m.javchill.com Open in urlscan Pro
2606:4700:3033::ac43:9360 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.javchill.com/play/fc2-ppv-2537990
Submission: On November 08 via manual (November 8th 2022, 4:55:47 am UTC) from JP — Scanned from JP

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 20 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3033::ac43:9360, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.javchill.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2022. Valid for: a year.

This is the only time m.javchill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3033::ac43:9360	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:21:... 2606:4700:21::681b:c258	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:303... 2606:4700:3033::ac43:8252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:2142:d600:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
3	2606:4700:303... 2606:4700:3033::6815:1bfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3036::ac43:c22d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:400... 2a04:4e42:400::626	54113 (FASTLY) (FASTLY)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
3	2a00:c98:2030... 2a00:c98:2030:a00f:6::2a00	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2606:4700:303... 2606:4700:3032::ac43:b020	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:80c::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:21ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	21

9 2606:4700:3033::ac43:9360 (United States)

ASN13335 (CLOUDFLARENET, US)

m.javchill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mposter.javchill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:8252 (United States)

ASN13335 (CLOUDFLARENET, US)

emturbovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81d::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2142:d600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

betotodilea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:1bfb (United States)

ASN13335 (CLOUDFLARENET, US)

delivery.taroads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itskiddien.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c22d (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:c98:2030:a00f:6::2a00 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

ss63.litvp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b020 (United States)

ASN13335 (CLOUDFLARENET, US)

ver1.sptvp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

nanouwho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:21ac (United States)

ASN13335 (CLOUDFLARENET, US)

offerimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	javchill.com m.javchill.com mposter.javchill.com poster.javchill.com Failed	333 KB
8	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2098	147 KB
4	jwpcdn.com ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2691	222 KB
3	gstatic.com www.gstatic.com	29 KB
3	litvp.com ss63.litvp.com	20 KB
3	taroads.com delivery.taroads.com — Cisco Umbrella Rank: 75015	23 KB
3	betotodilea.com betotodilea.com — Cisco Umbrella Rank: 26930	33 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	191 KB
2	itskiddien.club cdn.itskiddien.club — Cisco Umbrella Rank: 27322	32 KB
2	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 14815	38 KB
1	offerimage.com offerimage.com — Cisco Umbrella Rank: 21314	10 KB
1	nanouwho.com nanouwho.com — Cisco Umbrella Rank: 23288
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 7322	544 B
1	sptvp.com ver1.sptvp.com — Cisco Umbrella Rank: 194073
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 14375	484 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 14994	6 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2763	42 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 447	31 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165	20 KB
1	emturbovid.com emturbovid.com — Cisco Umbrella Rank: 523978	7 KB
56	20

	Domain	Requested by
8	mc.yandex.ru	2 redirects m.javchill.com emturbovid.com mc.yandex.ru
8	m.javchill.com	m.javchill.com
4	ssl.p.jwpcdn.com	cdn.jwplayer.com
3	www.gstatic.com	cdn.jwplayer.com www.gstatic.com
3	ss63.litvp.com	ssl.p.jwpcdn.com
3	delivery.taroads.com	emturbovid.com delivery.taroads.com
3	betotodilea.com	emturbovid.com betotodilea.com
3	www.googletagmanager.com	emturbovid.com www.googletagmanager.com
2	cdn.itskiddien.club	betotodilea.com cdn.itskiddien.club
2	cdn.plyr.io	m.javchill.com
1	offerimage.com
1	nanouwho.com	cdn.itskiddien.club
1	my.rtmark.net	betotodilea.com
1	ver1.sptvp.com	emturbovid.com
1	fleraprt.com	tzegilo.com
1	tzegilo.com	betotodilea.com
1	cdn.jwplayer.com	emturbovid.com
1	ajax.googleapis.com	emturbovid.com
1	maxcdn.bootstrapcdn.com	emturbovid.com
1	mposter.javchill.com	m.javchill.com
1	emturbovid.com	m.javchill.com
0	poster.javchill.com Failed	m.javchill.com
56	22

This site contains links to these domains. Also see Links.

Domain
hpjav.tv
www.javlibrary.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-03`	a year	crt.sh
*.plyr.io GTS CA 1P5	`2022-10-31` - `2023-01-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.emturbovid.com E1	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
jwplayer.com Amazon	`2021-12-29` - `2023-01-25`	a year	crt.sh
betotodilea.com R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
itskiddien.club R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-22` - `2023-03-26`	a year	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-01-14`	a year	crt.sh
*.litvp.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-11` - `2023-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
nanouwho.com R3	`2022-09-29` - `2022-12-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://m.javchill.com/play/fc2-ppv-2537990
Frame ID: E11158E74721E3AD64F762FFFEA7EFB7
Requests: 22 HTTP requests in this frame

Frame: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb
Frame ID: 4CD476CF88448901FE5B5A1A66F41C5F
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FC2 PPV 2537990 Complete appearance! !! Limited to 1/7! [Uncensored] The end of a man who can't stop thinking ... I can't forget her fascinating Fcup beauty busty body and cum shot again! !! It must have been a blissful time ... (completely finished) | JAVCHILL | JAV FULL HD

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

82 %
HTTPS

75 %
IPv6

20
Domains

22
Subdomains

21
IPs

5
Countries

1184 kB
Transfer

4005 kB
Size

20
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://hpjav.tv/
Title: JAVHD

