124.124.32
59.106.233.149
000fe7f9fbba7908363a55d0fa802c5ca734e8a99c2e157ae941b5a4ca894202
002a4d23223a84c58b7aab29331abca923cefbc17a287b0ed7db0a42e3455e39
009fc1896060c835293e5d65d9d4470c8d70621a48b4697a03bf47c1927973f8
00bf3f4d6a434654f5643369286014f83d862f480b75a35b4901e1bc981816f7
014e2bdb3fff9d6ba9204693125c663471b48d39fde999671301d7dc8039de3a
01b218d0e18ca5fd713988ee3819a366be44145c932ad7ccc026f3412395fb0a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02f8938f4760c857f51f5afd59fe8f42cd8b3f140bafd3bcfcb2a5a7dd541ea8
03fe8aeff2a69dc110ff4d267829c4789b2825568491218d690284ecf4c73310
0652636ea247db7c206c8f345bff980a1c90142e27cb8a255023316d6f190171
071902c895e08874b55a92c171decb604992d0fe8a58095f3440a447e66d66c9
08262c3ee2a4012b9a4325efba33e8ee446516bfb1cb862a22e7e221c4fdb21f
08e1fddde9901c3161358d62d3cb389668cc6d3ae1e05d191d640c8254b11c82
0a738ae8e0a36ca09e5978869aed097111cd5a45c081bd510602a0d68a749b48
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
0c9142d64a8885e954464bb36b402f61a97947132da732e3161b275487ae93e5
0d098dad16bec37f5a2951d50367668bc11ecf788877b7f00cabdaa18cd8450b
0f2508214682054c118d394263fb96a21619c09425e686bc480b85bea5a4846b
11bef8cb9276254caf5a952aa1a0d4aed7131a22804ed3e907535168f41b4241
13ec4684ec9818d68b90f8bbdad62d7d1303f3cc6a93f24abe1238671c416fd3
15fd9d9041f493fa28051e36404743b500f44d1fd81909fe7d2eea49348141dc
16b80d4db67b106ccbdf440deeb10fea86e205f4832eb1ecaad27cf720a3c751
1805b1f1af150245d22ad94aec96c8cc8ff81f617f22430dccae7dbf446b0894
194fea35c30f85825e63125f3efe2865407e6bdbf578fe8a2067eb1ce20d0f92
19625f048f503b823aa45eb397fcf70c51a8256ea72f16f26c305e01eedd4054
19b914e165b922b7c082fe2279e139f424f8d186f5e01eecd7f675ea78370f66
1ac22ed40b473ca2dd510b2cbe084e0a18ad1145312da6bb63a6312ab36da7d4
1b9ef402d2b8624a63b8b6cc0df6e5e847689ddd8e00c2631d7ef2392a7e1c7b
1d8a42464121fe72fa22207e7cec3c34320a96b2767f9e8766b785320f95c044
1e72eb94b982d12ec117a7eda90e5a39dbcbc84cebe1a415b2594a3b14046e75
1ee71becf48accfc1cc6c57a9d577747e1cf06951ab2c6c77b1ea56236e5d312
1fd24411bb5510d7d77b3213f237362c2405377f51c4ba3e3f4be47423ff6207
2216c68321722d48dfc3915b720dc9b90527665c7b23f3859e067d67692273cd
2252e14f1c4b539590dbe4e767fad5ae3035cae9e6a0ebe49691e977b1c883f4
23a782edfbd111ba08a4836e27b9eae430d184280f229407a1de7ea3e6c0f1fd
269ee2c0c39055d93a76acbbb8f7604a983ec3bf1565f2f5d9a106b808380f91
283393f0f29c30c6a2b8341eff59c30e0b2bae24ac18d2718ebb3c1ea1db09f8
29e84bf41dd2bb54ba1e127cf41264aea771ab46ef0c48ae4c49931fc67a6dfe
2d5603ae7114d49f67464441c0f57b3e660cf750b43174ca4ad44466e409d82f
2d5783126d77bab981a0af1d207bcfce2850d20497446b1ecbe5175969c9af75
2e36b9592a7020eedf62fe5fec9e901414a4435360476245bdf61d0774161a2e
2e5eb3a87f1de0bc7fbd7a18daf500d0aa1ebef568a69244362b5aa7bff71acb
3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1
332f176d977c82978952ed6d251f60b1f9da86f22b3a258f096126a0cf0ecb8a
