URL: https://ggjav.com/main/video?id=25828
Submission: On May 11 via manual from JP

Summary

This website contacted 36 IPs in 5 countries across 24 domains to perform 205 HTTP transactions. The main IP is 167.99.26.195, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is ggjav.com.
TLS certificate: Issued by R3 on April 18th 2021. Valid for: 3 months.
This is the only time ggjav.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 167.99.26.195 14061 (DIGITALOC...)
2 2a04:4e42:1b:... 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
13 104.149.173.134 40676 (AS40676)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.211.229.245 60781 (LEASEWEB-...)
4 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 185.98.53.17 39572 (ADVANCEDH...)
5 95.211.229.246 60781 (LEASEWEB-...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
5 199.232.196.134 54113 (FASTLY)
1 ()
1 5.45.85.51 58061 (SCALAXY-AS)
1 2a00:1450:400... 15169 (GOOGLE)
8 31.220.24.176 39572 (ADVANCEDH...)
32 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
36 2600:9000:211... 16509 (AMAZON-02)
9 151.101.128.134 54113 (FASTLY)
2 185.75.253.87 48684 (VIKINGHOST)
1 2a00:1450:400... 15169 (GOOGLE)
1 94.199.255.192 48684 (VIKINGHOST)
1 2a00:1450:400... 15169 (GOOGLE)
19 66.254.122.35 29789 (REFLECTED)
3 2620:1ec:46::45 8068 (MICROSOFT...)
12 195.85.23.226 209242 (CLOUDFLAR...)
6 66.254.122.19 29789 (REFLECTED)
2 151.101.112.64 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.33.221.11 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
205 36
Domain Requested by
36 c.disquscdn.com https-ggjav-com.disqus.com
disqus.com
c.disquscdn.com
ggjav.com
tempest.services.disqus.com
32 static.javhd.com r.trwl1.com
static.javhd.com
19 i.bongacash.com promo-bc.com
bngpt.com
i.bongacash.com
18 ggjav.com ggjav.com
13 cdn-1.ggjav.com ggjav.com
12 i.bimbolive.com promo-bc.com
bngpt.com
ggjav.com
i.bongacash.com
9 disqus.com https-ggjav-com.disqus.com
c.disquscdn.com
8 api.trwl1.com r.trwl1.com
api.trwl1.com
6 db.bngpt.com promo-bc.com
bngpt.com
6 adserve.work ggjav.com
adserve.work
5 syndication.exosrv.com ggjav.com
ads.exosrv.com
4 r.trwl1.com ggjav.com
4 s3t3d2y7.ackcdn.net ggjav.com
syndication.exosrv.com
3 referrer.disqus.com ggjav.com
3 cdn.ggsfq.com adserve.work
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 apis.google.com c.disquscdn.com
apis.google.com
2 connect.facebook.net c.disquscdn.com
connect.facebook.net
2 promo-bc.com syndication.realsrv.com
syndication.exosrv.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 https-ggjav-com.disqus.com ggjav.com
https-ggjav-com.disqus.com
2 cdn.jsdelivr.net ggjav.com
cdn.jsdelivr.net
1 glitter.services.disqus.com c.disquscdn.com
1 ssl.gstatic.com accounts.google.com
1 ib.adnxs.com c.disquscdn.com
1 www.facebook.com c.disquscdn.com
1 tempest.services.disqus.com c.disquscdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 bngpt.com syndication.exosrv.com
1 vidoza.net ggjav.com
1 syndication.realsrv.com a.realsrv.com
1 www.googletagmanager.com ggjav.com
1 ads.exosrv.com ggjav.com
1 a.realsrv.com ggjav.com
1 a.exosrv.com ggjav.com
205 35
Subject Issuer Validity Valid
ggjav.com
R3
2021-04-18 -
2021-07-17
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-05-03 -
2022-03-26
a year crt.sh
exosrv.com
R3
2021-03-23 -
2021-06-21
3 months crt.sh
realsrv.com
R3
2021-03-23 -
2021-06-21
3 months crt.sh
cdn-1.ggjav.com
R3
2021-05-06 -
2021-08-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
ackcdn.net
R3
2021-03-23 -
2021-06-21
3 months crt.sh
r.trwl1.com
Sectigo RSA Domain Validation Secure Server CA
2020-07-10 -
2021-07-11
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-09-24 -
2021-09-24
a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA
2020-04-20 -
2022-05-09
2 years crt.sh
vidoza.net
R3
2021-03-26 -
2021-06-24
3 months crt.sh
api.trwl1.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-06 -
2022-03-07
a year crt.sh
1079288232.rsc.cdn77.org
R3
2021-04-14 -
2021-07-13
3 months crt.sh
a.disquscdn.com
Amazon
2020-11-30 -
2021-12-29
a year crt.sh
*.promo-bc.com
GoGetSSL RSA DV CA
2020-08-06 -
2021-11-04
a year crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
bngpt.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-19 -
2022-04-18
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
*.bongacash.com
Sectigo RSA Domain Validation Secure Server CA
2020-03-05 -
2021-06-03
a year crt.sh
cdn.ggsfq.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-09 -
2021-11-08
a year crt.sh
i.bimbolive.com
Cloudflare Inc ECC CA-3
2020-07-05 -
2021-07-05
a year crt.sh
db.bngwlt.com
GoGetSSL RSA DV CA
2021-04-15 -
2022-04-15
a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-26 -
2022-05-28
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
accounts.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh

This page contains 26 frames:

Primary Page: https://ggjav.com/main/video?id=25828
Frame ID: 6505DABE3527640E81229B079DBC9340
Requests: 49 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3872284&type=300x250&p=https%3A//ggjav.com/main/video%3Fid%3D25828&dt=1620704197511&sub=&tags=&screen_resolution=1600x1200&sticky=1&cookieconsent=true
Frame ID: 62AB583AD90E2770D9812D6CF9DB2AD6
Requests: 1 HTTP requests in this frame

Frame: https://r.trwl1.com/s1/1c0daa29-0650-4d39-bb09-b4b0095d026b
Frame ID: ACA1F4A6E6CF9D3707022B2FCFD84E48
Requests: 3 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378943&output=noscript&type=728x90
Frame ID: 16F18792775AA775E57C98C3509FA95F
Requests: 2 HTTP requests in this frame

Frame: https://r.trwl1.com/s1/2f362848-e3fd-4ccd-b0aa-d0e79a024930
Frame ID: CDCC283F502F7F1577CC4FC58CF8D2BA
Requests: 3 HTTP requests in this frame

Frame: https://r.trwl1.com/s1/36ebe0b5-1868-4e89-9893-d8c9d11225c1
Frame ID: 90E627EAD836CAF07498946B6BA44AB0
Requests: 3 HTTP requests in this frame

Frame: https://adserve.work/www/serve/afr.php?zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: E499AA1DCDF9449913EDBA075342EEEA
Requests: 3 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378961&output=noscript&type=728x90
Frame ID: 65215FC36A836FE140BAB189F006D23E
Requests: 2 HTTP requests in this frame

Frame: https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 49FC66EFCEACBF85CCFB0B4BE729C84D
Requests: 3 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378965&output=noscript&type=300x250
Frame ID: ED858E24627A68C4569531DC9102057D
Requests: 1 HTTP requests in this frame

Frame: https://r.trwl1.com/s1/a1500a36-08ca-45aa-b149-35e6be36e59b
Frame ID: C03952DFE3CD05AB9B4E407671D8EE2F
Requests: 3 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378971&output=noscript&type=728x90
Frame ID: DA9955F334537093EDF9473763A4E155
Requests: 2 HTTP requests in this frame

Frame: https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 32367C69FAFD0AFFA0EA0C78A350653E
Requests: 3 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378979&type=300x250&p=https%3A//ggjav.com/main/video%3Fid%3D25828&dt=1620704197552&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 1C08E4C8E3C5F361D92C932F0E18BC20
Requests: 1 HTTP requests in this frame

Frame: https://vidoza.net/embed-npc23203ituh.html
Frame ID: 1A46EE13940A327177A7FEC634113146
Requests: 2 HTTP requests in this frame

Frame: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Frame ID: 57CD0F78919841271FA8FCEC7C5C22E2
Requests: 8 HTTP requests in this frame

Frame: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Frame ID: 33F3E1E65259B448E83D9B00379AA4E9
Requests: 8 HTTP requests in this frame

Frame: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Frame ID: 7AA57587567D87E689CBFBB6F36D9B43
Requests: 8 HTTP requests in this frame

Frame: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: 990198B0A40306DFF471BB336AF7BF25
Requests: 14 HTTP requests in this frame

Frame: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Frame ID: A6B89C2A14634803D9D7DF84E3B989F9
Requests: 8 HTTP requests in this frame

Frame: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: EABDBB3AF9D49C929D0303E2C1E2845F
Requests: 15 HTTP requests in this frame

Frame: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: 676407D3929E626D00206D8B8BFE1CDA
Requests: 14 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
Frame ID: F010CCC4998532085764069F9C938A0D
Requests: 31 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV
Frame ID: 5C5655AE82CEA8419C395FD394D777A9
Requests: 16 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=https-ggjav-com&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231779ba&colorScheme=light&sourceUrl=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&typeface=sans-serif&disqus_version=7a78382
Frame ID: E1A29D64D47A19CBFE0C0FD2F8005C9B
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 4EF7506E9C1354823AE957F8FAABC28F
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

205
Requests

100 %
HTTPS

51 %
IPv6

24
Domains

35
Subdomains

36
IPs

5
Countries

9725 kB
Transfer

12986 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

205 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request video
ggjav.com/main/
72 KB
16 KB
Document
General
Full URL
https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
4da1340484480b1931389ad8231371d9bc59291957a0abd891931a41065369d5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
ggjav.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:36 GMT
server
Apache
vary
Accept-Language,Cookie,Accept-Encoding
x-frame-options
SAMEORIGIN
content-language
en
content-encoding
gzip
transfer-encoding
chunked
content-type
text/html; charset=utf-8
jquery-3.2.0.min.js
ggjav.com/resources/jquery/
85 KB
30 KB
Script
General
Full URL
https://ggjav.com/resources/jquery/jquery-3.2.0.min.js
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Sun, 01 Jul 2018 11:27:12 GMT
server
Apache
etag
"15244-56fee5cb7c400-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
30115
jquery-cookie.min.js
ggjav.com/resources/jquery/
1 KB
1016 B
Script
General
Full URL
https://ggjav.com/resources/jquery/jquery-cookie.min.js
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
af14507fb9d30eac2ad0cf5f66da5a7309c234813d5c2c8f46375691262c23b7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Sun, 01 Jul 2018 12:04:12 GMT
server
Apache
etag
"515-56feee10a4700-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
699
foundation.min.js
ggjav.com/resources/foundation/
121 KB
28 KB
Script
General
Full URL
https://ggjav.com/resources/foundation/foundation.min.js
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
afa993849834f47f7f9fcd9d10887e872f53f170ad4add67a7f3dd86bbfac8de

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Sun, 01 Jul 2018 11:26:00 GMT
server
Apache
etag
"1e277-56fee586d2200-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
28309
foundation.min.css
ggjav.com/resources/foundation/
70 KB
12 KB
Stylesheet
General
Full URL
https://ggjav.com/resources/foundation/foundation.min.css
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
b21257d1755a8bb358a7d77efd8284ae79ce62a515eb9a5f39945d42cc3f932d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Sun, 01 Jul 2018 11:26:18 GMT
server
Apache
etag
"1190d-56fee597fca80-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
12325
motion-ui.min.css
ggjav.com/resources/foundation/
16 KB
2 KB
Stylesheet
General
Full URL
https://ggjav.com/resources/foundation/motion-ui.min.css
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
5776b43e90c2127750310aac892c04bd90f1854b0a7e924c64cca850733c6609

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Sun, 01 Jul 2018 12:05:46 GMT
server
Apache
etag
"3f92-56feee6a49a80-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1460
foundation-icons.min.css
cdn.jsdelivr.net/foundation-icons/3.0/
17 KB
4 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4583267bc4084d808f5832f3397b30913b0fbb5b637801363326fb2a277f2416
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4074694
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
3542
etag
W/"440c-3pFuUHv0dYilm9845JTufYMiDIo"
x-served-by
cache-fra19171-FRA, cache-hhn4064-HHN
date
Tue, 11 May 2021 03:36:36 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
ggjav.com/resources/
5 KB
2 KB
Stylesheet
General
Full URL
https://ggjav.com/resources/style.css
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
8fdb97e8c7692fd0b557d14c959f97e0babc5ad98bbeafbba792f3c07b579d7d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Sat, 07 Mar 2020 15:50:49 GMT
server
Apache
etag
"1511-5a045bbe3a840-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1284
general.js
ggjav.com/resources/
0
261 B
Script
General
Full URL
https://ggjav.com/resources/general.js
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
last-modified
Thu, 02 May 2019 10:07:12 GMT
server
Apache
etag
"0-587e4cc36f400"
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
0
zh-tw.png
ggjav.com/resources/icons/
465 B
717 B
Image
General
Full URL
https://ggjav.com/resources/icons/zh-tw.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
e59c331045b010a83f46ad25c592cf3f5415271b612fc9db8d32cf9158447dc6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
last-modified
Thu, 08 Mar 2018 15:53:18 GMT
server
Apache
etag
"1d1-566e8ac9d7780"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
465
ja.png
ggjav.com/resources/icons/
258 B
510 B
Image
General
Full URL
https://ggjav.com/resources/icons/ja.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
ff5fd14ed13e3d969bfb7cf1bdb27c727278bb4072a2339cb1fd9ddb3f5daa32

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
last-modified
Thu, 08 Mar 2018 15:53:04 GMT
server
Apache
etag
"102-566e8abc7d800"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
258
en.png
ggjav.com/resources/icons/
243 B
494 B
Image
General
Full URL
https://ggjav.com/resources/icons/en.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
2c7af36e895f9c7c21b868ec48c526b56966965850049f1afddf5f70e2b9e3ae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
last-modified
Thu, 08 Mar 2018 15:53:02 GMT
server
Apache
etag
"f3-566e8aba95380"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
243
logo.png
ggjav.com/resources/icons/
7 KB
7 KB
Image
General
Full URL
https://ggjav.com/resources/icons/logo.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
6c92cdc1fb99a70a3d507ea27caf85f23da6b5f679c134eabeae3ed36e66f7c8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
last-modified
Fri, 10 May 2019 16:09:32 GMT
server
Apache
etag
"1ae3-5888acac00700"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
6883
video-slider.js
a.exosrv.com/
35 KB
10 KB
Script
General
Full URL
https://a.exosrv.com/video-slider.js
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
efc3eb831357bb9a7c73eae7d1966953e1ae40aff117c38318a5a7bfaf5c16d6

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
gzip
X-HW
1620704197.dop246.fr8.t,1620704197.cds136.fr8.shn,1620704197.cds136.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9472
js.php
a.realsrv.com/
5 KB
2 KB
Script
General
Full URL
https://a.realsrv.com/js.php?t=17&idzone=3872284
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6182db5be8c1693fdcbdb10ae20fd9098ecf42cecd38e06c406ac08a824eb713

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
gzip
X-HW
1620704197.dop098.fr8.t,1620704197.cds239.fr8.shn,1620704197.dop098.fr8.t,1620704197.cds290.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1871
large_25828.jpg
cdn-1.ggjav.com/media/video/
105 KB
105 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/large_25828.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
354bf9d2d3c97dc00a7f766cef6b5125a67dbccad4f2f003d2ca8c951585e45a

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Wed, 05 May 2021 17:58:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092dcce-1a2bb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107195
Expires
Thu, 10 Jun 2021 03:36:37 GMT
Facebook.svg
ggjav.com/resources/social_flat_rounded_rects_svg/
475 B
582 B
Image
General
Full URL
https://ggjav.com/resources/social_flat_rounded_rects_svg/Facebook.svg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
fadd0e82b4162d374ae3a21ea4d60ac35328835f16667377036e57d8d5e9f321

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Thu, 08 Mar 2018 15:53:34 GMT
server
Apache
etag
"1db-566e8ad919b80-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
313
Twitter.svg
ggjav.com/resources/social_flat_rounded_rects_svg/
2 KB
1 KB
Image
General
Full URL
https://ggjav.com/resources/social_flat_rounded_rects_svg/Twitter.svg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
3470bf4b2062803a4162e2eed64b9cf6351f0a9952639c31d2d2d402902fce16

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Thu, 08 Mar 2018 15:53:26 GMT
server
Apache
etag
"61c-566e8ad178980-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
862
Tumblr.svg
ggjav.com/resources/social_flat_rounded_rects_svg/
724 B
729 B
Image
General
Full URL
https://ggjav.com/resources/social_flat_rounded_rects_svg/Tumblr.svg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
ac5fa500ba37dbc3e5889d62f5eb2f91320b6b66808601a6091c2e4a7f8ef65a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Thu, 08 Mar 2018 15:53:32 GMT
server
Apache
etag
"2d4-566e8ad731700-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
460
Line.png
ggjav.com/resources/social_flat_rounded_rects_svg/
3 KB
3 KB
Image
General
Full URL
https://ggjav.com/resources/social_flat_rounded_rects_svg/Line.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
09cf67ac56ec3e2dc995117b1ac6e73cedc222e722e1b5c45d8a0589a7ec0776

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ggjav.com/main/video?id=25828
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
last-modified
Thu, 21 Mar 2019 09:08:26 GMT
server
Apache
etag
"ca9-5849714b6b680"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
3241
ads.js
ads.exosrv.com/
2 KB
1 KB
Script
General
Full URL
https://ads.exosrv.com/ads.js
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
681965ef88d5f2ef1319d704c3a9b40de5bc4d180f1e2d0130b4b16c5935e85c

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
gzip
X-HW
1620704197.dop129.fr8.t,1620704197.cds133.fr8.shn,1620704197.cds133.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
959
small_67884.jpg
cdn-1.ggjav.com/media/video/
19 KB
19 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_67884.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51a1d37b4bebca38f0be4331e1c4396d8aed15ead014b1e3c2d4e06841501e20