Search URL Search Domain Scan URL

URL: http://www.javlibrary.com/en/
Title: JAVlibrary

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://mc.yandex.ru/watch/90860481?wmode=7&page-url=https%3A%2F%2Fm.javchill.com%2Fplay%2Ffc2-ppv-2537990&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1619%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1354019173825%3Ahid%3A365140622%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A240774225%3Arqn%3A1%3Au%3A1667883345975000643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C12%2C1251%2C3%2C%2C0%2C%2C334%2C20%2C%2C%2C%2C1607%3Acpf%3A1%3Ans%3A1667883341609%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2%20PPV%202537990%20Complete%20appearance!%20!!%20Limited%20to%201%2F7!%20%5BUncensored%5D%20The%20end%20of%20a%20man%20who%20can%27t%20stop%20thinking%20...%20I%20can%27t%20forget%20her%20fascinating%20Fcup%20beauty%20busty%20body%20and%20cum%20shot%20again!%20!!%20It%20must%20have%20been%20a%20blissful%20time%20...%20(completely%20finished)%20%7C%20JAVCHILL%20%7C%20JAV%20FULL%20HD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/90860481/1?wmode=7&page-url=https%3A%2F%2Fm.javchill.com%2Fplay%2Ffc2-ppv-2537990&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1619%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1354019173825%3Ahid%3A365140622%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A240774225%3Arqn%3A1%3Au%3A1667883345975000643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C12%2C1251%2C3%2C%2C0%2C%2C334%2C20%2C%2C%2C%2C1607%3Acpf%3A1%3Ans%3A1667883341609%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2%20PPV%202537990%20Complete%20appearance%21%20%21%21%20Limited%20to%201%2F7%21%20%5BUncensored%5D%20The%20end%20of%20a%20man%20who%20can%27t%20stop%20thinking%20...%20I%20can%27t%20forget%20her%20fascinating%20Fcup%20beauty%20busty%20body%20and%20cum%20shot%20again%21%20%21%21%20It%20must%20have%20been%20a%20blissful%20time%20...%20%28completely%20finished%29%20%7C%20JAVCHILL%20%7C%20JAV%20FULL%20HD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 46

https://mc.yandex.ru/watch/83308117?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&page-ref=https%3A%2F%2Fm.javchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1454778551215%3Ahid%3A804286990%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A1023912869%3Arqn%3A1%3Au%3A1667883345185562093%3Aw%3A1552x150%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A8%2C21%2C406%2C3%2C1%2C0%2C%2C1111%2C0%2C%2C%2C%2C1554%3Acpf%3A1%3Ans%3A1667883343166%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2-PPV-2537990.mp4&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&page-ref=https%3A%2F%2Fm.javchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1454778551215%3Ahid%3A804286990%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A1023912869%3Arqn%3A1%3Au%3A1667883345185562093%3Aw%3A1552x150%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A8%2C21%2C406%2C3%2C1%2C0%2C%2C1111%2C0%2C%2C%2C%2C1554%3Acpf%3A1%3Ans%3A1667883343166%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2-PPV-2537990.mp4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fc2-ppv-2537990 Show response
m.javchill.com/play/ 19 KB
5 KB 1270ms
1251ms Document
text/html 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.31
Resource Hash: 6a96810935b6f54d51d9c1b70caabfcc135bbb3d6c3fe2ae6cd1c1b871e70a43

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 766bb7c52ab1af7c-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 08 Nov 2022 04:55:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnTxG99oU12Kpuw1w%2B3pr%2Ba8pO7MqSKNKlih3gkFBwQdEDqVZ5%2Bl36t%2FCZ1oJy5stMipQnGN8Z%2FJXqbD7F8mqoaVWTFjZivEdPvr7RNTzzXJZz85eIiXz7IBF7IakHQg2%2BdrKXcUhz0xDcMvjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.31

GET
H2 200 bootstrap.js Show response
m.javchill.com/frontend/vendor/ 554 KB
166 KB 24ms
21ms Script
application/javascript 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.javchill.com/frontend/vendor/bootstrap.js
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49c5dc1a05c38a64c8e03cb10814682c995a6ddf0ee66e037d38fb459f53cdd9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/play/fc2-ppv-2537990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 14:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6124
etag: W/"603514f7-8a9b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjENqXw20xpyOfCWVpdRDGj0IzkuZ470cF43BaS%2Bki3hhyO916d5xPeFtzPqlAkoi2gLMfX8AKCAwUTIt%2BHyKn9G5U9Q7v8vvujUe4fvV%2F4yNOM%2F%2B76IllrCVaC0mPFo9DWHtgi5TBb2rrxnzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 766bb7cd1b9caf7c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1.js Show response
m.javchill.com/frontend/js/ 2 KB
922 B 11ms
9ms Script
application/javascript 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.javchill.com/frontend/js/1.js
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf2ea54da39706966e6fb4eb161784eb4b6e749b57f819491c71c953b88e1d3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/play/fc2-ppv-2537990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 14:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6720
etag: W/"603514f7-6e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scVzQ74vY%2FPCluCWeEa6y6U46iYeUl5UjKtGfD8E47kKuIyhr2NzVltR7Alv3GR0r0M7OzGWktY7wH008vStgv3QyrggxhED47KMMUgtvu94cfNtCYTwgjZx%2BlY%2FnXX67Oo786iBnAUcvIVEJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 766bb7cd1ba1af7c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.css
m.javchill.com/frontend/vendor/ 221 KB
32 KB 12ms
10ms Stylesheet
text/css 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.javchill.com/frontend/vendor/bootstrap.css
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54f52498470cea92b1c9df4ce87f27f64bddfa9d00ab975313eba57429ba20ce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/play/fc2-ppv-2537990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 14:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6108
etag: W/"603514f7-372ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ot16zFAo5ud8Fm7Ocm8Njmj%2BLvB14IAPyTQ5BGAE%2BKBmwKYOEufGUfphFJ%2FJ%2B151fQscOU6R0HhBMPgeKmko1%2BVZsq9IIMaOciONEbQQcHJ9XDAYlZ9oA6hQ2Ius94pbL7yJMdEna9MHXnLGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 766bb7cd1b9eaf7c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 play.css
m.javchill.com/frontend/css/ 5 KB
2 KB 255ms
254ms Stylesheet
text/css 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.javchill.com/frontend/css/play.css
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1022e676c6c8cfca091fab0c037b75cf7414ea69bf8443efe4a46f3a513e87f3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/play/fc2-ppv-2537990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jun 2022 10:06:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62b2e9a9-1261"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjWsFE9Enq%2FQi1EL3e3JX4WBf3GhiWdf0wh7SQuiTnpexKXRfBU%2FW%2BI4VrogyKNtjNnCBiC4sU1ADpSs5mTyndpL8JFrmVLYyGtSuggkd%2Bv1tqUcifkT9swcaQOv96VKNrp9rPzTkrfDFwmnmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 766bb7cd1ba0af7c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.5.10/ 113 KB
33 KB 25ms
12ms Script
application/javascript 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.10/plyr.js
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7be5773afade685232a88dc41efe61c133d536973dcfd3dcb4de8fcc60866678