3359b6fdf8f25f04b8087416b6b6d06b16d4e68fbca625b48e43c4d664f37099
3503276e2f10b564ef3fa2b56e092e3b951c51544c385a57f88fe9624d3ad055
360a20a46deba8e900c8182b30be23708d798807a0f2b573f9997f1c62ad0474
3682d9f2d9e3b4583809cfce123786769e51a8a63241e2bcb7a1169c93b17598
375a69212e6ce1e917654054cd2cf3e2b308f141e36ec08e51607d87193879b4
394230b85f2ea4c8afd90284c504db7dea3331af3f0d9797cc6cf0d7044e85a7
396ce3177fe5c1798b9a3285d36e470547aed193093ff23926931b2dfa8ed848
3ab70839c9873cad09e01e31acdf6a4975d7de69f1e616ca7459ae9ad42efaae
3beb45c5201b952fe178ffd2b7be10090110fc267beebc0c2443f7d9f06e949d
3d9b8707482df2a33600f1d2086cf29adce3dcca5255350f50dc4c12fbcc5cee
3e176c43cdbb2c2086f235770f7100b27e55a0b3f9abccc36aa024f45bf33817
3e73e82953511c91a832851d5de4836c2cfbcc0e6632fee7589c8466733f624b
3eb0266c64407e1e49fc1d01d2a2ed40af97717a057f74922d9a61cc822e3ac5
41705acc9cf3971b43326111bc8f30710fd0107dbfc83ae5d3634ee31360fb57
42c6a1dbb4eebc5faab85994a831fe1a2e0a860f8a70bc9c990f1191eed5a0c1
435e2fdb276488605f14195823d3c4d4c87da051cb5f2882c9fca491dc572ef6
43d66d7ec0a4036600bc3cfdeaab759d14946f73852df6956090b16c81f8119a
4618235b4ad3f3b65ec47ab5264afe3c7b7499e3111d61ffa9fba986ff31f604
49d7f2c7cabc989296006f823a67c007f975ddccdbbe91d9f0b67dc2c320d3bd
4b04ec209c248d5c8b8c05d0544f2d4d33f6d53a24e88f0645e0ce34826b58bc
4bb6fc4b6356569f1ed8d939c7b29cd0fadb5f966153c55a313312e119fc28bc
4d40ee9ac45d1223c18206b3fe66d56739f1a2a5b07f9a74d6053e83b22bb91a
4e49b171c4f8099e9c2a8429b2077134b741c9d8af342a33b8d03ec46e2d0355
4f3f422c63e0eb7c789ee005c21baa9673d71051367ac98a4d5db271fa405506
50897f2e280e88505c150dc8537dddc4bceaac0388e23d8ed44c389ba387001d
520505304d2d20a9391a851ef394b7e86f570faddf9fad68cd893cb6e2791061
53ca6a8fb2aa888c91fca05f40003a73e21ecf4200d90aefc62def53152895f3
56d31838cb90e196f86dc55b17e8297a5c36436fab92741ddd2f28df889cd91a
57e096df82a102f10ed5fcb95753450de991867b64dab80276410b0d61d7252a
59d8a416518f7d863010061933e8e7cbb2b4d323310f4cc5c4fb6817fee2b5c1
5df63c76f98f0f7417bc244aba3adb995bf982b80270def94aa25c63af095f7f
60292e7162b2a8fca35d9f1282f8204d5a5b0bf6344df2c9699d7def66f89146
61693998b38b3395108b8167891a4927d2fc674d7b20d5d78e6b0526505af00c
621bb84a54d9bd74726864af45fe5fb634d83210a276a51a7e4d51e3b0252e46
6262287aefb2edf5062c2158752582fc4f29578fcf5e200f131b7a097c79f335
62c580bbbf9ea923daa4d5dd2a272469173da1b35fbdff594fb76a2630c02a14
62e9db01cebba872e7cc67b322df3519886bdae3c8edef9db21d3679b74e14a2
64b5e2c06548357a0019b2c42020a33fbc38df1b10afcdcd529b623437d8c7e1
668e6f8a29d0bad03dd193213d3db5f7ac2c7a3abf4b4157d0ff03472c8c8083
66c2936d41727fc72548ff21dbc45783904e6e0bf7b25e569b6eeef90f94d1f2
682cfc635bf5299f1b03b66c42034377444e142ce0b217aec133428f89492484
6832fa4959b1e1745a11928701a5ec37da26a9422dcd0b6cc6eb7eeabf40e7e8
68d5bef571c6a9e14d8a182bc2ed9cbe64d353a86dcba0387440760cbeed8f53
69e135b8d78d32b104a182fbb15dba1851f657ebbc39caeea08b2cc068e8ac28