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Wed, 05 May 2021 18:58:08 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092eac0-4c43"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19523
Expires
Thu, 10 Jun 2021 03:36:37 GMT
small_160645.jpg
cdn-1.ggjav.com/media/video/
38 KB
38 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_160645.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
621b949911604824e40dd8759bdde8f7dcae5c5a5a2a35240bfb9f413ad48500

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Wed, 05 May 2021 18:51:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e92f-97b7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38839
Expires
Thu, 10 Jun 2021 03:36:37 GMT
small_104943.jpg
cdn-1.ggjav.com/media/video/
22 KB
22 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_104943.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a117a4fd15d6c304aa1bfefc167b2878c0df0fe40440645794539e241fa3f747

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Wed, 05 May 2021 18:44:11 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e77b-570f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22287
Expires
Thu, 10 Jun 2021 03:36:37 GMT
small_17197.jpg
cdn-1.ggjav.com/media/video/
9 KB
9 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_17197.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6d60b7a888e4a2c5e23e0eeeb20ae3cb9be4a3b5eb91e79458bdf56f41fb002b

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Wed, 05 May 2021 18:51:37 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e939-247c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9340
Expires
Thu, 10 Jun 2021 03:36:37 GMT
small_137937.jpg
cdn-1.ggjav.com/media/video/
26 KB
26 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_137937.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4554619c0ef3154f149d471b6bd93ca426eaf986b1fee857184e18351f383774

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Wed, 05 May 2021 18:48:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e881-67eb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26603
Expires
Thu, 10 Jun 2021 03:36:37 GMT
small_29648.jpg
cdn-1.ggjav.com/media/video/
19 KB
20 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_29648.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1df7e5f04d489a7ea8dbb0915fef3bf82cc7a126d8358238ce28b6ad419317d1

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Last-Modified
Wed, 05 May 2021 18:53:09 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e995-4d46"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19782
Expires
Thu, 10 Jun 2021 03:36:38 GMT
small_141677.jpg
cdn-1.ggjav.com/media/video/
45 KB
45 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_141677.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5ebb72ea98e7fecb2168510fb9b5d3a221b498a248a31bb1aebc975f091d44d5

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Last-Modified
Wed, 05 May 2021 18:48:53 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e895-b234"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45620
Expires
Thu, 10 Jun 2021 03:36:38 GMT
small_20047.jpg
cdn-1.ggjav.com/media/video/
16 KB
17 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_20047.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
99f275f232fd568cba204c6fee15fff9abe580ccc6d7e3331043c7ee31e711fb

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Last-Modified
Wed, 05 May 2021 18:51:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e94e-4156"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16726
Expires
Thu, 10 Jun 2021 03:36:38 GMT
small_23836.jpg
cdn-1.ggjav.com/media/video/
21 KB
21 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_23836.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dfd9620067d054615ccfc5ce34a1bf5b6bd9ca5323e15f92e08a29682e47c2d5

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Last-Modified
Wed, 05 May 2021 18:52:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e96c-5337"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21303
Expires
Thu, 10 Jun 2021 03:36:38 GMT
small_154523.jpg
cdn-1.ggjav.com/media/video/
39 KB
39 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_154523.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
928ef6ca00dfd717fe97842335da4b7d0d3cc7ba1d7b678a45bafd502ad669f8

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Last-Modified
Wed, 05 May 2021 18:50:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e8fe-9b9b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39835
Expires
Thu, 10 Jun 2021 03:36:38 GMT
small_118960.jpg
cdn-1.ggjav.com/media/video/
37 KB
37 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_118960.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
27dcd8759d1e196c802856b87868a16db943965d5b85376cbea202e1651d58d2

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Last-Modified
Wed, 05 May 2021 18:45:54 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e7e2-9382"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37762
Expires
Thu, 10 Jun 2021 03:36:38 GMT
small_28630.jpg
cdn-1.ggjav.com/media/video/
20 KB
21 KB
Image
General
Full URL
https://cdn-1.ggjav.com/media/video/small_28630.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.149.173.134 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
104-149-173-134-hostedby.zenex5.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
018076aba9b0726a142f65b28570ea4513012a7e87e2c9d8cec08dc7c7719b5d

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Last-Modified
Wed, 05 May 2021 18:53:03 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6092e98f-519b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20891
Expires
Thu, 10 Jun 2021 03:36:38 GMT
js
www.googletagmanager.com/gtag/
88 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-79756229-6
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b03860b9293d19a73817c5dfd049df5f57adc601fdf234e4081ac5098cd14174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35724
x-xss-protection
0
last-modified
Tue, 11 May 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 May 2021 03:36:37 GMT
foundation-icons.woff
cdn.jsdelivr.net/foundation-icons/3.0/
31 KB
32 KB
Font
General
Full URL
https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://ggjav.com
Referer
https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
4074393
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
32020
etag
W/"7d14-ES+w5JgDfy/qA2rbgQXkdjgVnqo"
x-served-by
cache-fra19138-FRA, cache-hhn4066-HHN
date
Tue, 11 May 2021 03:36:37 GMT
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 62AB
1 KB
1 KB
Document
General
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=3872284&type=300x250&p=https%3A//ggjav.com/main/video%3Fid%3D25828&dt=1620704197511&sub=&tags=&screen_resolution=1600x1200&sticky=1&cookieconsent=true
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/js.php?t=17&idzone=3872284
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9f20f8cd4c5dce6db9e249ac4e0bb049154d3d8706feeda7acfeb0f25320dd6c

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226099fbc590ca18.87259156267958464%22%3B%7D; expires=Thu, 11 May 2023 03:36:37 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
close-icon-circle.png
s3t3d2y7.ackcdn.net/images/
405 B
765 B
Image
General
Full URL
https://s3t3d2y7.ackcdn.net/images/close-icon-circle.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Tue, 05 Nov 2019 16:54:21 GMT
ETag
"1572972861"
X-HW
1620704197.dop129.fr8.t,1620704197.cds138.fr8.shn,1620704197.cds138.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
405
Cookie set 1c0daa29-0650-4d39-bb09-b4b0095d026b
r.trwl1.com/s1/ Frame ACA1
1 KB
1 KB
Document
General
Full URL
https://r.trwl1.com/s1/1c0daa29-0650-4d39-bb09-b4b0095d026b
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.17 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
ee54228ed82e3ebd238f9ee467fad5c0eb3d01855671de4f792cd7dff07523a0

Request headers

Host
r.trwl1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx/1.20.0
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
uid=Iyz-sORYM; Path=/; Domain=trwl1.com; Expires=Wed, 12 May 2021 03:36:37 GMT; HttpOnly
X-Request-Id
1211b15d-98ac-42d0-b2fb-9c690d0dce66
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 16F1
3 KB
2 KB
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378943&output=noscript&type=728x90
Requested by
Host: ggjav.com
URL: https://ggjav.com/resources/jquery/jquery-3.2.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9e88f635c601c7fb15264de02608ba7fc0ed91de4172cd4986753904efaa04af

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226099fbc5917560.535812363845242743%22%3B%7D; expires=Thu, 11 May 2023 03:36:37 GMT; path=; domain=.exosrv.com; Secure; SameSite=none impressions=x%9C%5D%CC%B1%0D%800%0C%04%C0%5D%5C%27%D2%BFc%C76%AB+%26A%EC%0E%29%A0%A0%3F%DD%29%CAr%F7%EC%CC%81%E1%98%B2%EDl%9C%8A%E9NT%13%9AA%8E%26%A65%CC%D1-c%22%98%7F%B8%DCb%C35%EDa%95%C6%80%7E%2C%60%ACx%BF%EB%06%06l%191; expires=Wed, 12 May 2021 03:36:37 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set 2f362848-e3fd-4ccd-b0aa-d0e79a024930
r.trwl1.com/s1/ Frame CDCC
1 KB
1 KB
Document
General
Full URL
https://r.trwl1.com/s1/2f362848-e3fd-4ccd-b0aa-d0e79a024930
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.17 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
824fe16609e3bdffc03a25414fa00a144e72099b2d06fe092dde3e5642b4fc7c

Request headers

Host
r.trwl1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx/1.20.0
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
uid=Um--shLDMf; Path=/; Domain=trwl1.com; Expires=Wed, 12 May 2021 03:36:37 GMT; HttpOnly
X-Request-Id
b62170e7-4bc2-462b-949e-0ecc85974616
Content-Encoding
gzip
Cookie set 36ebe0b5-1868-4e89-9893-d8c9d11225c1
r.trwl1.com/s1/ Frame 90E6
1 KB
1 KB
Document
General
Full URL
https://r.trwl1.com/s1/36ebe0b5-1868-4e89-9893-d8c9d11225c1
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.17 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
bac7ef7bcedc2fecd21d05d912a90f591e70034e654036d7e65e72d46485e9f0

Request headers

Host
r.trwl1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx/1.20.0
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
uid=jk-zsORDp; Path=/; Domain=trwl1.com; Expires=Wed, 12 May 2021 03:36:37 GMT; HttpOnly
X-Request-Id
6fddfe3e-49d7-45a7-a992-d2a96618d8dd
Content-Encoding
gzip
afr.php
adserve.work/www/serve/ Frame E499
995 B
718 B
Document
General
Full URL
https://adserve.work/www/serve/afr.php?zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Requested by
Host: ggjav.com
URL: https://ggjav.com/resources/jquery/jquery-3.2.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
911d98349ede057e3736133e295ce6e3c8fb9d0dc8b1b66f34989135bd33d9b0

Request headers

:method
GET
:authority
adserve.work
:scheme
https
:path
/www/serve/afr.php?zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ggjav.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.11
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
0
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAID=01000111010001000101000001010010; expires=Wed, 11-May-2022 03:36:37 GMT; Max-Age=31536000; path=/; secure; SameSite=none
cf-cache-status
DYNAMIC
cf-request-id
09fb1893a600002bce0b920000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rOEwcTTf3cpvkHXftX6A%2BF8WguZoFCJtA3Mbz%2BJKZ5DV8Kw078amA4QMqAVsVtJ%2FGx2VgZpKVw9R49jOQ8W0LqVOABXi4LCkFKmyfXhXBNNMM0mM0hs5NZU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64d85d32ab992bce-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 6521
3 KB
2 KB
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378961&output=noscript&type=728x90
Requested by
Host: ggjav.com
URL: https://ggjav.com/resources/jquery/jquery-3.2.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
31f80b8e2c57ef364e6dc825c3a680041cd5865ee0aa44c212cde3f9902e3c88

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226099fbc593b126.274621611846061314%22%3B%7D; expires=Thu, 11 May 2023 03:36:37 GMT; path=; domain=.exosrv.com; Secure; SameSite=none impressions=x%9C%5D%CC%B1%0D%800%0C%04%C0%5D%5C%27%D2%BFc%C76%AB+%26A%EC%0E%29%A0%A0%3F%DD%29%CAr%F7%EC%CC%81%E1%98%B2%EDl%9C%8A%E9NT%13%9AA%8E%26%A65%CC%D1-c%22%98%7F%B8%DCb%C35%EDa%95%C6%80%7E%2C%60%ACx%BF%EB%06%06l%191; expires=Wed, 12 May 2021 03:36:37 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
afr.php
adserve.work/www/serve/ Frame 49FC
995 B
1 KB
Document
General
Full URL
https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
09416460a9e5bad27d90f068332a26c97648eee8e1b1a009b9b00b57d40dd956

Request headers

:method
GET
:authority
adserve.work
:scheme
https
:path
/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ggjav.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.11
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
0
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAID=01000111010001000101000001010010; expires=Wed, 11-May-2022 03:36:37 GMT; Max-Age=31536000; path=/; secure; SameSite=none
cf-cache-status
DYNAMIC
cf-request-id
09fb1893a600002bce44191000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fdSGA2eUO%2Fxk1WAmlraVT5FnhFOLJsMC5fNAjgn2xHBhzG0oHAYnLrxDBFMW6EX3i3SMVPIEtdJjwNN%2FgxwkgeuEC3LExV88ZDZ3ysr2Z0L6Apbx24fXhbY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64d85d32ab9b2bce-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame ED85
1 KB
1 KB
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378965&output=noscript&type=300x250
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ac7461dcb67080fb78597be0b71229fb6a9dcd257366f6cc431933888eb78b5a

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226099fbc5997df1.003820164287672982%22%3B%7D; expires=Thu, 11 May 2023 03:36:37 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set a1500a36-08ca-45aa-b149-35e6be36e59b
r.trwl1.com/s1/ Frame C039
1 KB
1 KB
Document
General
Full URL
https://r.trwl1.com/s1/a1500a36-08ca-45aa-b149-35e6be36e59b
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.17 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
01b2c80a23e5c3bbff2e5cedb17527a8eb2a2544b1611bfedc7c43300c9d5a72

Request headers

Host
r.trwl1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx/1.20.0
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
uid=CCzzshLDM; Path=/; Domain=trwl1.com; Expires=Wed, 12 May 2021 03:36:37 GMT; HttpOnly
X-Request-Id
9a36a09f-9f6d-4afe-a98b-1eec74df24b9
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame DA99
3 KB
2 KB
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378971&output=noscript&type=728x90
Requested by
Host: ggjav.com
URL: https://ggjav.com/resources/jquery/jquery-3.2.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a218e753aab8d62df2b2e148a4cce426f0b0b8fa9b686fefb8ca45c0e425b7f6

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226099fbc59a4129.354806133568770132%22%3B%7D; expires=Thu, 11 May 2023 03:36:37 GMT; path=; domain=.exosrv.com; Secure; SameSite=none impressions=x%9Cu%CC%C1%09%80%40%0C%04%C0%5E%F2%3Ea7%97%5C%12%5B%11%2B%11%7BW%3F%A2%82%FFa6Q%96%BB%E7%C4%EC%E8%8E%21%F3%C2%C6%A1%18%EED5%A1%19dmbZ%DD%1C%93e%0C%04%F3%0B%2Fw%B1%EE%9Av%B2Jc%40o%160V%3C%BE7%C4%0F%DC%0F%AD%BF%21f; expires=Wed, 12 May 2021 03:36:37 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
afr.php
adserve.work/www/serve/ Frame 3236
996 B
722 B
Document
General
Full URL
https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
e108ab949842fe9c7b960c0f206e9f00bcb43b1f1c4992b713b08011cc28dba0

Request headers

:method
GET
:authority
adserve.work
:scheme
https
:path
/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ggjav.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.11
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
0
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAID=01000111010001000101000001010010; expires=Wed, 11-May-2022 03:36:37 GMT; Max-Age=31536000; path=/; secure; SameSite=none
cf-cache-status
DYNAMIC
cf-request-id
09fb1893b100002bce33385000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W6A8ZYYinvR0fSuaah9lxq0YGHmBDMy65Q8ezOgROWVMpJNNk%2FNwRGl7w8l%2FHU3tpWIIl%2BzLpMs%2FCkQI6UwRactzQpJXI94bfhUxGuBqvSYONPXCDFt1uzw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64d85d32bba82bce-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 1C08
1 KB
1 KB
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378979&type=300x250&p=https%3A//ggjav.com/main/video%3Fid%3D25828&dt=1620704197552&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a61bf3ba621a4d9029a533c86242de8d0693faac2928c9f902c97635b16872cc

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Server
nginx
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226099fbc59aa953.694732013665018720%22%3B%7D; expires=Thu, 11 May 2023 03:36:37 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
embed.js
https-ggjav-com.disqus.com/
73 KB
24 KB
Script
General
Full URL
https://https-ggjav-com.disqus.com/embed.js
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
2192ea5411c5b5250e84b677f2ddb84c76658198faf0f7fde1c0e55ef2173d47
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
gzip
Server
openresty
Age
11
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24302
search_records
ggjav.com/main/
674 KB
225 KB
XHR
General
Full URL
https://ggjav.com/main/search_records
Requested by
Host: ggjav.com
URL: https://ggjav.com/resources/jquery/jquery-3.2.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.26.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
3237ef6128d1a9f20fa4d4b2ae7627709af7d9d552682056205ab8c35b75a549
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ggjav.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
https://ggjav.com/main/video?id=25828
Accept
*/*
Referer
https://ggjav.com/main/video?id=25828
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
gzip
last-modified
Tue, 11 May 2021 03:11:38 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Language,Cookie,Accept-Encoding
content-language
en
cache-control
max-age=1800
transfer-encoding
chunked
content-type
application/json
expires
Tue, 11 May 2021 03:41:38 GMT
e9050596-12df-4b9e-9ae0-1c1e833bf3a2
https://ggjav.com/ Frame 1A46
82 B
0
Document
General
Full URL
blob:https://ggjav.com/e9050596-12df-4b9e-9ae0-1c1e833bf3a2
Requested by
Host: ggjav.com
URL: https://ggjav.com/resources/jquery/jquery-3.2.0.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05e3e47009bb87a76b9e8a9d75ca3f9fddf9471ded1559fe2d3379ca0f127820

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
82
Content-Type
text/html
embed-npc23203ituh.html
vidoza.net/ Frame 1A46
16 B
146 B
Document
General
Full URL
https://vidoza.net/embed-npc23203ituh.html
Requested by
Host: ggjav.com
URL: blob:https://ggjav.com/e9050596-12df-4b9e-9ae0-1c1e833bf3a2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.85.51 Meppel, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
dde831d7f52d4b993cdbae9497b512451ed913113f3a31f8d144252cce8a853b

Request headers

:method
GET
:authority
vidoza.net
:scheme
https
:path
/embed-npc23203ituh.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.16.1
date
Tue, 11 May 2021 03:36:37 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79756229-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4185
date
Tue, 11 May 2021 02:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 11 May 2021 04:26:52 GMT
gcrt.js
api.trwl1.com/ascripts/ Frame ACA1
91 KB
26 KB
Script
General
Full URL
https://api.trwl1.com/ascripts/gcrt.js
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/1c0daa29-0650-4d39-bb09-b4b0095d026b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
58e792c49e41501a97a9d37f29f09663c7894414204ea12595d2a8c7db2ad35b