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:42 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15502692
x-amz-request-id: Y7JX97VJBZKECG6A
cf-polished: origSize=116082
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MUaRrZvst1XLm1c2Dw3ROohlV0Yyf9WBXJuplC/b5f49CaPT+AnnIXCZ7cptGG61G8wEtjGW9zI=
x-served-by: cache-iad-kcgs7200096-IAD, cache-tyo11927-TYO
cf-bgj: minify
last-modified: Fri, 14 Feb 2020 17:35:53 GMT
server: cloudflare
x-timer: S1652380650.336534,VS0,VE1
etag: W/"0f9eecd3a427a45c817232700bde09ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6a4SOiKyYEqTp9RkqygU2CmWyfnWQwrfJ30W0r3U1sQSax%2Bes1cBMPONHaJ%2BhlTuvw3r6IGtnR%2FekYX0L8XmWiU6n3cjGkB%2Fji%2BCsgyQCDJucMdeuY80VU%2BNoWrgexjWar%2FMBGIm6kqI"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
cf-ray: 766bb7cd2b1ab005-NRT
x-cache-hits: 1, 1

GET
H2 200 plyr.css
cdn.plyr.io/3.5.10/ 24 KB
5 KB 23ms
10ms Stylesheet
text/css 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.10/plyr.css
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd4780a641049b305ef4b3d4ef6e5f1783ef6f35982bda57e7800f86cff4260

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:42 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15509318
x-amz-request-id: N6YM9R9WT1858RFE
cf-polished: origSize=24843
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: G4cKqPFbrYJh8pDnDKcZZ3W59MiMQFmEw2V+8zPZrOiZ8vWX88E03EY3LXWJhTH5CgR0tHfaUPc=
x-served-by: cache-iad-kcgs7200118-IAD, cache-tyo11956-TYO
cf-bgj: minify
last-modified: Fri, 14 Feb 2020 17:36:37 GMT
server: cloudflare
x-timer: S1652374024.164964,VS0,VE1
etag: W/"0dd2e5ee1d7c5054ca52c45a5462ebb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Or1e2ZZqihuVy4%2F8szSiwaLzrbgejlrlRjD0skZMhAtKAJFK65JaseKv284ES58j8PrUdnUWHDbQZC0cC2xOhd0RAxrUv9UE6amae7UKC4drazk9vx1woWa%2FqvFB3qwkZ3PxnSW19Ig"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
cf-ray: 766bb7cd2b19b005-NRT
x-cache-hits: 1, 1

GET
H3 200 logo1.png
m.javchill.com/frontend/image/ 22 KB
22 KB 9ms
9ms Image
image/png 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.javchill.com/frontend/image/logo1.png
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5dfb4c60a0fb828e876f52ee65ba00a32e89a8798216118eebbb3864966b3e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/play/fc2-ppv-2537990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:42 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 14:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3915
etag: "603514f7-5637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyiAqO3ESDmMqmiDjeadR18Nox7UnTpPt%2F2yF7AZeMXO3QfmhYPy8%2FRvJhFaqbDOi%2F7i36L%2Fbsqq050teM9ewarWhN2Fk13l67JPGbXMmNvDOWZlzEqUpeN8ZGi2Ss8krUNWw1E3oClmZAezlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 766bb7cd58d0e350-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22071

GET
H3 200 sologan.png
m.javchill.com/frontend/image/ 16 KB
17 KB 9ms
9ms Image
image/png 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.javchill.com/frontend/image/sologan.png
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d2d25774d1a105f4fa0cb1a412e8551191bde526f2de8f97645234dc174a50

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/play/fc2-ppv-2537990
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:42 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 14:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6108
etag: "603514f7-410d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HH0GXacyhDJd0VbSMGAaAU5qTBydMLMcjEChLl%2F3vxTABhe1BWDyWGrEVROeZx%2BdNenhx%2ByIlOMUpFuR4ssnxaFrKrrIw6vmVHOPHJK4TFHg%2BsATk%2Fq6f6wSH8JgoxdnePN2iqeAMhd6J04WmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 766bb7cd68efe350-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16653

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 1170ms
578ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6fe5233b4ccd041305715d11fd354cb3a65abe22152fc698d6033124a2212fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11eb5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73397
expires: Tue, 08 Nov 2022 05:55:43 GMT

GET
H2 200 YQXlUdrpB0Q3E8WKdzeb Show response
emturbovid.com/t/ Frame 4CD4 26 KB
7 KB 437ms
407ms Document
text/html 2606:4700:3033::ac43:8252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 88c31732f5a10b0a1eaa482179d84e429e41ba80f3f48c6b45c7b3de5d671a36

Request headers

Referer: https://m.javchill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 766bb7cf0bb91fcf-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 08 Nov 2022 04:55:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0cHLL92Sl4zld5CrWZ6HzB4XP9jkhipDO5BiaCIcFwGQKkbdovIRMI0obU6ZiuSbKqDoN5ZSy6qgkpcN9FtA8mm8LGqxq0CM0yk4wlGCJbbp%2BA1Vvqjfl0cehAZHty%2BUz3l6D8M%2BYlJyBG3ew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33