6a25e432bcb35ebe439d913a099d7bf18cbb8674e4bbfcd2b57c76ffe4e1ca83
6aa4b5ccf3715b75625bfd974249ecadb3ebcbc2109770cb583c2f064e52f0ba
6b238e51823ba8e88a314019b715830e99c8fe6a441b5372fe0f35a1a995496f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1f5faf8b46547c48dfeade948717bff13df9a8542be5f03e2f540d19092547
6de619998d7dd33a67b45b9e61cb692749b82b283aea647162a05bd2d7999acc
6e4f0ff83b407aad615289766b5a5d69a148880a8e9de35d5738af245521ac0e
7028a687ad4bf4ada6c0f9155fbc195c1cdf63d2df78938eea05ee09f879e685
72a9154d6ec23482366dbe9cbb1e06de4cd6863a9fe2f9cafb75cbc8c6375eb9
72aba7fa3171c7e9ab275bc4d9bc91ccb6610ca6f047c91fddb46e881a4dcd2f
73942e99ba1619c78f0f5c8f330a1fae0a38914cd46e32cb0e6357adfa8e44ab
7568f342e911567ca1f444d607e2d637516bed16ff41fcd0e2da1e59bd168d3a
75c7598d378779775958a7118cad9b0d2385424aefc98760068761c9892a909a
7621cb43749ca44e5b1a23f1d8ae1c5be5892cd282421be6605399fb762aec6f
76f116c20c21be4369da738ed2ca44ff93a351d5ce9c0e6a8451389e44848690
770ab21c0e2f58a59dca5f46574cb146c5c7a5799ca938210b2720cf3eb9fd64
7797ba12aa72a54c39f42553a33d3e156c92732555d57290a6811f39a6135295
79f01edaffa0646a0461c150856789e0d7546a56538d2d5218b8d803d0deecfe
7ac3b1c457b6570ea82b348144cdc8f3f6a9d848f041c536795cf3e9e826dece
7c2a904f64fe59392ab7cd3423e79f9fe3282de2f627ebc37aacc57fe35ede86
7d7d1d029d6499c5e6947ac63e6def878425be23a7ae62d9a810abbced4967ad
80a970163defc751281b017f877766217b0f2fa0db2fc259e0be9523d16eda40
8175f0d67fffd9c42e7f46cd13f054bdee56c4d055cbc16c2f4f5eec08a309c0
84bb7b9d0eb5476ded3cc4c767ae206ad8c9c78e22444f608ae4848f73e7c551
8670e0365a11c2951da60262f1389a48f7e124a2b135efc90193efc3ffc737e7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ed914275921a9f72b9c34b7f45d8031075149c2b8b653ee7e8e8aec1c3b374
8a67ec49699d94f37489b62d31cb452fa3744eae0cc4363d73a31215db60f1d7
8b06832b3461d248ba6a201c3a3d7bfae8776092d20a1ee222a96fd8df8f02a6
924fd261c75be7e4c5b8d84d254e2c8f474ea2607549bd6f9b2a0eb83e3b97ca
932a590c370c7eb2f0eebb3f0a7b2533696c3b87972da7011897c332343afb58
9392044dd1de61a4de2b91fcdee2253700374b0f0f8012e1635e593a36bf760f
94392ee65edf4a0c6771680b01b2ebbc9028d409cdb6ae5d9751fc564f8e6c0e
9627924cbf0248685d2b018373d28a3ebfbe2c6c7a8f1bbb3449069f39d53c9a
9644832cd82d985903188bb9f7a08dca84fcd94215e6f0ba29a24069aa379774
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
983765d8040b5e041195509d709c5c7a5968e71a7eeda26290ef23940d69e6f7
98f677aa49eae745d0772b605e6b0f34e19f8966cc3ce134b6b5cde810182c71
9996acfb8a70af416faa9c72fa12aa6820e18fc51b368a759a00211ef6fdea4a
9a514d01bdcbed2b81dacaa3fa597cea4888541ab8d7ceadeaa73d5aa0bbdc70
9b8e342bd77a01c95d3cf3842e52c3ddf41a76f585b4fa6e4b1d76c797339d7b
9d2ea5473541981a738c29ed93898d51617b82cd6c08d0ab8ab1e0f56dcb24b8
9ee826e9de23abdc965fc72a11bd6a1b7505cb174f5222b671d320d46249ccf5
9f2f7b5c689edc0c26d5a42c515f232f7ddf5def1dd581c29f65d0fbe385858c