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
amsterdamNL
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
br
X-77-NZT-Ray
45TR5aB6ruI=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1rAHAVyTvvTcBAA==
Last-Modified
Mon, 18 May 2020 15:57:01 GMT
Server
nginx/1.20.0
ETag
W/"5ec2b04d-16b2e"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Age
79805
Expires
Mon, 10 May 2021 05:26:31 GMT
300x100.html
static.javhd.com/h5/files/10333/ Frame 57CD
4 KB
2 KB
Document
General
Full URL
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/1c0daa29-0650-4d39-bb09-b4b0095d026b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6768504a281b9783183c0a61bd9363b66c4bb9510f69466a89951e2a8355f0f6

Request headers

:method
GET
:authority
static.javhd.com
:scheme
https
:path
/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://r.trwl1.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://r.trwl1.com/

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-type
text/html
last-modified
Tue, 22 Jan 2019 14:04:32 GMT
etag
W/"5c4722f0-11e1"
expires
Fri, 14 May 2021 08:58:18 GMT
cache-control
max-age=2592000
access-control-allow-origin
*
server
CDN77-Turbo
x-77-nzt
AcO1rzJn9APvG00jAA==
x-77-nzt-ray
zeXqhU62sNg=
x-cache
HIT
x-age
2313499
x-77-pop
frankfurtDE
x-77-cache
HIT
content-encoding
br
gcrt.js
api.trwl1.com/ascripts/ Frame CDCC
91 KB
26 KB
Script
General
Full URL
https://api.trwl1.com/ascripts/gcrt.js
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/2f362848-e3fd-4ccd-b0aa-d0e79a024930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
58e792c49e41501a97a9d37f29f09663c7894414204ea12595d2a8c7db2ad35b

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
amsterdamNL
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
br
X-77-NZT-Ray
EaR2u/IFGWc=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
Abk73hR1Q5bv0zcBAA==
Last-Modified
Mon, 18 May 2020 15:56:42 GMT
Server
nginx/1.20.0
ETag
W/"5ec2b03a-16b2e"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Age
79827
Expires
Mon, 10 May 2021 05:26:09 GMT
300x250.html
static.javhd.com/h5/files/10661/ Frame 33F3
4 KB
2 KB
Document
General
Full URL
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/2f362848-e3fd-4ccd-b0aa-d0e79a024930
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7fecd6f5b05b84f31335556969c3abf7e68d7b3efe1c5506f0f39f9e6dc79e1f

Request headers

:method
GET
:authority
static.javhd.com
:scheme
https
:path
/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://r.trwl1.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://r.trwl1.com/

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-type
text/html
last-modified
Tue, 21 May 2019 09:18:28 GMT
etag
W/"5ce3c264-11e4"
expires
Fri, 14 May 2021 14:48:11 GMT
cache-control
max-age=2592000
access-control-allow-origin
*
server
CDN77-Turbo
x-77-nzt
AcO1rzJj/x3vGvsiAA==
x-77-nzt-ray
ZAzrzgfg74A=
x-cache
HIT
x-age
2292506
x-77-pop
frankfurtDE
x-77-cache
HIT
content-encoding
br
gcrt.js
api.trwl1.com/ascripts/ Frame 90E6
91 KB
26 KB
Script
General
Full URL
https://api.trwl1.com/ascripts/gcrt.js
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/36ebe0b5-1868-4e89-9893-d8c9d11225c1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
58e792c49e41501a97a9d37f29f09663c7894414204ea12595d2a8c7db2ad35b

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
amsterdamNL
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
br
X-77-NZT-Ray
5ucvcXvtXuM=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
Abk73hSLVWbv0zcBAA==
Last-Modified
Mon, 18 May 2020 15:56:42 GMT
Server
nginx/1.20.0
ETag
W/"5ec2b03a-16b2e"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Age
79827
Expires
Mon, 10 May 2021 05:26:09 GMT
300x250.html
static.javhd.com/h5/files/11179/ Frame 7AA5
4 KB
2 KB
Document
General
Full URL
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/36ebe0b5-1868-4e89-9893-d8c9d11225c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f1ff7df6850d0902688cccfa0ffa4c6931e206f8167eabdde18d1861c7de5b12

Request headers

:method
GET
:authority
static.javhd.com
:scheme
https
:path
/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://r.trwl1.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://r.trwl1.com/

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-type
text/html
last-modified
Wed, 10 Jul 2019 12:19:50 GMT
etag
W/"5d25d7e6-11e4"
expires
Thu, 27 May 2021 18:07:46 GMT
cache-control
max-age=2592000
access-control-allow-origin
*
server
CDN77-Turbo
x-77-nzt
AcO1rzJh1PP/06gRAA==
x-77-nzt-ray
gGpbak5oDZc=
x-cache
HIT
x-age
1157331
x-77-pop
frankfurtDE
x-77-cache
HIT
content-encoding
br
lounge.305cef62f65d619287ed5bfd8a11158b.css
c.disquscdn.com/next/embed/styles/
0
23 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 08:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932013
x-cache
Hit from cloudfront
content-length
23152
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-5a70"
content-type
text/css; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Sat, 30 Apr 2022 08:43:04 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
nWkzI3AB5np55jlw855omFr5DqUiAEGiWn7XaKzAttLdli0ybz5mMA==
x-cache-hits
0
common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/
0
93 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 10:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578404
x-cache
Hit from cloudfront
content-length
94786
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-17242"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Wed, 04 May 2022 10:56:33 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
tRMwHgwJvMtlFRT40ff898NhkKgm2FJyrVmjmZYFuTmFwyq4Bzn6Kw==
x-cache-hits
0
lounge.bundle.daad0ef0a39804d0796d79f216ca4d2e.js
c.disquscdn.com/next/embed/
0
116 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.daad0ef0a39804d0796d79f216ca4d2e.js
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1146167
x-cache
Hit from cloudfront
content-length
117909
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-1cc95"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Wed, 27 Apr 2022 21:13:50 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
uvgdrsUpWuYlGI2j--wmE9zOMqUkVNDrgSxhJ5yLF9z5Osks197Kug==
x-cache-hits
0
config.js
disqus.com/next/
0
12 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
42
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
11688
X-XSS-Protection
1; mode=block
recommendations.js
https-ggjav-com.disqus.com/
61 KB
20 KB
Script
General
Full URL
https://https-ggjav-com.disqus.com/recommendations.js
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
346e94229e26e21c6e3aec164d1502062441eecf63474bd86ccc9fd39227d18a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
20362
promo.php
promo-bc.com/ Frame 9901
142 KB
43 KB
Document
General
Full URL
https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3872284&type=300x250&p=https%3A//ggjav.com/main/video%3Fid%3D25828&dt=1620704197511&sub=&tags=&screen_resolution=1600x1200&sticky=1&cookieconsent=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.75.253.87 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
69636f81a1ce2aa53df6532f040480a14333b89194bc68e4c5feda6385b2db62
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
promo-bc.com
:scheme
https
:path
/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.realsrv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.realsrv.com/

Response headers

server
nginx
date
Tue, 11 May 2021 03:36:38 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Tue, 11 May 2021 03:36:37 GMT
cache-control
no-cache public
x-bcs
ded7384
strict-transport-security
max-age=0;
content-encoding
gzip
x-bc-bl
105
153c1f6e005fb0a1e4b983af9c90c165d406ac2b.mp4
s3t3d2y7.ackcdn.net/library/198318/ Frame 16F1
46 KB
46 KB
Media
General
Full URL
https://s3t3d2y7.ackcdn.net/library/198318/153c1f6e005fb0a1e4b983af9c90c165d406ac2b.mp4
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378943&output=noscript&type=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adaddfefeb6d1e618744313e09a106f7aee8b88db5ab47b49f269850623ed66

Request headers

Referer
https://syndication.exosrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Thu, 26 Mar 2020 20:31:07 GMT
Access-Control-Allow-Origin
*
ETag
"1585254667"
X-HW
1620704197.dop129.fr8.t,1620704197.cds138.fr8.shn,1620704197.dop129.fr8.t,1620704197.cds165.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-46956/46957
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
46957
153c1f6e005fb0a1e4b983af9c90c165d406ac2b.mp4
s3t3d2y7.ackcdn.net/library/198318/ Frame 6521
46 KB
46 KB
Media
General
Full URL
https://s3t3d2y7.ackcdn.net/library/198318/153c1f6e005fb0a1e4b983af9c90c165d406ac2b.mp4
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378961&output=noscript&type=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adaddfefeb6d1e618744313e09a106f7aee8b88db5ab47b49f269850623ed66

Request headers

Referer
https://syndication.exosrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Thu, 26 Mar 2020 20:31:07 GMT
Access-Control-Allow-Origin
*
ETag
"1585254667"
X-HW
1620704197.dop098.fr8.shc,1620704197.dop098.fr8.t,1620704197.cds165.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-46956/46957
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
46957
gcrt.js
api.trwl1.com/ascripts/ Frame C039
91 KB
26 KB
Script
General
Full URL
https://api.trwl1.com/ascripts/gcrt.js
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/a1500a36-08ca-45aa-b149-35e6be36e59b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
58e792c49e41501a97a9d37f29f09663c7894414204ea12595d2a8c7db2ad35b

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
amsterdamNL
Date
Tue, 11 May 2021 03:36:37 GMT
Content-Encoding
br
X-77-NZT-Ray
lxcMj3EvoEQ=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
Abk73hSWqT/v0zcBAA==
Last-Modified
Mon, 18 May 2020 15:56:42 GMT
Server
nginx/1.20.0
ETag
W/"5ec2b03a-16b2e"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Age
79827
Expires
Mon, 10 May 2021 05:26:09 GMT
300x100.html
static.javhd.com/h5/files/10333/ Frame A6B8
4 KB
2 KB
Document
General
Full URL
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Requested by
Host: r.trwl1.com
URL: https://r.trwl1.com/s1/a1500a36-08ca-45aa-b149-35e6be36e59b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6768504a281b9783183c0a61bd9363b66c4bb9510f69466a89951e2a8355f0f6

Request headers

:method
GET
:authority
static.javhd.com
:scheme
https
:path
/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://r.trwl1.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://r.trwl1.com/

Response headers

date
Tue, 11 May 2021 03:36:37 GMT
content-type
text/html
last-modified
Tue, 22 Jan 2019 14:04:32 GMT
etag
W/"5c4722f0-11e1"
expires
Fri, 14 May 2021 09:04:11 GMT
cache-control
max-age=2592000
access-control-allow-origin
*
server
CDN77-Turbo
x-77-nzt
AcO1rzKbTrHvuksjAA==
x-77-nzt-ray
3PXfMFl5U3Q=
x-cache
HIT
x-age
2313146
x-77-pop
frankfurtDE
x-77-cache
HIT
content-encoding
br
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1530830252&t=pageview&_s=1&dl=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&ul=en-us&de=UTF-8&dt=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1780853740&gjid=160169841&cid=1190620887.1620704198&tid=UA-79756229-6&_gid=1262881586.1620704198&_r=1&gtm=2ou4s0&z=1470995150
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 May 2021 03:36:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ggjav.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
promo.php
bngpt.com/ Frame EABD
141 KB
43 KB
Document
General
Full URL
https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378965&output=noscript&type=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.199.255.192 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
f4342c3b624123024e5f14f30dff59ab9fe24de4f19def9e0a069bb4073bc7e5
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
bngpt.com
:scheme
https
:path
/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.exosrv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.exosrv.com/

Response headers

server
nginx
date
Tue, 11 May 2021 03:36:38 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Tue, 11 May 2021 03:36:37 GMT
cache-control
no-cache public
x-bcs
ded7013
strict-transport-security
max-age=0;
content-encoding
gzip
x-bc-bl
105
1beea5aac4b885cffd0c8e9e5777e1d9cf43c5ce.mp4
s3t3d2y7.ackcdn.net/library/198318/ Frame DA99
19 KB
19 KB
Media
General
Full URL
https://s3t3d2y7.ackcdn.net/library/198318/1beea5aac4b885cffd0c8e9e5777e1d9cf43c5ce.mp4
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378971&output=noscript&type=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
09da79c55fe4b2dfe64c0a553d468d0cd53953b6fabed480228aa86f05cbb4ba

Request headers

Referer
https://syndication.exosrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Last-Modified
Thu, 26 Mar 2020 20:31:06 GMT
Access-Control-Allow-Origin
*
ETag
"1585254666"
X-HW
1620704197.dop129.fr8.t,1620704197.cds138.fr8.shn,1620704197.dop129.fr8.t,1620704197.cds134.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-19405/19406
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19406
promo.php
promo-bc.com/ Frame 6764
142 KB
43 KB
Document
General
Full URL
https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3378979&type=300x250&p=https%3A//ggjav.com/main/video%3Fid%3D25828&dt=1620704197552&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.75.253.87 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
bc005bd79868aeecc3b3a2fd41e57a862a433b5a82c9969b7388c50cb2e3b082
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
promo-bc.com
:scheme
https
:path
/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.exosrv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.exosrv.com/

Response headers

server
nginx
date
Tue, 11 May 2021 03:36:38 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Tue, 11 May 2021 03:36:37 GMT
cache-control
no-cache public
x-bcs
ded7013
strict-transport-security
max-age=0;
content-encoding
gzip
x-bc-bl
105
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/
0
4 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408322
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 10:11:15 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
dMKouZbYkfAw9deFMraIZEgPUZS-KRuD-rb70F8JrmzCo90fjvByGw==
x-cache-hits
0
common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
c.disquscdn.com/next/recommendations/
0
87 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441241
x-cache
Hit from cloudfront
content-length
88873
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-15b29"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 01:02:35 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
yMOdE0aviNOqEzgdLZ8G45EEpTn8hCN8dsW_rjqjf6UMd1LJoEIFBA==
x-cache-hits
0
recommendations.bundle.4214219f8f12995fa46e1e83745b2a0e.js
c.disquscdn.com/next/recommendations/
0
20 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.4214219f8f12995fa46e1e83745b2a0e.js
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388063
x-cache
Hit from cloudfront
content-length
19898
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-4dba"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 15:48:54 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
9HAGsBfr7T9YMlJ0ZJmhpBlInawv4u8iXfI-9tuXFC1xmJPrazY-AQ==
x-cache-hits
0
style.css
static.javhd.com/h5/files/css/ Frame 57CD
2 KB
780 B
Stylesheet
General
Full URL
https://static.javhd.com/h5/files/css/style.css
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzKtJobve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"57456258-7bd"
last-modified
Wed, 25 May 2016 08:29:12 GMT
server
CDN77-Turbo
x-77-nzt-ray
BscsyWsApec=
x-77-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
mobile_video_player.min.js
static.javhd.com/h5/files/js/ Frame 57CD
30 KB
9 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/mobile_video_player.min.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bd2d3a0de3322e6c04de5e94fb0c7f4314502031e050bc59c0eeda19f1b6d122

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzIxJvPve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5694e9a5-7636"
last-modified
Tue, 12 Jan 2016 11:55:17 GMT
server
CDN77-Turbo
x-77-nzt-ray
X1Ug3lcAaf8=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
video.js
static.javhd.com/h5/files/js/ Frame 57CD
116 KB
32 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/video.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f7d63ff552e165a8fcc86c99f205873431c9f66bb571f2b0b84d06d73af2fed8

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzIFtR/ve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5641c5d4-1cf02"
last-modified
Tue, 10 Nov 2015 10:24:20 GMT
server
CDN77-Turbo
x-77-nzt-ray
b66URsWTT3Q=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
272-overlay-preview.png
static.javhd.com/h5/files/overlay/ Frame 57CD
45 KB
45 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/272-overlay-preview.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b988dd89a1e396eb08df9990321adad6245ef552bc5351f2b2f9067ce76fef0d

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
G1LonD+USGs=
x-77-cache
HIT
x-cache
HIT
x-age
2316080
content-length
45832
x-77-nzt
AcO1rzIyxR7vMFcjAA==
last-modified
Tue, 14 Feb 2017 10:51:40 GMT
server
CDN77-Turbo
etag
"58a2e13c-b308"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:15:17 GMT
272-overlay.png
static.javhd.com/h5/files/overlay/ Frame 57CD
3 KB
3 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/272-overlay.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d17bd21151d6ef55bbaf9cc9d04e6319fafa04f00effc74cd15cb980b9bb090d

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
sc4AWypnrsc=
x-77-cache
HIT
x-cache
HIT
x-age
2316079
content-length
2658
x-77-nzt
AcO1rzLiR2LvL1cjAA==
last-modified
Tue, 14 Feb 2017 10:51:39 GMT
server
CDN77-Turbo
etag
"58a2e13b-a62"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:15:18 GMT
32-button.png
static.javhd.com/h5/files/button/ Frame 57CD
1 KB
2 KB
Image
General
Full URL
https://static.javhd.com/h5/files/button/32-button.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5c9bc60a728d5a247efdbc1044abddb0778fca57358e64884ba95b771369082a

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
oTIO2gwX8CY=
x-77-cache
HIT
x-cache
HIT
x-age
2316079
content-length
1264
x-77-nzt
AcO1rzKVU5XvL1cjAA==
last-modified
Tue, 14 Feb 2017 10:51:26 GMT
server
CDN77-Turbo
etag
"58a2e12e-4f0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:15:18 GMT
style.css
static.javhd.com/h5/files/css/ Frame 33F3
2 KB
782 B
Stylesheet
General
Full URL
https://static.javhd.com/h5/files/css/style.css
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1

Request headers

Referer
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzJndCLve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"57456258-7bd"
last-modified
Wed, 25 May 2016 08:29:12 GMT
server
CDN77-Turbo
x-77-nzt-ray
nLTKfBtHva4=
x-77-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
mobile_video_player.min.js
static.javhd.com/h5/files/js/ Frame 33F3
30 KB
9 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/mobile_video_player.min.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bd2d3a0de3322e6c04de5e94fb0c7f4314502031e050bc59c0eeda19f1b6d122

Request headers

Referer
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzIljSvve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5694e9a5-7636"
last-modified
Tue, 12 Jan 2016 11:55:17 GMT
server
CDN77-Turbo
x-77-nzt-ray
EWz70EIxFC0=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
video.js
static.javhd.com/h5/files/js/ Frame 33F3
116 KB
32 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/video.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f7d63ff552e165a8fcc86c99f205873431c9f66bb571f2b0b84d06d73af2fed8