GET
H2 200 amateur-4.jpg
mposter.javchill.com/frontend/imageidol/ 24 KB
24 KB 506ms
498ms Image
image/jpeg 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mposter.javchill.com/frontend/imageidol/amateur-4.jpg
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a4ace64447adb5d2418874763c4109175bea10f3c7427a03ddbb4e456d412e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Feb 2021 14:08:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "60350c47-600e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URGAmC4fgjoIFrGaEC5zw7sUsk7x8r0wP9WtrKWmRQBRjoCDIF4XO5FRiDRaAwixu7V5FNpc%2FfhZ2%2FZzCd9pKAce69Mo2WbRtK0FRiPTAHj1Zq%2BffvK%2BkOerKJjiCkjsr2CgWg%2BiRK%2BBGhgRHkpnPKVwnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 766bb7ceed98af7c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24590

GET asrt-151.jpg
poster.javchill.com/frontend/posterResize/2022-01/25/ 0
0

GET
H3 200 fontawesome-webfont.woff
m.javchill.com/frontend/fonts/ 64 KB
64 KB 14ms
13ms Font
font/woff 2606:4700:3033::ac43:9360
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.javchill.com/frontend/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: m.javchill.com
URL: https://m.javchill.com/frontend/vendor/bootstrap.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://m.javchill.com/frontend/vendor/bootstrap.css
Origin: https://m.javchill.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 14:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1027
etag: "603514f7-ffac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToHDwUuKpZtRjjxbl22tC2Ra0L5ahueupAgOl34XAoQUWuf6aGhb1qxml0gjXTghOrk9TWlrEr5nVFSkNIDfvN%2BybKC06BCBUcJkhXZHya%2B0a93fjDxG4JhJzwLpcc1WWZmfyrYgzfAQkEZAFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 766bb7ceea74e350-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452

GET 261ara-475.jpg
poster.javchill.com/frontend/posterResize/2021-01/27/ 0
0

GET fc2-ppv-1807912.jpg
poster.javchill.com/frontend/posterResize/2021-05/11/ 0
0

GET dori-047.jpg
poster.javchill.com/frontend/posterResize/2022-03/28/ 0
0

GET yari-002.jpg
poster.javchill.com/frontend/posterResize/2021-10/27/ 0
0

GET 345simm-559.jpg
poster.javchill.com/frontend/posterResize/2020-11/26/ 0
0

GET c0930-hitozuma1363.jpg
poster.javchill.com/frontend/posterResize/2021-09/19/ 0
0

GET natr-649.jpg
poster.javchill.com/frontend/posterResize/2021-01/16/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4CD4 109 KB
43 KB 86ms
45ms Script
application/javascript 2404:6800:4004:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173619459-1

Requested by

Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d10b2c8cd62020b5adfe137b757a5e6af46fd4f34f469dd8c809c59e1a104e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43650
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Nov 2022 04:55:43 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ Frame 4CD4 119 KB
20 KB 19ms
11ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 637, 617, 617
age: 15533588
cdn-cachedat: 2021-06-08 11:57:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 44954a793b7f4e7d32b1a0cc799b0315
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 766bb7d1ec7b7822-NRT
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 4CD4 87 KB
31 KB 42ms
3ms Script
text/javascript 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 05:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 05:45:25 GMT

GET
H2 200 5Mr0zETT.js Show response
cdn.jwplayer.com/libraries/ Frame 4CD4 118 KB
42 KB 24ms
2ms Script
text/javascript 2600:9000:2142:d600:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/5Mr0zETT.js
Requested by: Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2142:d600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 6019bc5a3b61ec247e47766f1b8a728cf28021e65c137690de5369bde8fb0176

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:54:50 GMT
content-encoding: gzip
via: 1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: NRT57-C3
age: 53
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 42271
x-amz-cf-id: 570YbdiDGMdGAg6DGBzI24FS35oQscwG_AwasWPMxgV8XZLF6xIKvw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4CD4 211 KB
74 KB 42ms
41ms Script
application/javascript 2404:6800:4004:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RXQM5QPSYX

Requested by

Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b4b9b4c26a0dcd0901557e2382534f1f518ebeb00c17d1758090bee2f191d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Nov 2022 04:55:43 GMT

GET
H2 200 5043159 Show response
betotodilea.com/400/ Frame 4CD4 80 KB
31 KB 970ms
481ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/400/5043159

Requested by

Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ce57c7b07b5362d4714a35fc9741450891248d57de4e881e579772dffa81ed33

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-trace-id: 1d43e1273c16ebd1baae8d5144ac06ab
pragma: no-cache
date: Tue, 08 Nov 2022 04:55:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 pub Show response
delivery.taroads.com/ Frame 4CD4 57 KB
22 KB 280ms
268ms Script
text/javascript 2606:4700:3033::6815:1bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.taroads.com/pub?id=200442
Requested by: Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0393a3c3fbd8139be4597fbeb30e4e550526c334e54f0c98d87084b08f6bd942

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0UM%2Fbhk7mCky79ricKonBLDX%2BisdCcm6CfU3uSKkdEYPgJG1L5a3dNHWU1wca%2FF8OwWVmQVfJ3eb3A%2FN0H%2BnpKyw%2BI%2BsMcne5AVXwMPdhnRFAsBo1WW9AUbhtRGBMhEnbg1LyU%2B9Vkbv%2BM4k8aZdaOb7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cf-ray: 766bb7d25ed2f6a1-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 4CD4 209 KB
72 KB 609ms
577ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6fe5233b4ccd041305715d11fd354cb3a65abe22152fc698d6033124a2212fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11eb5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73397
expires: Tue, 08 Nov 2022 05:55:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4CD4 211 KB
74 KB 82ms
43ms Script
application/javascript 2404:6800:4004:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RXQM5QPSYX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173619459-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7bf6e4c4307021b768a12ae166704879b8c175de71edb6a3c58a6f7b95cd17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75841
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Nov 2022 04:55:43 GMT

GET
H2 200 apu.php Show response
cdn.itskiddien.club/ Frame 4CD4 75 KB
29 KB 951ms
472ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddien.club/apu.php?zoneid=5048997