9f4540e418a5a890b5636c72aa70193a9bce8bcafc8f3d9f3f13f8846aba0fc0
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
a36524cdf4681afed2ffe025d87c3843ee1f6bec6f60c1eef9eeb400e91c973d
a3aa9ade9f6c90e84da77a52f1999c63093c968341bbb4065046a25d68aa1dbc
a48b66e09d589c928ff8973ba4e27def7ddbedf9d2c96d9c503fa32d87ee333d
a66d62e05af443a3f6784c28e0c212b6a0cbe112a26564928741fccea44a896b
a8faabf81d60b9c3c0e4523814becd24865f15e6e75669d4862b1c2865df7ba0
a9654966572d429caad715a7836219837537345123faabd602f57dcedd293882
aa3d60698df20eaa7b5ca2e74540492d83eb5eb853d3ac50be08d14230de9e8e
ac3922bc0a779a6a5cb7ee8396be4ace9fb792afd9e861934a0debe88995bc2b
ad2b5fd38c34f7a2c1afd575f051f6b6d83dd8cc814a68ab4f793b1759f76c56
ade956aa3ae837dd872c34366aa34aaa91c1241b13aaae810117fd0855e6fd04
b0535542e64a92a1ffda5486c552ea11a1739044cf079f5904f389e691f75b05
b225fa7ee31875f4209c48f08aa201df694cb5beda3ce1e1dd6fe5ff90408442
b2b8cbd76cb2ccf0da5846457b85be561ddd45fdb2160a4ec85705c481fe1096
b2f9ec2466a223469eeb4d8a1a6d6853b4fd601f7e7c06b472ddada9732b2f6e
b33695c3b048eb06bd12503d995f373babea01e39af4a1d8a45bd2ef77468e6d
b3a556d58e2e8d6c9cc08aefba3ab420ebea32840b5d7dd9482b17cf027dd3d2
b3d0ba1430c3d3a2f15e40e096de1052d5e7eee18fd310938861876c72e60ff6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b476b4954d5a053c447d528facf930ce7d87af2854a094a16f6cdde8806631cc
b8925170ef62d53ba4a73fb70e441d9bb370e8582d27a78cc2cf78198e7c0b43
b92579e44937686ef0dfce34f42cd9074b6830aa8535ea12826c072a68206812
b993e0a8190d4a8de1f8eaf69c449e1ccb6b9484a5feefc6de9b50b6a184331e
b9f44cf9c77003453db338c1f0d419f282a69fda01b2c30759e458047ac0d7da
bc47e4837502bb444112c33d79e211887ffa6de5dd733bfdc7807ab2b4a6069d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd6204f07e4058d13b959283546d6823364d73292f10cf8aaf754f1f54c0fcf4
be2b456dff807092e7ae796357182b18fabaf119f98e099a97684311b1fa04e8
bfb57889b8f1ec95f824d80916822dd740dbcfe3197212f2de682c431c31afc0
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c384f81ef95aeab96bc3cf7eea5a2c8c9c3971123250ef759003873f9113a376
c3aee03b2c2136357d1bb99f167403ab5040f30bcda170fdb09c9f7159d4fdde
c3c32e2750a681aeba821149626067612acfd15fb0224593748652f5cd7378c0
c4c8294b268aec0a16dd2d640cddda3ab8ba3430e65da8c0d1954a579c32de5e
c5404ebdaf6e380b089278bbd30a58a7ac2be5b5d678f350e45266de3a28fa37
c6a4316911f672a7dccac438b462483dbdb15fc5c187cdbe4d5375394ad29442
c6d0993a2ea843703f6faba44a78d2cc6453255cff27a722c7ac18c9aa999a56
c7d91ac40ac3878ada6d2032c56700965c6fffa6d17b8b4e5781793c52e597d0
c8922dad33ecf57d632e8ad7710f632cd1c07dbc149e2fc4a3d3af2d7eaaf509
cdaa43aa61087056150974e6f6f9f489a9a090309c13ca47d685fb8de4f73bbe
ce4482ef66c2e7d0fa0fb641e355686f8add440e81e6032b7c284170fcc6e6c7
cf9ae6be7f87dcf54d29e17fba565e46034ff417cebc77eb3e0045534d557c07
d07dc5cd86bae282426289b439034271c69ba75375367097dd018b9ec2cfd57c
d0f431b05b054eeb52da1419e1c0e6a62e0046e52a05364cb5e81aa8d8cedeac