Request headers

Referer
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzK09DTve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5641c5d4-1cf02"
last-modified
Tue, 10 Nov 2015 10:24:20 GMT
server
CDN77-Turbo
x-77-nzt-ray
kkQqRn3muIw=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
1008-overlay-preview.png
static.javhd.com/h5/files/overlay/ Frame 33F3
2 KB
2 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/1008-overlay-preview.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dbdc556177a5b6acc00668e4ab8a956f2941d1c6467ad1cef90baa89b45c598d

Request headers

Referer
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
O6rfnZCXkVs=
x-77-cache
HIT
x-cache
HIT
x-age
2316160
content-length
1688
x-77-nzt
AcO1rzKsp6rvgFcjAA==
last-modified
Wed, 28 Nov 2018 13:40:15 GMT
server
CDN77-Turbo
etag
"5bfe9abf-698"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:13:57 GMT
1008-overlay.gif
static.javhd.com/h5/files/overlay/ Frame 33F3
4 KB
4 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/1008-overlay.gif
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
647a347b3284577e87852b63003ebf9f5b0f7ba09ad6694c4a5564d65ef4f7f2

Request headers

Referer
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
niSZVDTZkT0=
x-77-cache
HIT
x-cache
HIT
x-age
2316160
content-length
4146
x-77-nzt
AcO1rzJW1WfvgFcjAA==
last-modified
Wed, 28 Nov 2018 13:42:51 GMT
server
CDN77-Turbo
etag
"5bfe9b5b-1032"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:13:57 GMT
29-button.png
static.javhd.com/h5/files/button/ Frame 33F3
733 B
1 KB
Image
General
Full URL
https://static.javhd.com/h5/files/button/29-button.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de

Request headers

Referer
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
Z89V8tPn9WM=
x-77-cache
HIT
x-cache
HIT
x-age
2316134
content-length
733
x-77-nzt
AcO1rzI0j4HvZlcjAA==
last-modified
Tue, 22 Dec 2015 18:41:22 GMT
server
CDN77-Turbo
etag
"56799952-2dd"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:14:23 GMT
style.css
static.javhd.com/h5/files/css/ Frame 7AA5
2 KB
781 B
Stylesheet
General
Full URL
https://static.javhd.com/h5/files/css/style.css
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1

Request headers

Referer
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzIa2rPve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"57456258-7bd"
last-modified
Wed, 25 May 2016 08:29:12 GMT
server
CDN77-Turbo
x-77-nzt-ray
ndRPj8PRGmc=
x-77-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
mobile_video_player.min.js
static.javhd.com/h5/files/js/ Frame 7AA5
30 KB
9 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/mobile_video_player.min.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bd2d3a0de3322e6c04de5e94fb0c7f4314502031e050bc59c0eeda19f1b6d122

Request headers

Referer
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzLrlHvve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5694e9a5-7636"
last-modified
Tue, 12 Jan 2016 11:55:17 GMT
server
CDN77-Turbo
x-77-nzt-ray
1ZC/q1IXZzY=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
video.js
static.javhd.com/h5/files/js/ Frame 7AA5
116 KB
32 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/video.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f7d63ff552e165a8fcc86c99f205873431c9f66bb571f2b0b84d06d73af2fed8

Request headers

Referer
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzIgEfHve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5641c5d4-1cf02"
last-modified
Tue, 10 Nov 2015 10:24:20 GMT
server
CDN77-Turbo
x-77-nzt-ray
Ycy0hL7i26Q=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
1008-overlay-preview.png
static.javhd.com/h5/files/overlay/ Frame 7AA5
2 KB
2 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/1008-overlay-preview.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dbdc556177a5b6acc00668e4ab8a956f2941d1c6467ad1cef90baa89b45c598d

Request headers

Referer
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
pRHNf8k7Oq0=
x-77-cache
HIT
x-cache
HIT
x-age
2316160
content-length
1688
x-77-nzt
AcO1rzJAPGnvgFcjAA==
last-modified
Wed, 28 Nov 2018 13:40:15 GMT
server
CDN77-Turbo
etag
"5bfe9abf-698"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:13:57 GMT
1008-overlay.gif
static.javhd.com/h5/files/overlay/ Frame 7AA5
4 KB
4 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/1008-overlay.gif
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
647a347b3284577e87852b63003ebf9f5b0f7ba09ad6694c4a5564d65ef4f7f2

Request headers

Referer
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
L0y5r1heygM=
x-77-cache
HIT
x-cache
HIT
x-age
2316160
content-length
4146
x-77-nzt
AcO1rzIujbfvgFcjAA==
last-modified
Wed, 28 Nov 2018 13:42:51 GMT
server
CDN77-Turbo
etag
"5bfe9b5b-1032"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:13:57 GMT
29-button.png
static.javhd.com/h5/files/button/ Frame 7AA5
733 B
1 KB
Image
General
Full URL
https://static.javhd.com/h5/files/button/29-button.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de

Request headers

Referer
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
eo++4tX43rc=
x-77-cache
HIT
x-cache
HIT
x-age
2316134
content-length
733
x-77-nzt
AcO1rzKu7Y3vZlcjAA==
last-modified
Tue, 22 Dec 2015 18:41:22 GMT
server
CDN77-Turbo
etag
"56799952-2dd"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:14:23 GMT
style.css
static.javhd.com/h5/files/css/ Frame A6B8
2 KB
782 B
Stylesheet
General
Full URL
https://static.javhd.com/h5/files/css/style.css
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzJtUOrve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"57456258-7bd"
last-modified
Wed, 25 May 2016 08:29:12 GMT
server
CDN77-Turbo
x-77-nzt-ray
SA7QKRP2VMA=
x-77-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
mobile_video_player.min.js
static.javhd.com/h5/files/js/ Frame A6B8
30 KB
9 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/mobile_video_player.min.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bd2d3a0de3322e6c04de5e94fb0c7f4314502031e050bc59c0eeda19f1b6d122

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzLC74zve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5694e9a5-7636"
last-modified
Tue, 12 Jan 2016 11:55:17 GMT
server
CDN77-Turbo
x-77-nzt-ray
kh9BH/YhSFk=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
video.js
static.javhd.com/h5/files/js/ Frame A6B8
116 KB
32 KB
Script
General
Full URL
https://static.javhd.com/h5/files/js/video.js
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f7d63ff552e165a8fcc86c99f205873431c9f66bb571f2b0b84d06d73af2fed8

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzL2hN3ve1gjAA==
date
Tue, 11 May 2021 03:36:37 GMT
content-encoding
br
etag
W/"5641c5d4-1cf02"
last-modified
Tue, 10 Nov 2015 10:24:20 GMT
server
CDN77-Turbo
x-77-nzt-ray
Bfjdsry+N00=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
HIT
x-age
2316411
x-77-pop
frankfurtDE
expires
Thu, 14 Apr 2022 08:09:46 GMT
272-overlay-preview.png
static.javhd.com/h5/files/overlay/ Frame A6B8
45 KB
45 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/272-overlay-preview.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b988dd89a1e396eb08df9990321adad6245ef552bc5351f2b2f9067ce76fef0d

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
H1GLUkbsUoE=
x-77-cache
HIT
x-cache
HIT
x-age
2316080
content-length
45832
x-77-nzt
AcO1rzLmGzfvMFcjAA==
last-modified
Tue, 14 Feb 2017 10:51:40 GMT
server
CDN77-Turbo
etag
"58a2e13c-b308"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:15:17 GMT
272-overlay.png
static.javhd.com/h5/files/overlay/ Frame A6B8
3 KB
3 KB
Image
General
Full URL
https://static.javhd.com/h5/files/overlay/272-overlay.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d17bd21151d6ef55bbaf9cc9d04e6319fafa04f00effc74cd15cb980b9bb090d

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
aOAL+IM5p98=
x-77-cache
HIT
x-cache
HIT
x-age
2316079
content-length
2658
x-77-nzt
AcO1rzKSceLvL1cjAA==
last-modified
Tue, 14 Feb 2017 10:51:39 GMT
server
CDN77-Turbo
etag
"58a2e13b-a62"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:15:18 GMT
32-button.png
static.javhd.com/h5/files/button/ Frame A6B8
1 KB
2 KB
Image
General
Full URL
https://static.javhd.com/h5/files/button/32-button.png
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5c9bc60a728d5a247efdbc1044abddb0778fca57358e64884ba95b771369082a

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
cakNprAnSEM=
x-77-cache
HIT
x-cache
HIT
x-age
2316079
content-length
1264
x-77-nzt
AcO1rzKvUZzvL1cjAA==
last-modified
Tue, 14 Feb 2017 10:51:26 GMT
server
CDN77-Turbo
etag
"58a2e12e-4f0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 08:15:18 GMT
collect
stats.g.doubleclick.net/j/
1 B
81 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-79756229-6&cid=1190620887.1620704198&jid=1780853740&gjid=160169841&_gid=1262881586.1620704198&_u=YEBAAUAAAAAAAC~&z=8836806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ggjav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 11 May 2021 03:36:37 GMT
content-type
text/plain
access-control-allow-origin
https://ggjav.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
2655-13893-300x100.mp4
static.javhd.com/h5/files/video/ Frame 57CD
756 KB
757 KB
Media
General
Full URL
https://static.javhd.com/h5/files/video/2655-13893-300x100.mp4
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c38581db426248ec744bd61cf001acc11a2f02b57faa51983180f783eaa1a466

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1c478aca-fb75-435f-a39e-4baf5920aae6%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIwNzk5fQ
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
ozi+GPyRPRQ=
x-77-cache
HIT
Content-Range
bytes 0-773960/773961
x-cache
HIT
x-age
61634
Content-Length
773961
x-77-nzt
AcO1rzIzPSXvwvAAAA==
last-modified
Tue, 22 Jan 2019 14:04:29 GMT
server
CDN77-Turbo
etag
"5c4722ed-bcf49"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=86400
expires
Thu, 15 Apr 2021 08:32:45 GMT
/
disqus.com/embed/comments/ Frame F010
8 KB
5 KB
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce980bc0c273d90b7500da3a0bab3bb307cac081839689332db83078bf3f5a53
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Connection
keep-alive
Content-Length
3331
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Mon, 01 Feb 2021 06:06:02 GMT
ETag
W/"lounge:view:7804205457.92128645f2649e6ed16149238d76fcb7.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy
no-referrer-when-downgrade
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Tue, 11 May 2021 03:36:37 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
2923-19274-300x250.mp4
static.javhd.com/h5/files/video/ Frame 33F3
748 KB
749 KB
Media
General
Full URL
https://static.javhd.com/h5/files/video/2923-19274-300x250.mp4
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b5dcbfab538aadd01755a28feda09ceff426f9c1ee0e09cec24f79524fd72170

Request headers

Referer
https://static.javhd.com/h5/files/10661/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fdf9e4091-38e1-40dc-8f02-54f23cac04ec%3Fp%3DeyJiIjo3MDksImJoIjoyNTAsImJ3IjozMDAsImYiOjMsIm8iOjQsInAiOjEsInMiOjIwODAwfQ
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
J7hfbXAGIF4=
x-77-cache
HIT
Content-Range
bytes 0-766093/766094
x-cache
HIT
x-age
68481
Content-Length
766094
x-77-nzt
AcO1rzLGDKfvgQsBAA==
last-modified
Tue, 21 May 2019 09:18:25 GMT
server
CDN77-Turbo
etag
"5ce3c261-bb08e"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=86400
expires
Thu, 15 Apr 2021 08:17:37 GMT
3150-24966-300x250.mp4
static.javhd.com/h5/files/video/ Frame 7AA5
751 KB
752 KB
Media
General
Full URL
https://static.javhd.com/h5/files/video/3150-24966-300x250.mp4
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2c701e439c85837825b6deae4baf1d1e1e537a4bc0ca7c60f1b844b839306a93

Request headers

Referer
https://static.javhd.com/h5/files/11179/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fb190f076-68da-4f91-ba1b-c5c6aa9ad097%3Fp%3DeyJiIjoyNzAxMjIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIyMjkyfQ
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
kD+uRh1chcA=
x-77-cache
HIT
Content-Range
bytes 0-769207/769208
x-cache
HIT
x-age
69483
Content-Length
769208
x-77-nzt
AcO1rzLugFXvaw8BAA==
last-modified
Wed, 10 Jul 2019 12:19:46 GMT
server
CDN77-Turbo
etag
"5d25d7e2-bbcb8"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=86400
expires
Thu, 15 Apr 2021 08:16:02 GMT
2655-13893-300x100.mp4
static.javhd.com/h5/files/video/ Frame A6B8
756 KB
757 KB
Media
General
Full URL
https://static.javhd.com/h5/files/video/2655-13893-300x100.mp4
Requested by
Host: static.javhd.com
URL: https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c38581db426248ec744bd61cf001acc11a2f02b57faa51983180f783eaa1a466

Request headers

Referer
https://static.javhd.com/h5/files/10333/300x100.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff6160b52-b513-4725-81e3-f0cc241f7150%3Fp%3DeyJiIjo0MDAsImJoIjoxMDAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMjkzfQ
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 May 2021 03:36:37 GMT
x-77-nzt-ray
GCLKygSbw0s=
x-77-cache
HIT
Content-Range
bytes 0-773960/773961
x-cache
HIT
x-age
61634
Content-Length
773961
x-77-nzt
AcO1rzLpx6fvwvAAAA==
last-modified
Tue, 22 Jan 2019 14:04:29 GMT
server
CDN77-Turbo
etag
"5c4722ed-bcf49"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=86400
expires
Thu, 15 Apr 2021 08:32:45 GMT
/
disqus.com/recommendations/ Frame 5C56
7 KB
4 KB
Document
General
Full URL
https://disqus.com/recommendations/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV
Requested by
Host: https-ggjav-com.disqus.com
URL: https://https-ggjav-com.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0132593baeb2900ea63cd6efbd6a755fb7ce39e33345fd294be8607fe1c2037
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ggjav.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ggjav.com/

Response headers

Connection
keep-alive
Content-Length
2855
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Mon, 01 Feb 2021 06:06:02 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Tue, 11 May 2021 03:36:38 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
v4
api.trwl1.com/t/rtb_event/ Frame ACA1
65 B
483 B
Script
General
Full URL
https://api.trwl1.com/t/rtb_event/v4?e_t=pageview&url=https%253A%252F%252Fr.trwl1.com%252Fs1%252F1c0daa29-0650-4d39-bb09-b4b0095d026b&ref=https%253A%252F%252Fggjav.com%252F&d_r=1&d_s=1600x1200&d_w=0x0&t_s=1620704197645&t_i=1620704197667&u_tz=2&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=23a109de-63aa-433d-aeeb-53a1bb34d463&nav_rc=0&nav_nt=NAVIGATE&t_op=0.256&p_nn=trwl-tds&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=2feec9809dae088899e73470ed9507e2&sid=bd357af24bbf51f9fa923b21ff3a7bbe&u_adb=0&vn=R-1.3.2&utm_typ=referral&utm_src=ggjav.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22impressionId%22%3A%2217570314-b20a-11eb-a5ae-2af328fa7f4c%22%2C%22spotId%22%3A%2220799%22%2C%22cd%22%3A24%2C%22dm%22%3A8%2C%22hc%22%3A12%2C%22sr%22%3A6871947674800%2C%22ss%22%3A1%2C%22ls%22%3A0%2C%22idb%22%3A1%2C%22ab%22%3A0%2C%22od%22%3A0%2C%22cc%22%3A%22NA%22%2C%22pl%22%3A%22Linux%20x86_64%22%2C%22dt%22%3A-1%2C%22ll%22%3A0%2C%22lr%22%3A0%2C%22lo%22%3A1%2C%22lb%22%3A0%2C%22ts%22%3A%22%5B0%2Cfalse%2Cfalse%5D%22%2C%22ed%22%3A0%2C%22fb%22%3A0%7D&cb=gl.cb.pv
Requested by
Host: api.trwl1.com
URL: https://api.trwl1.com/ascripts/gcrt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
ec48526f218f6fc98d989a511307c9c5184e92df90a37844424d21af3c5e5846

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:37 GMT
Server
nginx/1.20.0
Access-Control-Max-Age
864000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
65
v4
api.trwl1.com/t/rtb_event/ Frame CDCC
65 B
483 B
Script
General
Full URL
https://api.trwl1.com/t/rtb_event/v4?e_t=pageview&url=https%253A%252F%252Fr.trwl1.com%252Fs1%252F2f362848-e3fd-4ccd-b0aa-d0e79a024930&ref=https%253A%252F%252Fggjav.com%252F&d_r=1&d_s=1600x1200&d_w=300x250&t_s=1620704197645&t_i=1620704197669&u_tz=2&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=49d71cac-9476-4a69-8c25-a4cd72e806a5&nav_rc=0&nav_nt=NAVIGATE&t_op=0.508&p_nn=trwl-tds&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=2aae4905d1da4b56db3ff4ee82ed5e25&sid=bec218affc38d790e3f546c26605ebdc&u_adb=0&vn=R-1.3.2&utm_typ=referral&utm_src=ggjav.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22impressionId%22%3A%22175707a2-b20a-11eb-a9d2-36dc7009902d%22%2C%22spotId%22%3A%2220800%22%2C%22cd%22%3A24%2C%22dm%22%3A8%2C%22hc%22%3A12%2C%22sr%22%3A6871947674800%2C%22ss%22%3A1%2C%22ls%22%3A0%2C%22idb%22%3A1%2C%22ab%22%3A0%2C%22od%22%3A0%2C%22cc%22%3A%22NA%22%2C%22pl%22%3A%22Linux%20x86_64%22%2C%22dt%22%3A-1%2C%22ll%22%3A0%2C%22lr%22%3A0%2C%22lo%22%3A1%2C%22lb%22%3A0%2C%22ts%22%3A%22%5B0%2Cfalse%2Cfalse%5D%22%2C%22ed%22%3A0%2C%22fb%22%3A123643%7D&cb=gl.cb.pv
Requested by
Host: api.trwl1.com
URL: https://api.trwl1.com/ascripts/gcrt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
3795889ce01bf10b15eb2572caa534bce6c34f537895ead61623e095e4d2557b