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/5043159

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f92a49ad3a22b8d1547e0fa2211dfa2eca0148cb2488b59581b3c6f888b7e0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: c705fb86dc1ff0fdc54aeea4aa2936a7
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ Frame 4CD4 13 KB
6 KB 26ms
13ms Script
application/javascript 2606:4700:3036::ac43:c22d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: betotodilea.com
URL: https://betotodilea.com/400/5043159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c22d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b791712086001011a3a913120c1bc35bb8238c72e9d3d0dba6f80b687e0d1f4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5028
etag: W/"634eb2c6-32d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4pVq%2Fa5O6guyUAo%2BqOCHTOuHCIuNN08AsFubWeoY2AiF9AkL4GqNG5K0Q7A8bj5kXm1%2Fkn7FzhmHSmqQFcwj3JgQRoQtSXGb9S7Eo8WDgIIL6mcmk%2FXwb7teZQ%2BiKVjJyWxoHTMC7pguw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 766bb7d87a5b1ed0-NRT
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.26.1/ Frame 4CD4 62 KB
19 KB 9ms
2ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/5Mr0zETT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: gzip
via: 1.1 varnish
age: 473
x-cache: HIT
content-length: 18857
x-served-by: cache-tyo11958-TYO
last-modified: Thu, 29 Sep 2022 20:27:56 GMT
server: AmazonS3
x-timer: S1667883345.713123,VS0,VE0
etag: "662d21d9cc48caa9758882be57e10e92"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 55

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.26.1/ Frame 4CD4 325 KB
84 KB 8ms
2ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/5Mr0zETT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 891b3886dccdba5ee5a6c7a7eb571b702d0e0632fe625eab0f14661db6f18a92

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2963488
x-cache: HIT
content-length: 85628
x-served-by: cache-tyo11958-TYO
last-modified: Thu, 29 Sep 2022 20:27:49 GMT
server: AmazonS3
x-timer: S1667883345.713222,VS0,VE0
etag: "3dbbfe8911fcf10cd73c01fb12b3a0c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 51293

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.26.1/ Frame 4CD4 377 KB
110 KB 8ms
4ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/5Mr0zETT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acfde0191e09d9049c5304cf54ee91bc9748bc11e6ad6091ca20c7de569d29b6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2965239
x-cache: HIT
content-length: 112497
x-served-by: cache-tyo11958-TYO
last-modified: Thu, 29 Sep 2022 20:27:52 GMT
server: AmazonS3
x-timer: S1667883345.713218,VS0,VE0
etag: "0814ed1c84aed38165abc0800edcbffb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 45103

POST
H3 200 creative Show response
delivery.taroads.com/ Frame 4CD4 1 KB
1 KB 267ms
260ms Fetch
application/json 2606:4700:3033::6815:1bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.taroads.com/creative
Requested by: Host: delivery.taroads.com
URL: https://delivery.taroads.com/pub?id=200442
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08d5fb2a6e7f8c8b409c9d620dacdbf3b7d262e74bc5bc30b8dd471432f811ce

Request headers

Referer: https://emturbovid.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://emturbovid.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPajSR9ZtacAxEP16HYIZTtYdUbZEp3%2F%2F7xV4UVRfeH98kZ66kxJL5F2vbT65EdicJgYkV13z6Floa6RWYC2X0OWgBBVpsfTGQgUAShp5laqAZYP9gvXeXB4PCzIfzRrpAzgqQKLY5%2Fqx7SBsFiArUMPaw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 766bb7d88a6320a1-NRT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 openrtb Show response
delivery.taroads.com/ Frame 4CD4 0
548 B 312ms
304ms Fetch 2606:4700:3033::6815:1bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.taroads.com/openrtb
Requested by: Host: delivery.taroads.com
URL: https://delivery.taroads.com/pub?id=200442
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://emturbovid.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 08 Nov 2022 04:55:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIHTIFf81cfJXpEaUqTQVDcLEzjjaZcWfKTcSgwdSV52IPPoDvI%2BMvrV9sK7L6NKZYGnZQLxO91aYIqAK0H68dHs1NFmEk6AEkV9TCIFrGBPKLl1ZLGnJ1%2FF%2FUPSY1xTR3ZhXz%2BUaI%2FiM%2BtGmA7PasBBUw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://emturbovid.com
access-control-allow-credentials: true
cf-ray: 766bb7d88a6420a1-NRT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ Frame 4CD4 12 B
484 B 718ms
237ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer: https://emturbovid.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 08 Nov 2022 04:55:48 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://emturbovid.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 provider.cast.js Show response
ssl.p.jwpcdn.com/player/v/8.26.1/ Frame 4CD4 30 KB
10 KB 2ms
2ms Script
application/javascript 2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.cast.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/5Mr0zETT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79940cfffd1ba3c7b8aaed4626b1e59f2513d5cfd1fe3509a0ce19fbd4b81844

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3053182
x-cache: HIT
content-length: 10060
x-served-by: cache-tyo11958-TYO
last-modified: Thu, 29 Sep 2022 20:27:52 GMT
server: AmazonS3
x-timer: S1667883345.797479,VS0,VE0
etag: "5e5a0ee699e32dfdd15b25070ab9c80e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 19224

GET
H2 200 master.m3u8 Show response
ss63.litvp.com/stream/D/C5/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB/ Frame 4CD4 438 B
769 B 1140ms
284ms XHR
application/vnd.apple.mpegurl 2a00:c98:2030:a00f:6::2a00
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://ss63.litvp.com/stream/D/C5/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB/master.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:c98:2030:a00f:6::2a00 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f857e9681d77442ee8414c0f21848a688fdff3c0595fc4546ce81668496cbc0c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:45 GMT
last-modified: Sun, 20 Mar 2022 12:54:55 GMT
server: nginx/1.20.1
etag: "6237241f-1b6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 438

GET
H2 404 live.png
ver1.sptvp.com/poster/ Frame 4CD4 0
0 356ms
344ms Image
text/html 2606:4700:3032::ac43:b020
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ver1.sptvp.com/poster/live.png
Requested by: Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4CD4 4 KB
3 KB 74ms
37ms Script
text/javascript 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/5Mr0zETT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 04:55:44 GMT