d104005822c4697b7f04c33ddf3bf778a73480dec410b18d37811beeb371c6fc
d1bfe5c38038fe87f634717ed78b61bd807d648a2460f1c543d984f65c9fbb73
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d298b9954f7a2546984fc2ea1128a6be842a26479cdc24bdd55c3833a01b64ef
d43ad8ddaafb1eec43d6eb8c31ba4a615c6e6b50097f84af9f819d5a68d7deba
d4419dba414e1bc85cc4db4b750546af18ae048fdbb1ba627edeb6d4355d3af5
d49d24b86a510891c46765cd258713565bef6a32b07291f9ffcc45033e6d72bb
d6cda2a9ecbce025519397dcf09340097f89391b5166f004813bbb01bee17ee3
d7f33bc2b963ec8885edcaeb671d13bf53d3b08dbdcd9bcab73dd6c1400988a0
d7fc083dede8129b75216c3d536bb5340a61ae5c0ca8a8b8dafd8e88788d3d88
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d9c6ae56f8ee73ce2607968dc211a8d899e9f6ad0bad00cba7a8ba9b0f1626d2
da2f043e42b736f89525276429e49fba445b1aaf7d5e521aa1dfeccabe2fe2ce
daa9acb11fe36d44b1630cd5e6a054e7f6c4ed2f52af03eb84b3d36470394395
e00c81783a88368c42ef9d6237840a781caa7c8513266341b87f238aa5a3848c
e02b58688ab9781c6b83463d1ea9fd197e79a54e6110f4654f90e08982ba8f88
e28b2683f6d8a1827d834a03be577a432e46a503475ca1e86f74b0a24c1e95d1
e2dc983081a69a507a9edb203da57734bc347e99ad57c2960d2e3f0ad3b3fafa
e31854139b7c0712ee61758157a864ca588c7ff5d24afcf75b0275583dd3f333
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcaa82d905f675a02080c66ca7de22453239e8ea536977a22fd23c2f4308d6
e4f0245287798fd0c2947832d2c17c6d88a8365d1e54e566ab5ef378e794733d
e86f981dacdad91e46d771d3c77991aa72de116f7ae0b835b2145cddc2f094bf
e8e62370c1e9d5a3b580b550019afa6b2408fd6a1349c00c51522adb74843ecb
e93ae477d1ed27b1448b28d4507f2bb32b1c13f1b09c22cdb4e3fd16fe039e1c
eb35797431f0e49d3c0ed064e0937265dba901fffabb1cce46fda19ce57267c7
eb4be7710947803be36393a742d29f56a4f8200477f761049ab91e205f95bf86
f218d7730dffba6702870f6fdbd1aabb8f96f7a6fa3f8415f9a10744d5170e2b
f4fe74f586a177f294e62aa9edc995078aaa405e8d6415e7587c95bf57b81213
f5506cacc99c101d0e2b43b82f40d7c1e7794753d9acd41487f9fa7eb51bcefa
f5ce06360d06c5b7284499fe556a3151ddaa6036ec82ad58c2882e65be6d301a
f6fe00413319dba11d3e86a10c0151dabe9929f439cbc0553f84fd320e5d124a
f8e7c850b2851d0974ed88b964e58e88b40ff175114eb0f3c96768b059c76ea6
fca9c225d542a2ce51be9cb38f58585d80c3ee084e1053e8af4b98326e3e6b39
fcc07cfa21e2353a8b6a9ded6a59a01cfd511bfd887b62ea9a8268cb0d54fa1c
ffa6a4486a3632fdbdb7450749f4f36b94186cafa30f65e2b0fc51ae310936a5
ffd37342a23015141b4e4a5698b0f69b6c1979dea5c5d4f946113ff4b24e9991

jav.direct Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

228 Requests

96 %HTTPS

65 %IPv6

15 Domains

30 Subdomains

18 IPs

3 Countries

14564 kBTransfer

16130 kBSize

5 Cookies

3 Outgoing links

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

jav.direct Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

96 %
HTTPS

65 %
IPv6

15
Domains

30
Subdomains

18
IPs

3
Countries

14564 kB
Transfer

16130 kB
Size

5
Cookies

228 HTTP transactions
0 data transactions