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Server
nginx/1.20.0
Access-Control-Max-Age
864000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
65
v4
api.trwl1.com/t/rtb_event/ Frame 90E6
65 B
483 B
Script
General
Full URL
https://api.trwl1.com/t/rtb_event/v4?e_t=pageview&url=https%253A%252F%252Fr.trwl1.com%252Fs1%252F36ebe0b5-1868-4e89-9893-d8c9d11225c1&ref=https%253A%252F%252Fggjav.com%252F&d_r=1&d_s=1600x1200&d_w=300x250&t_s=1620704197646&t_i=1620704197673&u_tz=2&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=2b183dac-6386-4abb-a4a1-d1d9d19e80d8&nav_rc=0&nav_nt=NAVIGATE&t_op=0.567&p_nn=trwl-tds&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=1cc922991d61af779ae2281c371a5664&sid=22c3e75a1f7497ddbca32571067f1dbd&u_adb=0&vn=R-1.3.2&utm_typ=referral&utm_src=ggjav.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22impressionId%22%3A%221758a059-b20a-11eb-a9d2-36dc7009902d%22%2C%22spotId%22%3A%2222292%22%2C%22cd%22%3A24%2C%22dm%22%3A8%2C%22hc%22%3A12%2C%22sr%22%3A6871947674800%2C%22ss%22%3A1%2C%22ls%22%3A0%2C%22idb%22%3A1%2C%22ab%22%3A0%2C%22od%22%3A0%2C%22cc%22%3A%22NA%22%2C%22pl%22%3A%22Linux%20x86_64%22%2C%22dt%22%3A-1%2C%22ll%22%3A0%2C%22lr%22%3A0%2C%22lo%22%3A1%2C%22lb%22%3A0%2C%22ts%22%3A%22%5B0%2Cfalse%2Cfalse%5D%22%2C%22ed%22%3A0%2C%22fb%22%3A123643%7D&cb=gl.cb.pv
Requested by
Host: api.trwl1.com
URL: https://api.trwl1.com/ascripts/gcrt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
054fce521302834ec56be0881037e99c16379e3f5f64580eea4916f394cef496

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Server
nginx/1.20.0
Access-Control-Max-Age
864000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
65
jquery.tools.min.js
i.bongacash.com/dynamic_banner/ Frame 9901
135 KB
46 KB
Script
General
Full URL
https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
fra1-11058-4-22940-h-0-0---;11047-10-41428----0-0-0
expires
Sat, 14 Nov 2020 07:18:40 GMT
jquery.tools.min.js
i.bongacash.com/dynamic_banner/ Frame 6764
135 KB
46 KB
Script
General
Full URL
https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
fra1-11058-4-22895-h-0-0---;11047-10-41428----0-0-1
expires
Sat, 14 Nov 2020 07:18:40 GMT
jquery.tools.min.js
i.bongacash.com/dynamic_banner/ Frame EABD
135 KB
46 KB
Script
General
Full URL
https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
fra1-11058-4-22945-h-0-0---;11047-10-41428----0-0-1
expires
Sat, 14 Nov 2020 07:18:40 GMT
v4
api.trwl1.com/t/rtb_event/ Frame C039
65 B
483 B
Script
General
Full URL
https://api.trwl1.com/t/rtb_event/v4?e_t=pageview&url=https%253A%252F%252Fr.trwl1.com%252Fs1%252Fa1500a36-08ca-45aa-b149-35e6be36e59b&ref=https%253A%252F%252Fggjav.com%252F&d_r=1&d_s=1600x1200&d_w=0x0&t_s=1620704197664&t_i=1620704197708&u_tz=2&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=f3e0e5fd-4a53-4af7-8c00-fc207c8ce5cd&nav_rc=0&nav_nt=NAVIGATE&t_op=0.559&p_nn=trwl-tds&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=9c5e3a765e55d32d7e04f763058c0880&sid=19130898b458b6699de0907105b774d1&u_adb=0&vn=R-1.3.2&utm_typ=referral&utm_src=ggjav.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22impressionId%22%3A%22175cf5dd-b20a-11eb-a9d2-36dc7009902d%22%2C%22spotId%22%3A%2222293%22%2C%22cd%22%3A24%2C%22dm%22%3A8%2C%22hc%22%3A12%2C%22sr%22%3A6871947674800%2C%22ss%22%3A1%2C%22ls%22%3A0%2C%22idb%22%3A1%2C%22ab%22%3A0%2C%22od%22%3A0%2C%22cc%22%3A%22NA%22%2C%22pl%22%3A%22Linux%20x86_64%22%2C%22dt%22%3A-1%2C%22ll%22%3A0%2C%22lr%22%3A0%2C%22lo%22%3A1%2C%22lb%22%3A0%2C%22ts%22%3A%22%5B0%2Cfalse%2Cfalse%5D%22%2C%22ed%22%3A0%2C%22fb%22%3A0%7D&cb=gl.cb.pv
Requested by
Host: api.trwl1.com
URL: https://api.trwl1.com/ascripts/gcrt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.24.176 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
5c1f23c4a402d7658c49c051d0707a35d4e241efd67a2f69236d8ead8dd488d7

Request headers

Referer
https://r.trwl1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
Server
nginx/1.20.0
Access-Control-Max-Age
864000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
65
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame 9901
44 B
268 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-6-24715-h-0-0---;11047-10-41428----0-1-0
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:40 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 9901
542 B
767 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-7-24931-h-0-0---;11047-11-41428----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:18:41 GMT
slovenian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 9901
347 B
572 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/slovenian.png
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
66fb6e64a8ecace8145412164afd42498d5aa878fd08fce0e1cf5bc08c0a9846

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11053-1-24589-h-0-0---;11047-11-41428----0-1-0
accept-ranges
bytes
content-length
347
expires
Sat, 14 Nov 2020 20:00:10 GMT
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame 6764
44 B
268 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-6-24805-h-0-0---;11047-10-41428----0-0-1
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:40 GMT
spanish.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 6764
414 B
639 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/spanish.png
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
29e25b67618ca08ad79a1d9e1ee3472a09ac377541da2783087f698a6d099c35

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11022-1-18944-h-0-0---;11047-10-41428----0-0-1
accept-ranges
bytes
content-length
414
expires
Sat, 14 Nov 2020 07:18:41 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 6764
542 B
767 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-7-24904-h-0-0---;11047-11-41428----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:18:41 GMT
logo2_default.png
i.bongacash.com/dynamic_banner/images/ Frame EABD
4 KB
4 KB
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/logo2_default.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11059-1-39057-h-0-0---;11047-10-41428----0-1-0
accept-ranges
bytes
content-length
3813
expires
Wed, 27 Jan 2021 08:42:04 GMT
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame EABD
44 B
268 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-6-24805-h-0-0---;11047-10-41428----0-0-0
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:40 GMT
russian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame EABD
287 B
512 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/russian.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11051-3-13125-h-0-0---;11047-10-41428----0-0-0
accept-ranges
bytes
content-length
287
expires
Sat, 14 Nov 2020 07:18:42 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame EABD
542 B
767 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-7-24913-h-0-0---;11047-10-41428----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:18:41 GMT
lounge.load.dfaa05f4d3af8a4fe09cfd70007bc5b2.js
c.disquscdn.com/next/embed/ Frame F010
1 KB
1 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.load.dfaa05f4d3af8a4fe09cfd70007bc5b2.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
08b05aa1232219b6c9a71eb156f0853da0ed1a63adcf147f3d9e71e8b0574e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1146168
x-cache
Hit from cloudfront
content-length
532
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:55 GMT
server
nginx
etag
"60887bc3-214"
content-type
application/javascript; charset=utf-8
via
1.1 421d6f0c8b018cdf0b78f7d15df10d0c.cloudfront.net (CloudFront)
expires
Wed, 27 Apr 2022 21:13:50 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
akgC1CCo-0czojIyAlwDr8kJG5p4G54fCAzVUNVg72uGh7YVN1WQiQ==
x-cache-hits
0
recommendations.load.07054adb31d4f6133c2fb097add414fd.js
c.disquscdn.com/next/recommendations/ Frame 5C56
923 B
1019 B
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.07054adb31d4f6133c2fb097add414fd.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
eef38d6cfe80ac20855dcd98162da1541701141843f5ca41834448b259c6c1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 04:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1291448
x-cache
Hit from cloudfront
content-length
447
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 22 Apr 2021 19:20:03 GMT
server
nginx
etag
"6081cc63-1bf"
content-type
application/javascript; charset=utf-8
via
1.1 421d6f0c8b018cdf0b78f7d15df10d0c.cloudfront.net (CloudFront)
expires
Tue, 26 Apr 2022 04:52:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
RPugCmO0a37f8RVemNojcNRbLN6u2mLxuv76N2KSlBbDoW3AyWj2ww==
x-cache-hits
0
20210415_porn87_CQ_(300x250)_TC_A.gif
cdn.ggsfq.com/creative/ Frame 49FC
674 KB
675 KB
Image
General
Full URL
https://cdn.ggsfq.com/creative/20210415_porn87_CQ_(300x250)_TC_A.gif
Requested by
Host: adserve.work
URL: https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
12bfc58ca13eec65043bb19ab01a3586becb55fa9d4d234ea2d3d1aaa970bd87

Request headers

Referer
https://adserve.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Thu, 15 Apr 2021 04:00:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
mcrTblbb3hROfq1KhqsO1Q==
etag
0x8D8FFC3131364D6
x-azure-ref
0xvuZYAAAAAD7m8vaRdWzRpFfaDbFhA+FRlJBRURHRTEwMjIAYzllZWZhMWMtNzcwMy00NDc3LWFjYWQtMmM3OTZmM2EzZmUz
x-cache
TCP_HIT
content-type
image/gif
x-ms-request-id
0acdc3d0-e01e-0025-1ef9-458bf5000000
x-ms-version
2009-09-19
x-azure-ref-originshield
09uaZYAAAAABvhASrDyT0S43B9i/J7GIyTE9OMjFFREdFMDIxMABjOWVlZmExYy03NzAzLTQ0NzctYWNhZC0yYzc5NmYzYTNmZTM=
content-length
690318
lg.php
adserve.work/www/serve/ Frame 49FC
43 B
727 B
Image
General
Full URL
https://adserve.work/www/serve/lg.php?bannerid=552&campaignid=2&zoneid=23&loc=https%3A%2F%2Fggjav.com%2F&cb=9f2f8692e8
Requested by
Host: adserve.work
URL: https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:dea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.11
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09fb1896d40000e007753d7000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Xk%2BsWODPYm%2BVrrljV%2F2S93LdcUrPQRClcZ3%2BWsykdiHNaZH2zaXn81ATQclDfUXyf5F%2FHnLsxz5qof8h4da3CoC6xuU%2FfAxaiIckwdaV7llsDbdNpa61ME%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
64d85d37bda5e007-FRA
expires
0
20210415_porn87_QT_300x100_TC_gif.gif
cdn.ggsfq.com/creative/ Frame E499
186 KB
187 KB
Image
General
Full URL
https://cdn.ggsfq.com/creative/20210415_porn87_QT_300x100_TC_gif.gif
Requested by
Host: adserve.work
URL: https://adserve.work/www/serve/afr.php?zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
411283fd743aa4e9ee7501285d2db387001d5121b1f23aac7943cc98facab348

Request headers

Referer
https://adserve.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Thu, 15 Apr 2021 04:00:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
cmENYy1839QhWHQMKIkqBA==
etag
0x8D8FFC3131C671E
x-azure-ref
0xvuZYAAAAAC3IJDtdBOlQKUcgiLhOP+fRlJBRURHRTEwMjIAYzllZWZhMWMtNzcwMy00NDc3LWFjYWQtMmM3OTZmM2EzZmUz
x-cache
TCP_HIT
content-type
image/gif
x-ms-request-id
da0418eb-e01e-000c-68b8-45fdb7000000
x-ms-version
2009-09-19
x-azure-ref-originshield
0+5aZYAAAAABw6eyTI7OqTbBEr7cp2gu/TE9OMjFFREdFMDExMABjOWVlZmExYy03NzAzLTQ0NzctYWNhZC0yYzc5NmYzYTNmZTM=
content-length
190739
lg.php
adserve.work/www/serve/ Frame E499
43 B
757 B
Image
General
Full URL
https://adserve.work/www/serve/lg.php?bannerid=559&campaignid=2&zoneid=22&loc=https%3A%2F%2Fggjav.com%2F&cb=40674cc789
Requested by
Host: adserve.work
URL: https://adserve.work/www/serve/afr.php?zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:dea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://adserve.work/www/serve/afr.php?zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.11
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09fb1896d30000e0077c320000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fmuQas6KTlwFr0mPWo0Y46hTbgVydGjQAxO14RGV90D52QgOA5I31o19kJOVU%2FpdhA49dOOmoqiuTi3IkFjcq%2Bvx4IdDqrrpI57zwrXPG2CtMVyzh5siiRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
64d85d37bda4e007-FRA
expires
0
20210415_porn87_KOW_(300x250)_TC_A.gif
cdn.ggsfq.com/creative/ Frame 3236
2 MB
2 MB
Image
General
Full URL
https://cdn.ggsfq.com/creative/20210415_porn87_KOW_(300x250)_TC_A.gif
Requested by
Host: adserve.work
URL: https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b61c4c615dd1f72a1e0befe9dd4f21220572eea4a2edb238a813c1460c3c27cc

Request headers

Referer
https://adserve.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Thu, 15 Apr 2021 04:00:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
iQLl4mVNGr1SBLEg53AX9g==
etag
0x8D8FFC3130902B7
x-azure-ref
0xvuZYAAAAABiKsi+vVrfSZG8RDw6qOeqRlJBRURHRTEwMjIAYzllZWZhMWMtNzcwMy00NDc3LWFjYWQtMmM3OTZmM2EzZmUz
x-cache
TCP_HIT
content-type
image/gif
x-ms-request-id
dc1262cb-501e-0015-0cf1-45d1df000000
x-ms-version
2009-09-19
x-azure-ref-originshield
0kdSZYAAAAACmzVIq7LA0S6fZiy2L/7KdTE9OMjFFREdFMDExMQBjOWVlZmExYy03NzAzLTQ0NzctYWNhZC0yYzc5NmYzYTNmZTM=
content-length
1869866
lg.php
adserve.work/www/serve/ Frame 3236
43 B
725 B
Image
General
Full URL
https://adserve.work/www/serve/lg.php?bannerid=555&campaignid=2&zoneid=23&loc=https%3A%2F%2Fggjav.com%2F&cb=d15e4e56a0
Requested by
Host: adserve.work
URL: https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:dea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://adserve.work/www/serve/afr.php?zoneid=23&cb=INSERT_RANDOM_NUMBER_HERE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.11
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09fb1896d40000e00785b73000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Sm4Sx8bKRU3fp09uLhrZaPKui1kMnV48G3KNbZ1TV7lB8TilCCjRHw4bI%2BAYtW%2F8qfVx720%2BxgZQSF2mJyD4yd%2FY7OM1q5a8bIzgar0GiGkQ0nNqw1Mkik%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
64d85d37bda6e007-FRA
expires
0
common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/ Frame F010
282 KB
93 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.dfaa05f4d3af8a4fe09cfd70007bc5b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 10:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578405
x-cache
Hit from cloudfront
content-length
94786
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-17242"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Wed, 04 May 2022 10:56:33 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
66zgSsb1xNJJ2HQ8OIabR6BVN-WR8u750qwpsHVvmhst_w0D6PL_Fw==
x-cache-hits
0
common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
c.disquscdn.com/next/recommendations/ Frame 5C56
262 KB
87 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.07054adb31d4f6133c2fb097add414fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ffa907d826f82968612e5a325704a5cc38330a791049b23da9725a6609e22538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441242
x-cache
Hit from cloudfront
content-length
88873
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-15b29"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 01:02:35 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
Jcp5DJ_LVOnFAEOh4JmD_PfrApvhAg7eVStUNVXCfFtiN1AkIUm_LQ==
x-cache-hits
0
lounge.305cef62f65d619287ed5bfd8a11158b.css
c.disquscdn.com/next/embed/styles/ Frame F010
129 KB
23 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a7d14b983e535139708c6526fcd9c46fb986f2a9e77fba33da4b811bab6dac9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 08:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932014
x-cache
Hit from cloudfront
content-length
23152
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-5a70"
content-type
text/css; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Sat, 30 Apr 2022 08:43:04 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
sQBwrwt-PUNZmOjjuEOoTnycEuTL78KZ8nrd0RN0-erNjglLQW_Bxg==
x-cache-hits
0
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 5C56
17 KB
4 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408323
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 10:11:15 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
8i-HjDMzvPGuVamOZJb_yXWyXosMq45DKDmv1bLFWBP4FwCUMorGBw==
x-cache-hits
0
73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
i.bimbolive.com/06b/314/1ea/ Frame 9901
8 KB
9 KB
Image
General
Full URL
https://i.bimbolive.com/06b/314/1ea/73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
08a3af3be0eeba07e484dbe0ae8d96accb95a3d9aad485af1be0bdcdceb7ae18

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
HIT
age
1542641
x-o1-p6
MISS
content-length
8487
cf-request-id
09fb18978b00000863b51a7000000001
last-modified
Sat, 10 Apr 2021 04:17:45 GMT
server
cloudflare
etag
"607126e9-2127"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 17 May 2021 15:49:26 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85d38da870863-CDG
cf-bgj
h2pri
2f9981547561d7b6b720c8bf5eafeafa_thumb_medium.jpg
i.bimbolive.com/043/1ba/01f/ Frame 6764
7 KB
7 KB
Image
General
Full URL
https://i.bimbolive.com/043/1ba/01f/2f9981547561d7b6b720c8bf5eafeafa_thumb_medium.jpg
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
128d994121e2dbbfd0348c267ae886d7fb6c097c3ace14847e9c71e515922a18