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 4CD4 36 KB
12 KB 110ms
71ms Script
text/javascript 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 23:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Tue, 08 Nov 2022 04:55:44 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 4CD4 52 KB
15 KB 44ms
5ms Script
text/javascript 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 13:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 08 Nov 2022 13:30:51 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 4CD4 65 B
544 B 727ms
240ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/5043159

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

806819baaf2bffee48023c8bcaf835e5e6733383694b730c48989020ef7ed99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emturbovid.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2

200

1 Show response
mc.yandex.ru/watch/90860481/
Redirect Chain

https://mc.yandex.ru/watch/90860481?wmode=7&page-url=https%3A%2F%2Fm.javchill.com%2Fplay%2Ffc2-ppv-2537990&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1619%3Af...
https://mc.yandex.ru/watch/90860481/1?wmode=7&page-url=https%3A%2F%2Fm.javchill.com%2Fplay%2Ffc2-ppv-2537990&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1619%3...

427 B
509 B

296ms
295ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/90860481/1?wmode=7&page-url=https%3A%2F%2Fm.javchill.com%2Fplay%2Ffc2-ppv-2537990&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1619%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1354019173825%3Ahid%3A365140622%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A240774225%3Arqn%3A1%3Au%3A1667883345975000643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C12%2C1251%2C3%2C%2C0%2C%2C334%2C20%2C%2C%2C%2C1607%3Acpf%3A1%3Ans%3A1667883341609%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2%20PPV%202537990%20Complete%20appearance%21%20%21%21%20Limited%20to%201%2F7%21%20%5BUncensored%5D%20The%20end%20of%20a%20man%20who%20can%27t%20stop%20thinking%20...%20I%20can%27t%20forget%20her%20fascinating%20Fcup%20beauty%20busty%20body%20and%20cum%20shot%20again%21%20%21%21%20It%20must%20have%20been%20a%20blissful%20time%20...%20%28completely%20finished%29%20%7C%20JAVCHILL%20%7C%20JAV%20FULL%20HD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

91a6243d437c646e7cadd23844434acef844c5d90156b9eff3dc6e811ff50be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 08-Nov-2022 04:55:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.javchill.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Tue, 08-Nov-2022 04:55:45 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 08-Nov-2022 04:55:45 GMT
location: /watch/90860481/1?wmode=7&page-url=https%3A%2F%2Fm.javchill.com%2Fplay%2Ffc2-ppv-2537990&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1619%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1354019173825%3Ahid%3A365140622%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A240774225%3Arqn%3A1%3Au%3A1667883345975000643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C12%2C1251%2C3%2C%2C0%2C%2C334%2C20%2C%2C%2C%2C1607%3Acpf%3A1%3Ans%3A1667883341609%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2%20PPV%202537990%20Complete%20appearance%21%20%21%21%20Limited%20to%201%2F7%21%20%5BUncensored%5D%20The%20end%20of%20a%20man%20who%20can%27t%20stop%20thinking%20...%20I%20can%27t%20forget%20her%20fascinating%20Fcup%20beauty%20busty%20body%20and%20cum%20shot%20again%21%20%21%21%20It%20must%20have%20been%20a%20blissful%20time%20...%20%28completely%20finished%29%20%7C%20JAVCHILL%20%7C%20JAV%20FULL%20HD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://m.javchill.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 08-Nov-2022 04:55:45 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 291ms
290ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: m.javchill.com
URL: https://m.javchill.com/play/fc2-ppv-2537990

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://m.javchill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Nov 2022 05:55:45 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/83308117/ Frame 4CD4
Redirect Chain

https://mc.yandex.ru/watch/83308117?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&page-ref=https%3A%2F%2Fm.javchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3...
https://mc.yandex.ru/watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&page-ref=https%3A%2F%2Fm.javchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14...

420 B
454 B

290ms
289ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&page-ref=https%3A%2F%2Fm.javchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1454778551215%3Ahid%3A804286990%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A1023912869%3Arqn%3A1%3Au%3A1667883345185562093%3Aw%3A1552x150%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A8%2C21%2C406%2C3%2C1%2C0%2C%2C1111%2C0%2C%2C%2C%2C1554%3Acpf%3A1%3Ans%3A1667883343166%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2-PPV-2537990.mp4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: emturbovid.com
URL: https://emturbovid.com/t/YQXlUdrpB0Q3E8WKdzeb

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f6a0c7279aa5db8c8a1f2b29ef506159e742d1cefa55bdf994fab5665b082b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 08-Nov-2022 04:55:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emturbovid.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Tue, 08-Nov-2022 04:55:45 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 08-Nov-2022 04:55:45 GMT
location: /watch/83308117/1?wmode=7&page-url=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&page-ref=https%3A%2F%2Fm.javchill.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1454778551215%3Ahid%3A804286990%3Az%3A0%3Ai%3A20221108045544%3Aet%3A1667883345%3Ac%3A1%3Arn%3A1023912869%3Arqn%3A1%3Au%3A1667883345185562093%3Aw%3A1552x150%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A8%2C21%2C406%2C3%2C1%2C0%2C%2C1111%2C0%2C%2C%2C%2C1554%3Acpf%3A1%3Ans%3A1667883343166%3Arqnl%3A1%3Ast%3A1667883345%3At%3AFC2-PPV-2537990.mp4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://emturbovid.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 08-Nov-2022 04:55:45 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 4CD4 43 B
110 B 290ms
289ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Nov 2022 05:55:45 GMT

GET
H2 200 5043159 Show response
betotodilea.com/500/ Frame 4CD4 1 KB
2 KB 373ms
372ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/500/5043159?excludes=&oaid=39f76aca72bf4083b9801cb90c31f885&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1552&wiw=1552&wih=150&wfc=1&pl=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&drf=https%3A%2F%2Fm.javchill.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/5043159

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

575f42b6ef2d27cdf524fed40b91ac1ded9f3cc5107dbca4b0807a239b3ea644

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://emturbovid.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 35295b6fea3621ffa0918da2bf9ef9fb
pragma: no-cache
date: Tue, 08 Nov 2022 04:55:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://emturbovid.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 5043159
betotodilea.com/500/ Frame 0
0 713ms
237ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://emturbovid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://emturbovid.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Tue, 08 Nov 2022 04:55:46 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 404 1
nanouwho.com/ Frame 4CD4 0
0 729ms
241ms Script
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nanouwho.com/1?z=5188582
Requested by: Host: cdn.itskiddien.club
URL: https://cdn.itskiddien.club/apu.php?zoneid=5048997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-trace-id: 02ccaccc60bfebe2b97a321bfe98a4b3
date: Tue, 08 Nov 2022 04:55:46 GMT
x-sc: 4KdnrdofxFOHMlcU
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers: X-Sc
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7

GET
H2 200 / Show response
cdn.itskiddien.club/ Frame 4CD4 2 KB
2 KB 241ms
241ms Fetch
application/json 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddien.club/?rb=B8Kif57BHf2Bl5yo-G5KLYOLqmXhTESTOLKvLVbloNFIYZSgx3UX2xSjqwkk2v4R_Ap8TAuLqEnPmHDJKhprorDkU5KC0XR0lpBht2GR-1KvXehLX0I4Xab9bvWrhRc88kYkdsyVDYmbtean0g3HW0qFMnFrGk3S4t3sOa-LCcLgOvGw6SH2wVWK-dQz52HbJCnifYkwJR56v9RcYjsZY82MZ9LGcpcMgeka1kflTUohbde27QIRmQ-Y29f1udKrOGSCi9inyUtpzsHdUMC5Ia31Zm0%3D&request_ab2=0&zoneid=5048997&js_build=iclick-v1.448.1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1552&wih=150&wiw=1552&wfc=1&pl=https%3A%2F%2Femturbovid.com%2Ft%2FYQXlUdrpB0Q3E8WKdzeb&drf=https%3A%2F%2Fm.javchill.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.448.1&bs=c2467009-b0f0-40d9-b42f-8fb9c409fb8c&userId=39f76aca72bf4083b9801cb90c31f885&m=link

Requested by

Host: cdn.itskiddien.club
URL: https://cdn.itskiddien.club/apu.php?zoneid=5048997

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a60ab198ad242eced92a2bd932b85ed8071dd99ec88747d148875f6d5a99f2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: dc8d9975b0a38a988ce12e9ef444cc1c
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://emturbovid.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB480.m3u8 Show response
ss63.litvp.com/stream/D/C5/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB/hls480/ Frame 4CD4 19 KB
20 KB 494ms
492ms XHR
application/vnd.apple.mpegurl 2a00:c98:2030:a00f:6::2a00
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://ss63.litvp.com/stream/D/C5/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB/hls480/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB480.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:c98:2030:a00f:6::2a00 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: fc87445fc63eb47f6a62028f410e714f3467917e458abdc96360decc677da817

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:46 GMT
last-modified: Wed, 05 Jan 2022 06:00:47 GMT
server: nginx/1.20.1
etag: "61d5340f-4cb2"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 19634

GET
H2 200 clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB4800.ts
ss63.litvp.com/stream/D/C5/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB/hls480/ Frame 4CD4 496 KB
0 244ms
243ms XHR
video/mp2t 2a00:c98:2030:a00f:6::2a00
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://ss63.litvp.com/stream/D/C5/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB/hls480/clWE6Fpnl5pxSMapUKmh4ZR4STEN5woabOB4800.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:c98:2030:a00f:6::2a00 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:46 GMT
last-modified: Wed, 05 Jan 2022 06:00:46 GMT
server: nginx/1.20.1
etag: "61d5340e-d32dc"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 864988

GET
H2 200 caa914b835f94f13553a1a403767f67e.jpeg
offerimage.com/www/images/ Frame 4CD4 10 KB
10 KB 36ms
11ms Image
image/jpeg 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/caa914b835f94f13553a1a403767f67e.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d08173618734c25631c16a40f00bd00da743f8df65175129809057da48aa6124

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://emturbovid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:55:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 27 Jan 2022 16:12:48 GMT
server: cloudflare
age: 17394
etag: "61f2c480-2726"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 766bb7e53ed0f5d4-NRT
content-length: 10022
expires: Wed, 09 Nov 2022 00:05:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2022-01/25/asrt-151.jpg

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2021-01/27/261ara-475.jpg

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2021-05/11/fc2-ppv-1807912.jpg

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2022-03/28/dori-047.jpg

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2021-10/27/yari-002.jpg

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2020-11/26/345simm-559.jpg

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2021-09/19/c0930-hitozuma1363.jpg

Domain: poster.javchill.com
URL: https://poster.javchill.com/frontend/posterResize/2021-01/16/natr-649.jpg