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
HIT
age
1473253
content-length
6735
cf-request-id
09fb18978b00000863d918e000000001
access-control-allow-origin
*
last-modified
Mon, 14 Jan 2019 05:13:08 GMT
server
cloudflare
etag
"5c3c1a64-1a4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
EXPIRED
expires
Sun, 23 May 2021 02:51:50 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85d38da880863-CDG
cf-bgj
h2pri
lounge.bundle.daad0ef0a39804d0796d79f216ca4d2e.js
c.disquscdn.com/next/embed/ Frame F010
456 KB
116 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.daad0ef0a39804d0796d79f216ca4d2e.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a163fb094ea045758fdb0d81a16a8e8265adb94dcfc945e4235942250ab2e2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1146168
x-cache
Hit from cloudfront
content-length
117909
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-1cc95"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Wed, 27 Apr 2022 21:13:50 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
DH14bCNehC6VB1g_qMVLgmUXCtBPRDi555GDhZ9HXwdL7-MA5LFsdw==
x-cache-hits
0
config.js
disqus.com/next/ Frame F010
11 KB
12 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0627e883f59b06ada61af684c0636818d0e01f4c3fed677f83f974196b8316f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
43
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
11688
X-XSS-Protection
1; mode=block
stream_VivienXx.webm
db.bngpt.com/ Frame 9901
140 KB
140 KB
Media
General
Full URL
https://db.bngpt.com/stream_VivienXx.webm
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqLbJ57aXUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3872284&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
5af61d64e4852893e689b792c6a14a63cb67302e0d1883a6164173612e028b12

Request headers

Referer
https://promo-bc.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Sun, 09 May 2021 20:55:26 GMT
etag
"60984c3e-22f85"
content-type
video/webm
Content-Range
bytes 0-143236/143237
cache-control
max-age=43200
x-cdn-diag
fra1-11037-1-2229-h-0-0---;11015-10-46267----0-0-1
Content-Length
143237
expires
Mon, 10 May 2021 19:20:56 GMT
recommendations.bundle.4214219f8f12995fa46e1e83745b2a0e.js
c.disquscdn.com/next/recommendations/ Frame 5C56
64 KB
20 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.4214219f8f12995fa46e1e83745b2a0e.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
812c197974a5fe7adbf3dff287286efc9918e3ce9545d57fbc6a34c298fb260e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388064
x-cache
Hit from cloudfront
content-length
19898
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-4dba"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 15:48:54 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
m1oA2koDEejCNbQu9UnWpvdnmx-q-nvtyP35LwvBxFlRfjv0monBhw==
x-cache-hits
0
config.js
disqus.com/next/ Frame 5C56
11 KB
12 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0627e883f59b06ada61af684c0636818d0e01f4c3fed677f83f974196b8316f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/recommendations/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
43
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
11688
X-XSS-Protection
1; mode=block
stream_anahis-hall.webm
db.bngpt.com/ Frame 6764
160 KB
160 KB
Media
General
Full URL
https://db.bngpt.com/stream_anahis-hall.webm
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbrLnUy22V2VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOl02qtm041ntnlqu4qls2o0213pu2oo04dK7nnzNEeof3TVyyqmnllc6V0rpXW3OldK4Ps-&subid2=3378979&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
77d9d1038f86fd907c344236096b24dd2c2b8742993268636773eed6952c4ee9

Request headers

Referer
https://promo-bc.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Sat, 08 May 2021 03:38:55 GMT
etag
"609607cf-27e3f"
content-type
video/webm
Content-Range
bytes 0-163390/163391
cache-control
max-age=43200
x-cdn-diag
fra1-11015-2-44956-h-0-0---;11015-10-46267----0-0-0
Content-Length
163391
expires
Sun, 09 May 2021 00:01:38 GMT
686b3dcaff4df6d75b068189f5de79f0_thumb_medium.jpg
i.bimbolive.com/040/28f/371/ Frame EABD
13 KB
14 KB
Image
General
Full URL
https://i.bimbolive.com/040/28f/371/686b3dcaff4df6d75b068189f5de79f0_thumb_medium.jpg
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
a711611983c8d478d3d583a4e4e11a79dc80235497779e2a527d8994cdf83a44

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
HIT
age
1550454
content-length
13793
cf-request-id
09fb18978b00000863749c8000000001
access-control-allow-origin
*
last-modified
Thu, 25 Jul 2019 05:20:14 GMT
server
cloudflare
etag
"5d393c0e-35e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
EXPIRED
expires
Mon, 10 May 2021 23:16:08 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85d38da890863-CDG
cf-bgj
h2pri
stream_Miranda8888.webm
db.bngpt.com/ Frame EABD
123 KB
123 KB
Media
General
Full URL
https://db.bngpt.com/stream_Miranda8888.webm
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHNbHNNS7gmbqKLLbq6nUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnUSzT22UunuttqlsdK6V07p3SuldM6V0rpnOdK5znSuldK6250rpXB9g--&subid2=3378965&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
6206bc1a6e1bc33b17979ca1912ce0315570a86afefd90610b33ded8a92c3b86

Request headers

Referer
https://bngpt.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
last-modified
Mon, 10 May 2021 03:51:17 GMT
etag
"6098adb5-1eb7f"
content-type
video/webm
Content-Range
bytes 0-125822/125823
cache-control
max-age=43200
x-cdn-diag
fra1-11015-2-44946-h-0-0---;11015-10-46267----0-0-0
Content-Length
125823
expires
Tue, 11 May 2021 01:30:26 GMT
details
disqus.com/api/3.0/forums/ Frame F010
5 KB
5 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=https-ggjav-com&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d224be00dfdfb967d6d890d13f601ffba7ce3f407a543afa99841a7e4a0e32ab
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
4693
X-XSS-Protection
1; mode=block
details
disqus.com/api/3.0/forums/ Frame 5C56
5 KB
5 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=https-ggjav-com&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d224be00dfdfb967d6d890d13f601ffba7ce3f407a543afa99841a7e4a0e32ab
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
4693
X-XSS-Protection
1; mode=block
loadReactions
disqus.com/api/3.0/threadReactions/ Frame F010
1 KB
2 KB
XHR
General
Full URL
https://disqus.com/api/3.0/threadReactions/loadReactions?thread=7804205457&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e16d160dccee17c3b87ee91e3c61cfe5ea11f39c31dbde5121c12e246522f38
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=30, max-age=60
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
1337
X-XSS-Protection
1; mode=block
/
tempest.services.disqus.com/ads-iframe/survey/ Frame E1A2
14 KB
6 KB
Document
General
Full URL
https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=https-ggjav-com&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231779ba&colorScheme=light&sourceUrl=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&typeface=sans-serif&disqus_version=7a78382
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
72692907a301bbace965f73d7ae13615dfa94b8150d8e0cc8abbe646b4ed012d

Request headers

Host
tempest.services.disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
disqus_unique=jhpmvi19b3ssk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default

Response headers

Connection
keep-alive
Content-Length
5390
Server
openresty
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Service
router
Content-Encoding
gzip
Date
Tue, 11 May 2021 03:36:38 GMT
Age
0
Vary
Accept-Encoding,
avatar92.jpg
c.disquscdn.com/uploads/forums/595/3683/ Frame F010
3 KB
4 KB
Image
General
Full URL
https://c.disquscdn.com/uploads/forums/595/3683/avatar92.jpg?1577613476
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c0b2cd1f15498f6bab981a1972d77b49dabbb294123974b8b47e0243502cd373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 16:07:28 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
41350
x-cache
Hit from cloudfront
content-length
3458
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Sun, 29 Dec 2019 09:57:57 GMT
server
nginx
etag
"dff3881732765925d75349447b333aa2"
content-type
image/jpeg
expires
Tue, 10 May 2022 16:07:28 GMT
cache-control
max-age=31536000, public, immutable
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
Ojw8WX3D1jrVxL1szyQGdBpmIM6fRHv5VpW1bJBn0BRwdSD1GzBhlw==
x-cache-hits
0
truncated
/ Frame F010
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ Frame F010
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=jjktv21qrq81q&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=https-ggjav-com&zone=thread&page_url=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&page_referrer=https%3A%2F%2Fggjav.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=5953683
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F010
13 KB
13 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1083537
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ZB-SJ5TmEwprmdKIzliqYZuhwdnSrM9fSiQAcSfF-eCvmLc-E2qNDw==
x-cache-hits
0
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame F010
3 KB
3 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 04:58:07 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
8375911
x-cache
Hit from cloudfront
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 27 Jan 2021 17:23:07 GMT
server
nginx
etag
"6011a17b-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 03 Feb 2022 04:58:07 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ls4Kj0B6w-09YE-OR1LOMJr6Se0Od3QnLgbRd0sSHtW-ftxzMYbbog==
x-cache-hits
0
sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame F010
2 KB
2 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 06:58:50 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1283868
x-cache
Hit from cloudfront
content-length
1862
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 22 Apr 2021 19:20:03 GMT
server
nginx
etag
"6081cc63-746"
content-type
image/png
access-control-allow-origin
*
expires
Tue, 26 Apr 2022 06:58:50 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
eV6k4WAt32vhu_yM0mr_4ZFdYfOrUZ8lAR-9YSyM4Xg8OQJjEgPRmA==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame F010
8 KB
8 KB
Font
General
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 09:01:33 GMT
via
1.1 421d6f0c8b018cdf0b78f7d15df10d0c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
585304
x-cache
Hit from cloudfront
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 04 May 2022 09:01:33 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mNXM_1_nvok2o4j3Eodz43eW-Q2jrJnsmU_bl_cd_pEkfk5I5ClMSw==
x-cache-hits
0
truncated
/ Frame 9901
21 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6764
21 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EABD
21 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 5C56
12 KB
12 KB
XHR
General
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=https-ggjav-com&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
875ae4c41bda4e97bf13d5786be1762d74db5a969aef0e582b3c2292226c0ce3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
299
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Connection
keep-alive
Content-Type
application/json
Vary
Origin
Content-Length
11800
X-XSS-Protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ Frame F010
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e9f05236ba201e80f46ec9ca2bf71abbf755efcd798a72d7e88af08780fe54b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
J2lrVodkZpwunYwbTYGtcg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
SgMi0qcxVA8iThTJDJXYsLN7VdrH1NYoQJ2G+/IiJdV9Ae3xWx5sHH85ld7gNY3eRZJZyxvfyJJzP8H95e0CBA==
x-fb-trip-id
686109401
x-fb-content-md5
5c612149365afdb7625dd9030a22e68b
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 11 May 2021 03:36:38 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3c0970116e7e414c76e01fb63a20c9f6"
timing-allow-origin
*
expires
Tue, 11 May 2021 03:54:01 GMT
api.js
apis.google.com/js/ Frame F010
12 KB
5 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7ae12d06801f349cd30e7388bf801926c741a34c5c4c5e287fa1e3346e11613
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iPp5Utgq9hQ2IamgZXq2Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"cd5b87ba7f95c068005645409cce8845"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-iPp5Utgq9hQ2IamgZXq2Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 11 May 2021 03:36:38 GMT
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F010
13 KB
13 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1083537
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
D_lAs4JvtlY4KawemyYmhaxCY9A86JSVi-nQIxaUuWDmsuKTMM-3mw==
x-cache-hits
0
73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
i.bimbolive.com/06b/314/1ea/ Frame 9901
8 KB
8 KB
Image
General
Full URL
https://i.bimbolive.com/06b/314/1ea/73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
08a3af3be0eeba07e484dbe0ae8d96accb95a3d9aad485af1be0bdcdceb7ae18

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
HIT
age
1542641
x-o1-p6
MISS
content-length
8487
cf-request-id
09fb18987f0000086399bd1000000001
last-modified
Sat, 10 Apr 2021 04:17:45 GMT
server
cloudflare
etag
"607126e9-2127"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 17 May 2021 15:49:26 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85d3a6c070863-CDG
cf-bgj
h2pri
sdk.js
connect.facebook.net/en_US/ Frame F010
213 KB
63 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=19597dba96d62c98b0739514cdeae1c6&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
80dbb49bf1f91d3693dbd8369cabdc3067878f4baed23789205b30714b33594c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MySAZ0D32F/2+hnvrObU3w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
64513
x-fb-rlafr
0
x-fb-debug
dsaFNn7S8xiuIc9hcjUtNE8V2Hv/13gZ8YRb+1Zd4QJj9DZIuhB64HsKzso6jxSnGzEq2gUGJnig7nkuo+DeAA==
x-fb-content-md5
ba4cd46cc4047ba4d2ed6dcdade3d657
x-frame-options
DENY
date
Tue, 11 May 2021 03:36:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"99707fc5c9bb8dd78c9b534f904a8fe7"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 May 2022 02:32:16 GMT
upvote-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame F010
8 KB
9 KB
Image
General
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f8afec44114c09f3e520fd8c89a7e00386e99bc567ccbbf16f23771b75b58a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:31:50 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
288
x-cache
Hit from cloudfront
content-length
8212
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-2014"
content-type
image/png
access-control-allow-origin
*
expires
Tue, 11 May 2021 03:36:45 GMT
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
H3I4590lQnwZuCroMWJ_iuckxWPT2snkcVTj0CJ1eiQhNu4WiOgznw==
x-cache-hits
0
funny-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame F010
9 KB
9 KB
Image
General
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:35:14 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
84
x-cache
Hit from cloudfront
content-length
8883
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-22b3"
content-type
image/png
access-control-allow-origin
*
expires
Tue, 11 May 2021 03:40:14 GMT
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
86Gc4yPG3vAgj4Pd45qGJLt3CQchRqPLN8AaswgYlKp_Fh4U9Y5R8w==
x-cache-hits
0
love-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame F010
12 KB
12 KB
Image
General
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:35:08 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
93
x-cache
Hit from cloudfront
content-length
11910
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-2e86"
content-type
image/png
access-control-allow-origin
*
expires
Tue, 11 May 2021 03:40:05 GMT
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
a4eWIQC2QxU4BRDiLOYKFTAQtuPOSnKRi1HeQO4Q5rAvf6whxJZe6w==
x-cache-hits
0
surprised-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame F010
7 KB
8 KB
Image
General
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:05 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
33
x-cache
Hit from cloudfront
content-length
7308
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-1c8c"
content-type
image/png
access-control-allow-origin
*
expires
Tue, 11 May 2021 03:41:05 GMT
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6Gif2bdCNsuo5sWB6xI7yk8roug5TjJL6FPkTfk3-z0oWT1gBIH3Pg==
x-cache-hits
0
angry-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame F010
17 KB
18 KB
Image
General
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8630d3642f52a29b6198da00f23f7bd2481ad1cc19becfcf441a6c4ffe4ae099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:36 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2
x-cache
Hit from cloudfront
content-length
17794
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-4582"
content-type
image/png
access-control-allow-origin
*
expires
Tue, 11 May 2021 03:41:36 GMT
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0bBIFfq1rSds1-GicK7fRn4STKiSCv1qkC96Ri38UwmpqKYQdAT8Ow==
x-cache-hits
0
sad-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame F010
9 KB
9 KB
Image
General
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:35:53 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
48
x-cache
Hit from cloudfront
content-length
8986
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-231a"
content-type
image/png
access-control-allow-origin
*
expires
Tue, 11 May 2021 03:40:50 GMT
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Dbbb_-CW_qjNeJjeI4AeY8jsGwAM1msVcsf5DaZn7ZTQJAsQ92AKSA==
x-cache-hits
0
get
c.disquscdn.com/ Frame 5C56
22 KB
22 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn-1.ggjav.com%2Fmedia%2Fvideo%2Flarge_155165.jpg&key=vMgFSy-frjcMh92vYmqsSQ&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fa7bcc52b2a7d416a3cb4a5ada91a3a2d74c23d297065627b2fe55e11593057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 16:09:16 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
41241
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
22553
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
f0sveJ3F1S5abxQsWgWg6NT4ErAhbjuK58MKNjfHS-ZOF9LtTAPldw==
expires
Wed, 09 Jun 2021 16:09:16 GMT
get
c.disquscdn.com/ Frame 5C56
22 KB
22 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn-1.ggjav.com%2Fmedia%2Fvideo%2Flarge_140772.jpg&key=OUuLaSSCoHsuwlDxuxJk2A&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ac1ce3936dc0db95cc30bc05a9d299cb14fb4f01577c803c1155f829650cfd10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 19:17:16 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
289162
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
22180
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
_gf5uD2t3wrlv8E2jJsTcOvCqo6Z2cI9TmfclBDZPFccMm3e8srAjg==
expires
Sun, 06 Jun 2021 19:17:16 GMT
get
c.disquscdn.com/ Frame 5C56
21 KB
21 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn-1.ggjav.com%2Fmedia%2Fvideo%2Flarge_112690.jpg&key=1-QzhNwBqniXf0PEkrVAhQ&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d31e1e555b4245aa1797e9355e2ed5fcdde6cd20388a741d30b2b16bee0daed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 16:09:20 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
41238
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
21343
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
j3ahvrEZ50ubhqPoD22Pd4kBX2ELdc9fvdqfe57gFAbvsREcQS1MxQ==
expires
Wed, 09 Jun 2021 16:09:20 GMT
get
c.disquscdn.com/ Frame 5C56
24 KB
25 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn-1.ggjav.com%2Fmedia%2Fvideo%2Flarge_112119.jpg&key=udPt5Ii6vrNgoL6kGdUoNQ&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e9fa0435f37a7be6816e46f72df0e53895b22b677416874f7069eba9450a4b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 16:31:15 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
39923
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
25036
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
xV89k8LRBqi2FoN10qpPXwkv0sBrh9FwVaSYhJhHMcBPFPM8BA3AFw==
expires
Wed, 09 Jun 2021 16:31:15 GMT
get
c.disquscdn.com/ Frame 5C56
22 KB
23 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn-1.ggjav.com%2Fmedia%2Fvideo%2Flarge_114691.jpg&key=WxoZ0DJAq71nVzYt726aRw&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
521780ae3ad639fc939b9d3d0cdc68de4b7992cc6b868a9e22a9c98f067fc8b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 14:36:42 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
46796
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
22650
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
KY23kC67l1sqHnx4T8GgZSJeqVOM7EoZC8GbvpoTC7krcLjvx4R0BA==
expires
Wed, 09 Jun 2021 14:36:42 GMT
get
c.disquscdn.com/ Frame 5C56
20 KB
21 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn-1.ggjav.com%2Fmedia%2Fvideo%2Flarge_140777.jpg&key=OcFIMy_JNvi0dCpdpbt78w&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44a81200a2c4a60f0937e41c97d9373d6a34f0fed4d68131edf0d71f89c2b949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 16:31:14 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
39923
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
20572
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
4oHzBxMo3sUzo7xyrjAKIbccy2GLVOQyVDKiK9DXlOUcOJCQu9OIwA==
expires
Wed, 09 Jun 2021 16:31:14 GMT
get
c.disquscdn.com/ Frame 5C56
20 KB
21 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn-1.ggjav.com%2Fmedia%2Fvideo%2Flarge_140775.jpg&key=m4-nYkoUy3pYnODAYjaqxA&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
45f6a7f7936e4c1073ab4b14a52808a8dfac8e1c75321fc8724223a340a1c2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 14:34:08 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
46950
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
20678
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
xMuFiOl9SUMT-rjixnAW_qq1n62AL8A11tQfFiksa4GWUWpGYOuCxg==
expires
Wed, 09 Jun 2021 14:34:08 GMT
get
c.disquscdn.com/ Frame 5C56
7 KB
7 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fggjav.com%2Fresources%2Ficons%2Fface_recognition.jpg&key=oEHb574QSmZ0oQseo1YN-w&h=200
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6c6dadd061c642ea74655d2b77471afb78f91eea134644763c4f14f448e3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 14:34:19 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
46939
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
7165
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
wCrP-PXog4EG72-9gDUwCRjKPCv5DD8uUIEKioE17raQdfCPaDI5Hw==
expires
Wed, 09 Jun 2021 14:34:19 GMT
686b3dcaff4df6d75b068189f5de79f0_thumb_medium.jpg
i.bimbolive.com/040/28f/371/ Frame EABD
13 KB
14 KB
Image
General
Full URL
https://i.bimbolive.com/040/28f/371/686b3dcaff4df6d75b068189f5de79f0_thumb_medium.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
a711611983c8d478d3d583a4e4e11a79dc80235497779e2a527d8994cdf83a44

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
HIT
age
1550454
content-length
13793
cf-request-id
09fb1898ba00000863c9b72000000001
access-control-allow-origin
*
last-modified
Thu, 25 Jul 2019 05:20:14 GMT
server
cloudflare
etag
"5d393c0e-35e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
EXPIRED
expires
Mon, 10 May 2021 23:16:08 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85d3acc630863-CDG
cf-bgj
h2pri
2f9981547561d7b6b720c8bf5eafeafa_thumb_medium.jpg
i.bimbolive.com/043/1ba/01f/ Frame 6764
7 KB
7 KB
Image
General
Full URL
https://i.bimbolive.com/043/1ba/01f/2f9981547561d7b6b720c8bf5eafeafa_thumb_medium.jpg
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
128d994121e2dbbfd0348c267ae886d7fb6c097c3ace14847e9c71e515922a18

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:38 GMT
cf-cache-status
HIT
age
1473253
content-length
6735
cf-request-id
09fb1898bb0000086389a32000000001
access-control-allow-origin
*
last-modified
Mon, 14 Jan 2019 05:13:08 GMT
server
cloudflare
etag
"5c3c1a64-1a4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
EXPIRED
expires
Sun, 23 May 2021 02:51:50 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85d3acc650863-CDG
cf-bgj
h2pri
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ Frame F010
103 KB
34 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f97c4a1e81f37dff31489b1920a0517aa63fb260f5d1f6fc4353a84b45eb585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 12:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 17:53:46 GMT
server
sffe
age
313581
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34956
x-xss-protection
0
expires
Sat, 07 May 2022 12:30:17 GMT
status
www.facebook.com/x/oauth/ Frame F010
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fggjav.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dhttps-ggjav-com%26t_u%3Dhttps%253A%252F%252Fggjav.com%252Fmain%252Fvideo%253Fid%253D25828%26t_d%3DS-Cute%2520552_maina_02%2520Maina%2520%25232%2520%25E6%2581%25A5%25E3%2581%2598%25E3%2582%2589%25E3%2581%2584%25E3%2581%25AA%25E3%2581%258C%25E3%2582%2589%25E3%2582%2582%25E6%25B1%2582%25E3%2582%2581%25E3%2581%25A6%25E3%2581%258F%25E3%2582%258C%25E3%2582%258B%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9%2520-%2520GGJAV%2520%257C%2520%25E6%259C%2580%25E9%25BD%258A%25E5%2585%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B2%25BB%25E7%25B7%259A%25E4%25B8%258AAV%25EF%25BC%258C%25E7%25B7%259A%25E4%25B8%258AA%25E7%2589%2587%25EF%25BC%258C%25E9%25AB%2598%25E6%25B8%2585%25E6%2597%25A5%25E6%259C%25ACAV%25EF%25BC%258C%25E7%25B7%259A%25E4%25B8%258A%25E6%2588%2590%25E4%25BA%25BA%25E5%25BD%25B1%25E7%2589%2587%25EF%25BC%258CJAV%26t_t%3DS-Cute%2520552_maina_02%2520Maina%2520%25232%2520%25E6%2581%25A5%25E3%2581%2598%25E3%2582%2589%25E3%2581%2584%25E3%2581%25AA%25E3%2581%258C%25E3%2582%2589%25E3%2582%2582%25E6%25B1%2582%25E3%2582%2581%25E3%2581%25A6%25E3%2581%258F%25E3%2582%258C%25E3%2582%258B%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9%2520-%2520GGJAV%2520%257C%2520%25E6%259C%2580%25E9%25BD%258A%25E5%2585%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B2%25BB%25E7%25B7%259A%25E4%25B8%258AAV%25EF%25BC%258C%25E7%25B7%259A%25E4%25B8%258AA%25E7%2589%2587%25EF%25BC%258C%25E9%25AB%2598%25E6%25B8%2585%25E6%2597%25A5%25E6%259C%25ACAV%25EF%25BC%258C%25E7%25B7%259A%25E4%25B8%258A%25E6%2588%2590%25E4%25BA%25BA%25E5%25BD%25B1%25E7%2589%2587%25EF%25BC%258CJAV%26s_o%3Ddefault%23version%3Ddfaa05f4d3af8a4fe09cfd70007bc5b2&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
xaqveW7CG6V7cY4P2a4CXWQekgqyWN7h4s3xc0In+M92oFSoTl3DK3ectMjC5SZIGkhfYfB/w6lw0wuPz/bP9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 11 May 2021 03:36:39 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
prebid.4.33.0-zeta-ssp.js
c.disquscdn.com/js/dist/ Frame E1A2
312 KB
95 KB
Script
General
Full URL
https://c.disquscdn.com/js/dist/prebid.4.33.0-zeta-ssp.js
Requested by
Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=https-ggjav-com&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231779ba&colorScheme=light&sourceUrl=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&typeface=sans-serif&disqus_version=7a78382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7dcc52237bed494a1741a85d6174dda45958a0ec227126b09b039ebbf9a0de2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tempest.services.disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 05:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
598652
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
content-length
96381
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Tue, 13 Apr 2021 22:23:05 GMT
server
nginx
etag
"607619c9-1787d"
content-type
application/javascript; charset=utf-8
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
expires
Thu, 03 Jun 2021 05:19:06 GMT
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
TpNMNEET_86dj6l9CtBY0Qhbqy61slJJaCqIQ7lqFMLPsmQomHI2aQ==
x-cache-hits
0
iframe
accounts.google.com/o/oauth2/ Frame 4EF7
513 B
556 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ae25e228376373db7237b692e79e08563d8e713fa5c3b5d541fd705bc80d1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K3RTE43AuURseRTSvYVjIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=215=DnvTWhazZd0KKF8_2i6-2ADWhcFXLXMxaoAW6YTChx32w5X33e2UtSwfe95ATLEk7gDFT5ZIOZh9d_fcbEUUn9hx3j1O1myJbbDCAae6nl4RO_5EIodHuzv8L6iTZW2fRTOOOzRNAnzQN_98kq_diaG54tUa35Y9XCyf36fsL_A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 11 May 2021 03:36:38 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-K3RTE43AuURseRTSvYVjIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid
ib.adnxs.com/ut/v3/ Frame E1A2
137 B
846 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/js/dist/prebid.4.33.0-zeta-ssp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e671296f1f8c4e13e09e0bd585a93c14ba2d0268bd39e94cbe58f0e514b6cb02
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tempest.services.disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 11 May 2021 03:36:39 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid
4f555808-49ec-4204-a5de-d6ef156efad3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tempest.services.disqus.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event.gif
referrer.disqus.com/juggler/ Frame F010
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=jjktv21qrq81q&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=https-ggjav-com&zone=thread&page_url=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&page_referrer=https%3A%2F%2Fggjav.com%2F&object_type=advertisement&provider=survey&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A40%7D&forum_id=5953683
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
2515317930-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 4EF7
111 KB
38 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/2515317930-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce22830dd89ea4833c4764c2916dcb892de1dd05a604d0189f689d54cf751df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 21:33:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Apr 2021 06:29:47 GMT
server
sffe
age
281010
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39130
x-xss-protection
0
expires
Sat, 07 May 2022 21:33:09 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 4EF7
14 B
58 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/2515317930-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Tue, 11 May 2021 03:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 11 May 2021 04:36:39 GMT
/
glitter.services.disqus.com/urls/ Frame F010
35 B
495 B
Script
General
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=https-ggjav-com&thread_id=7804205457&referer=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
1bc601eaef9acd59411984db5edb9bc77036561b27ac5657c13daa9d772af081
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
no-cache
transfer-encoding
chunked
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Strict-Transport-Security
max-age=300; includeSubdomains
Vary
Accept-Encoding, Cookie
avatar92.jpg
c.disquscdn.com/uploads/forums/595/3683/ Frame F010
3 KB
4 KB
Image
General
Full URL
https://c.disquscdn.com/uploads/forums/595/3683/avatar92.jpg?1577613476
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.daad0ef0a39804d0796d79f216ca4d2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c0b2cd1f15498f6bab981a1972d77b49dabbb294123974b8b47e0243502cd373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 16:07:28 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
41351
x-cache
Hit from cloudfront
content-length
3458
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Sun, 29 Dec 2019 09:57:57 GMT
server
nginx
etag
"dff3881732765925d75349447b333aa2"
content-type
image/jpeg
expires
Tue, 10 May 2022 16:07:28 GMT
cache-control
max-age=31536000, public, immutable
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
_F5b9R7CDeTccU0CZb_BYE2XdNnYXJGphiLL77irV1YRZzOEB0-mkQ==
x-cache-hits
0
event.gif
referrer.disqus.com/juggler/ Frame F010
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=617&event=init_embed&thread=7804205457&forum=https-ggjav-com&forum_id=5953683&imp=jjktv21qrq81q&prev_imp&thread_slug=s_cute_552_maina_02_maina_2_ggjav_avaavjav&user_type=anon&referrer=https%3A%2F%2Fggjav.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: ggjav.com
URL: https://ggjav.com/main/video?id=25828
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=https-ggjav-com&t_u=https%3A%2F%2Fggjav.com%2Fmain%2Fvideo%3Fid%3D25828&t_d=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&t_t=S-Cute%20552_maina_02%20Maina%20%232%20%E6%81%A5%E3%81%98%E3%82%89%E3%81%84%E3%81%AA%E3%81%8C%E3%82%89%E3%82%82%E6%B1%82%E3%82%81%E3%81%A6%E3%81%8F%E3%82%8C%E3%82%8B%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9%20-%20GGJAV%20%7C%20%E6%9C%80%E9%BD%8A%E5%85%A8%E7%9A%84%E5%85%8D%E8%B2%BB%E7%B7%9A%E4%B8%8AAV%EF%BC%8C%E7%B7%9A%E4%B8%8AA%E7%89%87%EF%BC%8C%E9%AB%98%E6%B8%85%E6%97%A5%E6%9C%ACAV%EF%BC%8C%E7%B7%9A%E4%B8%8A%E6%88%90%E4%BA%BA%E5%BD%B1%E7%89%87%EF%BC%8CJAV&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 May 2021 03:36:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
russian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 9901
287 B
512 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/russian.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11051-3-13125-h-0-0---;11047-16-41428----0-0-0
accept-ranges
bytes
content-length
287
expires
Sat, 14 Nov 2020 07:18:42 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 9901
542 B
767 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-7-24967-h-0-0---;11047-16-41428----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:18:41 GMT
27c0d0ee6fb59ec308d1624527cf3199_thumb_medium.jpg
i.bimbolive.com/00d/262/142/ Frame 9901
8 KB
8 KB
Image
General
Full URL
https://i.bimbolive.com/00d/262/142/27c0d0ee6fb59ec308d1624527cf3199_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
e2b4cbfbf9a9a178d7cec120d22efeb482b04727cc8ffe9936a017414f895d6b

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
1
date
Tue, 11 May 2021 03:36:55 GMT
cf-cache-status
HIT
age
183504
x-o1-p2
MISS
content-length
7726
cf-request-id
09fb18d9c400000863a7b30000000001
last-modified
Sun, 09 May 2021 00:38:02 GMT
server
cloudflare
etag
"60972eea-1e2e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 08 Jun 2021 00:38:22 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85da2d95b0863-CDG
cf-bgj
h2pri
stream_CallMeBadGirl.webm
db.bngpt.com/ Frame 9901
126 KB
126 KB
Media
General
Full URL
https://db.bngpt.com/stream_CallMeBadGirl.webm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
0f45ad0d1648badc6df331033e8837147dd4855185a2e438750e90d9b2a6d77e

Request headers

Referer
https://promo-bc.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Mon, 10 May 2021 06:17:11 GMT
etag
"6098cfe7-1f614"
content-type
video/webm
Content-Range
bytes 0-128531/128532
cache-control
max-age=43200
x-cdn-diag
fra1-11028-3-1037-h-0-0---;11015-10-46267----0-0-0
Content-Length
128532
expires
Mon, 10 May 2021 23:59:05 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 6764
542 B
767 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-7-24967-h-0-0---;11047-16-41428----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:18:41 GMT
italian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 6764
421 B
646 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/italian.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
b3173600c664489cabac486422cf1351a5b5baca3dc1b82a39eb75e5a44097dc

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11057-5-21841-h-0-0---;11047-16-41428----0-0-0
accept-ranges
bytes
content-length
421
expires
Sat, 14 Nov 2020 07:19:22 GMT
38e9934ae2c69d054c988ae8262a180f_thumb_medium.jpg
i.bimbolive.com/04a/200/261/ Frame 6764
11 KB
11 KB
Image
General
Full URL
https://i.bimbolive.com/04a/200/261/38e9934ae2c69d054c988ae8262a180f_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
70827051237710af12a105eaa3429fe542e62b685bab76e458ceecd945e26974

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:55 GMT
cf-cache-status
HIT
age
422204
content-length
11323
cf-request-id
09fb18d9ca000008637f350000000001
access-control-allow-origin
*
last-modified
Sun, 31 Jan 2021 06:32:08 GMT
server
cloudflare
etag
"60164ee8-2c3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
HIT
expires
Mon, 17 May 2021 03:34:58 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85da2d96d0863-CDG
cf-bgj
h2pri
stream_MikyLovee.webm
db.bngpt.com/ Frame 6764
187 KB
188 KB
Media
General
Full URL
https://db.bngpt.com/stream_MikyLovee.webm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
c508266fe260d5cb63c4afdf0354e153e9033bab69845bf492b04c96f0ef07d1

Request headers

Referer
https://promo-bc.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Mon, 10 May 2021 10:28:08 GMT
etag
"60990ab8-2edd0"
content-type
video/webm
Content-Range
bytes 0-191951/191952
cache-control
max-age=43200
x-cdn-diag
fra1-11014-1-47037-h-0-0---;11015-10-46267----0-0-1
Content-Length
191952
expires
Tue, 11 May 2021 04:22:43 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame EABD
542 B
767 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-7-24967-h-0-0---;11047-13-41428----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:18:41 GMT
italian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame EABD
421 B
646 B
Image
General
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/italian.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.35 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
b3173600c664489cabac486422cf1351a5b5baca3dc1b82a39eb75e5a44097dc

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11057-5-21841-h-0-0---;11047-13-41428----0-0-0
accept-ranges
bytes
content-length
421
expires
Sat, 14 Nov 2020 07:19:22 GMT
38e9934ae2c69d054c988ae8262a180f_thumb_medium.jpg
i.bimbolive.com/04a/200/261/ Frame EABD
11 KB
11 KB
Image
General
Full URL
https://i.bimbolive.com/04a/200/261/38e9934ae2c69d054c988ae8262a180f_thumb_medium.jpg
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
70827051237710af12a105eaa3429fe542e62b685bab76e458ceecd945e26974

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:55 GMT
cf-cache-status
HIT
age
422204
content-length
11323
cf-request-id
09fb18d9d800000863bfa3d000000001
access-control-allow-origin
*
last-modified
Sun, 31 Jan 2021 06:32:08 GMT
server
cloudflare
etag
"60164ee8-2c3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
HIT
expires
Mon, 17 May 2021 03:34:58 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85da2f97d0863-CDG
cf-bgj
h2pri
stream_MikyLovee.webm
db.bngpt.com/ Frame EABD
187 KB
188 KB
Media
General
Full URL
https://db.bngpt.com/stream_MikyLovee.webm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
c508266fe260d5cb63c4afdf0354e153e9033bab69845bf492b04c96f0ef07d1

Request headers

Referer
https://bngpt.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 May 2021 03:36:55 GMT
last-modified
Mon, 10 May 2021 10:28:08 GMT
etag
"60990ab8-2edd0"
content-type
video/webm
Content-Range
bytes 0-191951/191952
cache-control
max-age=43200
x-cdn-diag
fra1-11014-1-47037-h-0-0---;11015-10-46267----0-0-0
Content-Length
191952
expires
Tue, 11 May 2021 04:22:43 GMT
73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
i.bimbolive.com/06b/314/1ea/ Frame 9901
8 KB
8 KB
Image
General
Full URL
https://i.bimbolive.com/06b/314/1ea/73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
08a3af3be0eeba07e484dbe0ae8d96accb95a3d9aad485af1be0bdcdceb7ae18

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:55 GMT
cf-cache-status
HIT
age
1542658
x-o1-p6
MISS
content-length
8487
cf-request-id
09fb18d9f80000086397158000000001
last-modified
Sat, 10 Apr 2021 04:17:45 GMT
server
cloudflare
etag
"607126e9-2127"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 17 May 2021 15:49:26 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85da329b10863-CDG
cf-bgj
h2pri
2f9981547561d7b6b720c8bf5eafeafa_thumb_medium.jpg
i.bimbolive.com/043/1ba/01f/ Frame 6764
7 KB
7 KB
Image
General
Full URL
https://i.bimbolive.com/043/1ba/01f/2f9981547561d7b6b720c8bf5eafeafa_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
128d994121e2dbbfd0348c267ae886d7fb6c097c3ace14847e9c71e515922a18

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:55 GMT
cf-cache-status
HIT
age
1473270
content-length
6735
cf-request-id
09fb18da0600000863c6328000000001
access-control-allow-origin
*
last-modified
Mon, 14 Jan 2019 05:13:08 GMT
server
cloudflare
etag
"5c3c1a64-1a4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
EXPIRED
expires
Sun, 23 May 2021 02:51:50 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85da339cd0863-CDG
cf-bgj
h2pri
686b3dcaff4df6d75b068189f5de79f0_thumb_medium.jpg
i.bimbolive.com/040/28f/371/ Frame EABD
13 KB
14 KB
Image
General
Full URL
https://i.bimbolive.com/040/28f/371/686b3dcaff4df6d75b068189f5de79f0_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
a711611983c8d478d3d583a4e4e11a79dc80235497779e2a527d8994cdf83a44

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 11 May 2021 03:36:55 GMT
cf-cache-status
HIT
age
1550471
content-length
13793
cf-request-id
09fb18da6b00000863b1b1b000000001
access-control-allow-origin
*
last-modified
Thu, 25 Jul 2019 05:20:14 GMT
server
cloudflare
etag
"5d393c0e-35e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-o1-p4
EXPIRED
expires
Mon, 10 May 2021 23:16:08 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
64d85da3da870863-CDG
cf-bgj
h2pri

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| _classCallCheck function| _createClass object| Foundation function| search number| max_suggestions object| all_suggestions function| make_suggestions number| select_index string| select_text string| default_text function| select_suggection function| set_select_color boolean| doing1 boolean| doing2 function| hide_suggestions function| show_suggestions function| ExoOutstreamSliderCommon function| ExoSlider object| ExoVideoSlider function| isMobile function| getRandomInt function| get300x100AdsInfo function| close_phone_instant string| ad_idzone string| ad_width string| ad_height string| v_pos string| h_pos undefined| eventMethod function| eventer string| messageEvent number| like_time number| dislike_time boolean| liked function| like function| dislike object| adsInfo object| adsList string| current_bt string| abl object| links object| exoDynamicParams string| exoDocumentProtocol number| popunder_time number| popunder_period string| popunderCookie object| popunder number| current_popunder_time function| stopDefault function| getPopunderCookie function| setPopunderCookie object| current_link function| gtag object| dataLayer string| con1 string| con2 string| redirect object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| disqus_config object| DISQUS object| gaplugins object| gaGlobal object| gaData function| disqus_recommendations_config object| DISQUS_RECOMMENDATIONS

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exosrv.com
a.realsrv.com
accounts.google.com
ads.exosrv.com
adserve.work
api.trwl1.com
apis.google.com
bngpt.com
c.disquscdn.com
cdn-1.ggjav.com
cdn.ggsfq.com
cdn.jsdelivr.net
connect.facebook.net
db.bngpt.com
disqus.com
ggjav.com
glitter.services.disqus.com
https-ggjav-com.disqus.com
i.bimbolive.com
i.bongacash.com
ib.adnxs.com
promo-bc.com
r.trwl1.com
referrer.disqus.com
s3t3d2y7.ackcdn.net
ssl.gstatic.com
static.javhd.com
stats.g.doubleclick.net
syndication.exosrv.com
syndication.realsrv.com
tempest.services.disqus.com
vidoza.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com

104.149.173.134
151.101.112.64
151.101.128.134
167.99.26.195
185.33.221.11
185.75.253.87
185.98.53.17
195.85.23.226
199.232.196.134
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
2600:9000:211e:a400:6:8656:f5c0:93a1
2606:4700:3032::ac43:dea9
2620:1ec:46::45
2a00:1450:4001:802::200d
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:811::2008
2a00:1450:4001:828::200d
2a00:1450:4001:828::200e
2a00:1450:400c:c08::9d
2a02:6ea0:c700::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
31.220.24.176
5.45.85.51
66.254.122.19
66.254.122.35
94.199.255.192
95.211.229.245
95.211.229.246
018076aba9b0726a142f65b28570ea4513012a7e87e2c9d8cec08dc7c7719b5d
01b2c80a23e5c3bbff2e5cedb17527a8eb2a2544b1611bfedc7c43300c9d5a72
054fce521302834ec56be0881037e99c16379e3f5f64580eea4916f394cef496
05e3e47009bb87a76b9e8a9d75ca3f9fddf9471ded1559fe2d3379ca0f127820
08a3af3be0eeba07e484dbe0ae8d96accb95a3d9aad485af1be0bdcdceb7ae18
08b05aa1232219b6c9a71eb156f0853da0ed1a63adcf147f3d9e71e8b0574e4f
09416460a9e5bad27d90f068332a26c97648eee8e1b1a009b9b00b57d40dd956
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52
09cf67ac56ec3e2dc995117b1ac6e73cedc222e722e1b5c45d8a0589a7ec0776
09da79c55fe4b2dfe64c0a553d468d0cd53953b6fabed480228aa86f05cbb4ba
0f45ad0d1648badc6df331033e8837147dd4855185a2e438750e90d9b2a6d77e
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
128d994121e2dbbfd0348c267ae886d7fb6c097c3ace14847e9c71e515922a18
12bfc58ca13eec65043bb19ab01a3586becb55fa9d4d234ea2d3d1aaa970bd87
1bc601eaef9acd59411984db5edb9bc77036561b27ac5657c13daa9d772af081
1df7e5f04d489a7ea8dbb0915fef3bf82cc7a126d8358238ce28b6ad419317d1
1f97c4a1e81f37dff31489b1920a0517aa63fb260f5d1f6fc4353a84b45eb585
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
2192ea5411c5b5250e84b677f2ddb84c76658198faf0f7fde1c0e55ef2173d47
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
27dcd8759d1e196c802856b87868a16db943965d5b85376cbea202e1651d58d2
29e25b67618ca08ad79a1d9e1ee3472a09ac377541da2783087f698a6d099c35
2adaddfefeb6d1e618744313e09a106f7aee8b88db5ab47b49f269850623ed66
2c701e439c85837825b6deae4baf1d1e1e537a4bc0ca7c60f1b844b839306a93
2c7af36e895f9c7c21b868ec48c526b56966965850049f1afddf5f70e2b9e3ae
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
31f80b8e2c57ef364e6dc825c3a680041cd5865ee0aa44c212cde3f9902e3c88
3237ef6128d1a9f20fa4d4b2ae7627709af7d9d552682056205ab8c35b75a549
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
346e94229e26e21c6e3aec164d1502062441eecf63474bd86ccc9fd39227d18a
3470bf4b2062803a4162e2eed64b9cf6351f0a9952639c31d2d2d402902fce16
354bf9d2d3c97dc00a7f766cef6b5125a67dbccad4f2f003d2ca8c951585e45a
3795889ce01bf10b15eb2572caa534bce6c34f537895ead61623e095e4d2557b
3e9f05236ba201e80f46ec9ca2bf71abbf755efcd798a72d7e88af08780fe54b
411283fd743aa4e9ee7501285d2db387001d5121b1f23aac7943cc98facab348
44a81200a2c4a60f0937e41c97d9373d6a34f0fed4d68131edf0d71f89c2b949
4554619c0ef3154f149d471b6bd93ca426eaf986b1fee857184e18351f383774
4583267bc4084d808f5832f3397b30913b0fbb5b637801363326fb2a277f2416
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13
45f6a7f7936e4c1073ab4b14a52808a8dfac8e1c75321fc8724223a340a1c2ff
4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4da1340484480b1931389ad8231371d9bc59291957a0abd891931a41065369d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
4e16d160dccee17c3b87ee91e3c61cfe5ea11f39c31dbde5121c12e246522f38
51a1d37b4bebca38f0be4331e1c4396d8aed15ead014b1e3c2d4e06841501e20
521780ae3ad639fc939b9d3d0cdc68de4b7992cc6b868a9e22a9c98f067fc8b1
5776b43e90c2127750310aac892c04bd90f1854b0a7e924c64cca850733c6609
58e792c49e41501a97a9d37f29f09663c7894414204ea12595d2a8c7db2ad35b
5af61d64e4852893e689b792c6a14a63cb67302e0d1883a6164173612e028b12
5c1f23c4a402d7658c49c051d0707a35d4e241efd67a2f69236d8ead8dd488d7
5c9bc60a728d5a247efdbc1044abddb0778fca57358e64884ba95b771369082a
5ebb72ea98e7fecb2168510fb9b5d3a221b498a248a31bb1aebc975f091d44d5
6182db5be8c1693fdcbdb10ae20fd9098ecf42cecd38e06c406ac08a824eb713
6206bc1a6e1bc33b17979ca1912ce0315570a86afefd90610b33ded8a92c3b86
621b949911604824e40dd8759bdde8f7dcae5c5a5a2a35240bfb9f413ad48500
647a347b3284577e87852b63003ebf9f5b0f7ba09ad6694c4a5564d65ef4f7f2
66fb6e64a8ecace8145412164afd42498d5aa878fd08fce0e1cf5bc08c0a9846
6768504a281b9783183c0a61bd9363b66c4bb9510f69466a89951e2a8355f0f6
681965ef88d5f2ef1319d704c3a9b40de5bc4d180f1e2d0130b4b16c5935e85c
69636f81a1ce2aa53df6532f040480a14333b89194bc68e4c5feda6385b2db62
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c92cdc1fb99a70a3d507ea27caf85f23da6b5f679c134eabeae3ed36e66f7c8
6d60b7a888e4a2c5e23e0eeeb20ae3cb9be4a3b5eb91e79458bdf56f41fb002b
70827051237710af12a105eaa3429fe542e62b685bab76e458ceecd945e26974
72692907a301bbace965f73d7ae13615dfa94b8150d8e0cc8abbe646b4ed012d
77d9d1038f86fd907c344236096b24dd2c2b8742993268636773eed6952c4ee9
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7dcc52237bed494a1741a85d6174dda45958a0ec227126b09b039ebbf9a0de2f
7fecd6f5b05b84f31335556969c3abf7e68d7b3efe1c5506f0f39f9e6dc79e1f
80dbb49bf1f91d3693dbd8369cabdc3067878f4baed23789205b30714b33594c
812c197974a5fe7adbf3dff287286efc9918e3ce9545d57fbc6a34c298fb260e
824fe16609e3bdffc03a25414fa00a144e72099b2d06fe092dde3e5642b4fc7c
8630d3642f52a29b6198da00f23f7bd2481ad1cc19becfcf441a6c4ffe4ae099
875ae4c41bda4e97bf13d5786be1762d74db5a969aef0e582b3c2292226c0ce3
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8fdb97e8c7692fd0b557d14c959f97e0babc5ad98bbeafbba792f3c07b579d7d
911d98349ede057e3736133e295ce6e3c8fb9d0dc8b1b66f34989135bd33d9b0
928ef6ca00dfd717fe97842335da4b7d0d3cc7ba1d7b678a45bafd502ad669f8
94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
98ae25e228376373db7237b692e79e08563d8e713fa5c3b5d541fd705bc80d1c
99f275f232fd568cba204c6fee15fff9abe580ccc6d7e3331043c7ee31e711fb
9e88f635c601c7fb15264de02608ba7fc0ed91de4172cd4986753904efaa04af
9f20f8cd4c5dce6db9e249ac4e0bb049154d3d8706feeda7acfeb0f25320dd6c
a117a4fd15d6c304aa1bfefc167b2878c0df0fe40440645794539e241fa3f747
a163fb094ea045758fdb0d81a16a8e8265adb94dcfc945e4235942250ab2e2a5
a218e753aab8d62df2b2e148a4cce426f0b0b8fa9b686fefb8ca45c0e425b7f6
a61bf3ba621a4d9029a533c86242de8d0693faac2928c9f902c97635b16872cc
a711611983c8d478d3d583a4e4e11a79dc80235497779e2a527d8994cdf83a44
a7ae12d06801f349cd30e7388bf801926c741a34c5c4c5e287fa1e3346e11613
a7d14b983e535139708c6526fcd9c46fb986f2a9e77fba33da4b811bab6dac9a
ac1ce3936dc0db95cc30bc05a9d299cb14fb4f01577c803c1155f829650cfd10
ac5fa500ba37dbc3e5889d62f5eb2f91320b6b66808601a6091c2e4a7f8ef65a
ac7461dcb67080fb78597be0b71229fb6a9dcd257366f6cc431933888eb78b5a
af14507fb9d30eac2ad0cf5f66da5a7309c234813d5c2c8f46375691262c23b7
afa993849834f47f7f9fcd9d10887e872f53f170ad4add67a7f3dd86bbfac8de
b0132593baeb2900ea63cd6efbd6a755fb7ce39e33345fd294be8607fe1c2037
b03860b9293d19a73817c5dfd049df5f57adc601fdf234e4081ac5098cd14174
b21257d1755a8bb358a7d77efd8284ae79ce62a515eb9a5f39945d42cc3f932d
b3173600c664489cabac486422cf1351a5b5baca3dc1b82a39eb75e5a44097dc
b5dcbfab538aadd01755a28feda09ceff426f9c1ee0e09cec24f79524fd72170
b61c4c615dd1f72a1e0befe9dd4f21220572eea4a2edb238a813c1460c3c27cc
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1
b988dd89a1e396eb08df9990321adad6245ef552bc5351f2b2f9067ce76fef0d
bac7ef7bcedc2fecd21d05d912a90f591e70034e654036d7e65e72d46485e9f0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc005bd79868aeecc3b3a2fd41e57a862a433b5a82c9969b7388c50cb2e3b082
bd2d3a0de3322e6c04de5e94fb0c7f4314502031e050bc59c0eeda19f1b6d122
c0b2cd1f15498f6bab981a1972d77b49dabbb294123974b8b47e0243502cd373
c38581db426248ec744bd61cf001acc11a2f02b57faa51983180f783eaa1a466
c508266fe260d5cb63c4afdf0354e153e9033bab69845bf492b04c96f0ef07d1
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
ce22830dd89ea4833c4764c2916dcb892de1dd05a604d0189f689d54cf751df6
ce980bc0c273d90b7500da3a0bab3bb307cac081839689332db83078bf3f5a53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0627e883f59b06ada61af684c0636818d0e01f4c3fed677f83f974196b8316f
d17bd21151d6ef55bbaf9cc9d04e6319fafa04f00effc74cd15cb980b9bb090d
d224be00dfdfb967d6d890d13f601ffba7ce3f407a543afa99841a7e4a0e32ab
d31e1e555b4245aa1797e9355e2ed5fcdde6cd20388a741d30b2b16bee0daed1
dbdc556177a5b6acc00668e4ab8a956f2941d1c6467ad1cef90baa89b45c598d
dde831d7f52d4b993cdbae9497b512451ed913113f3a31f8d144252cce8a853b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd9620067d054615ccfc5ce34a1bf5b6bd9ca5323e15f92e08a29682e47c2d5
e108ab949842fe9c7b960c0f206e9f00bcb43b1f1c4992b713b08011cc28dba0
e2b4cbfbf9a9a178d7cec120d22efeb482b04727cc8ffe9936a017414f895d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
e59c331045b010a83f46ad25c592cf3f5415271b612fc9db8d32cf9158447dc6
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
e671296f1f8c4e13e09e0bd585a93c14ba2d0268bd39e94cbe58f0e514b6cb02
e9fa0435f37a7be6816e46f72df0e53895b22b677416874f7069eba9450a4b31
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f
ec48526f218f6fc98d989a511307c9c5184e92df90a37844424d21af3c5e5846
ee54228ed82e3ebd238f9ee467fad5c0eb3d01855671de4f792cd7dff07523a0
eef38d6cfe80ac20855dcd98162da1541701141843f5ca41834448b259c6c1ed
efc3eb831357bb9a7c73eae7d1966953e1ae40aff117c38318a5a7bfaf5c16d6
f1ff7df6850d0902688cccfa0ffa4c6931e206f8167eabdde18d1861c7de5b12
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f4342c3b624123024e5f14f30dff59ab9fe24de4f19def9e0a069bb4073bc7e5
f7d63ff552e165a8fcc86c99f205873431c9f66bb571f2b0b84d06d73af2fed8
f8afec44114c09f3e520fd8c89a7e00386e99bc567ccbbf16f23771b75b58a68
fa7bcc52b2a7d416a3cb4a5ada91a3a2d74c23d297065627b2fe55e11593057a
fadd0e82b4162d374ae3a21ea4d60ac35328835f16667377036e57d8d5e9f321
ff5fd14ed13e3d969bfb7cf1bdb27c727278bb4072a2339cb1fd9ddb3f5daa32
ff6c6dadd061c642ea74655d2b77471afb78f91eea134644763c4f14f448e3f6
ffa907d826f82968612e5a325704a5cc38330a791049b23da9725a6609e22538