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.javchill.com/	1970-01-20 07:18:10	Name: XSRF-TOKEN Value: eyJpdiI6Im9QeTN4d0dtK3Z0U3psTVhGNmIrMHc9PSIsInZhbHVlIjoiSzQyc2YyWUJVMUxFdDhZZGRiVU9JM0VjbTBveGpMRTVwYWowODF4WGpidUpZT00xTEFsSG9OODlHT3J2VkMxUHBmMXZrZEV4M01kc3FVbFFnZTZINmVuUEpaUk9ycVpabjlYQU9ydThQTXZ5VkhCcDlGTkh5YWErMDJYM3VWTTUiLCJtYWMiOiJjNTRjOWZkMmIwNTMyMzU0MjYxZTMxMGIxMTdmYWZmOWFhODFiMDE2Mzc3OGRlMGIxNzMwNDY5ZGY0MzliODJjIn0%3D
m.javchill.com/	1970-01-20 07:18:10	Name: laravel_session Value: eyJpdiI6Imw1azdJYXU2eHhGdjNrQ2dNVnU3K1E9PSIsInZhbHVlIjoiamsxcVdWS3FGbzZKTTRuL2tIc2JYTkhwWktub2hWeW56cWpRaWpTS040OGJPeUx1ZFFoaEhUa1p1dG1FOVQ5MHJNWTd2eG5ZRlFtNlFZVHBIMTBxL2ZLblZXMm5ZSUdKTTBiaFlGb2d3TmhWRU16TkIvNjE1SEdSbkpoY2RtYkMiLCJtYWMiOiIwMGQ4OWE2YjRmYjE4Mzk5MDQ4YTg3MDYzY2IxN2YwZmUyODI3NzI3MDU0YzFiODk0ZTQ5NmY1NjkxMWQxNjNjIn0%3D
.javchill.com/	1970-01-20 16:03:39	Name: _ym_uid Value: 1667883345975000643
.javchill.com/	1970-01-20 16:03:39	Name: _ym_d Value: 1667883345
.emturbovid.com/	1970-01-20 16:03:39	Name: _ym_uid Value: 1667883345185562093
.emturbovid.com/	1970-01-20 16:03:39	Name: _ym_d Value: 1667883345
delivery.taroads.com/	1970-01-20 07:18:24	Name: ___tasd Value: e26,
.yandex.ru/	1970-01-20 16:03:39	Name: ymex Value: 1983243345.yrts.1667883345#1983243345.yrtsi.1667883345
.javchill.com/	1970-01-20 07:19:15	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 16:54:03	Name: yandexuid Value: 7532029561667883345
.yandex.ru/	1970-01-20 16:54:03	Name: yuidss Value: 7532029561667883345
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1066417061667883345
.yandex.ru/	1970-01-20 16:54:03	Name: i Value: Libfm5qbBrA8LXA95yJ7LETP6WE/5vMJCWcEtomGqTJIjG9zzhF9lHDpoRo5LCd/FM0HFqWzKNLix1jSMFhkJIGyarc=
.emturbovid.com/	1970-01-20 07:19:15	Name: _ym_isad Value: 2
my.rtmark.net/	1970-01-20 16:03:39	Name: ID Value: 39f76aca72bf4083b9801cb90c31f885
cdn.itskiddien.club/	1970-01-20 16:03:39	Name: oaidts Value: 1667883345
cdn.itskiddien.club/	1970-01-20 16:03:39	Name: OAID Value: 39f76aca72bf4083b9801cb90c31f885
cdn.itskiddien.club/	1970-01-20 07:28:08	Name: syncedCookie Value: true
nanouwho.com/	1970-01-20 16:03:39	Name: scm Value: 1
betotodilea.com/	1970-01-20 16:03:39	Name: OAID Value: 39f76aca72bf4083b9801cb90c31f885

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://poster.javchill.com/frontend/posterResize/2022-01/25/asrt-151.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://poster.javchill.com/frontend/posterResize/2021-01/27/261ara-475.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://poster.javchill.com/frontend/posterResize/2021-05/11/fc2-ppv-1807912.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://poster.javchill.com/frontend/posterResize/2022-03/28/dori-047.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://poster.javchill.com/frontend/posterResize/2021-10/27/yari-002.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://poster.javchill.com/frontend/posterResize/2020-11/26/345simm-559.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://poster.javchill.com/frontend/posterResize/2021-09/19/c0930-hitozuma1363.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://poster.javchill.com/frontend/posterResize/2021-01/16/natr-649.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ver1.sptvp.com/poster/live.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nanouwho.com/1?z=5188582 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
betotodilea.com
cdn.itskiddien.club
cdn.jwplayer.com
cdn.plyr.io
delivery.taroads.com
emturbovid.com
fleraprt.com
m.javchill.com
maxcdn.bootstrapcdn.com
mc.yandex.ru
mposter.javchill.com
my.rtmark.net
nanouwho.com
offerimage.com
poster.javchill.com
ss63.litvp.com
ssl.p.jwpcdn.com
tzegilo.com
ver1.sptvp.com
www.googletagmanager.com
www.gstatic.com
poster.javchill.com
139.45.195.254
139.45.195.8
139.45.197.236
139.45.197.237
139.45.197.242
2404:6800:4004:80c::2003
2404:6800:4004:81d::2008
2404:6800:4004:821::200a
2600:9000:2142:d600:1:a3fa:7cc0:93a1
2606:4700:10::6816:21ac
2606:4700:21::681b:c258
2606:4700:3032::ac43:b020
2606:4700:3033::6815:1bfb
2606:4700:3033::ac43:8252
2606:4700:3033::ac43:9360
2606:4700:3036::ac43:c22d
2606:4700::6812:bcf
2a00:c98:2030:a00f:6::2a00
2a02:6b8::1:119
2a04:4e42:400::626
0393a3c3fbd8139be4597fbeb30e4e550526c334e54f0c98d87084b08f6bd942
08d5fb2a6e7f8c8b409c9d620dacdbf3b7d262e74bc5bc30b8dd471432f811ce
0dd4780a641049b305ef4b3d4ef6e5f1783ef6f35982bda57e7800f86cff4260
1022e676c6c8cfca091fab0c037b75cf7414ea69bf8443efe4a46f3a513e87f3
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b4b9b4c26a0dcd0901557e2382534f1f518ebeb00c17d1758090bee2f191d8b
37d2d25774d1a105f4fa0cb1a412e8551191bde526f2de8f97645234dc174a50
3b791712086001011a3a913120c1bc35bb8238c72e9d3d0dba6f80b687e0d1f4
49c5dc1a05c38a64c8e03cb10814682c995a6ddf0ee66e037d38fb459f53cdd9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f52498470cea92b1c9df4ce87f27f64bddfa9d00ab975313eba57429ba20ce
575f42b6ef2d27cdf524fed40b91ac1ded9f3cc5107dbca4b0807a239b3ea644
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5d10b2c8cd62020b5adfe137b757a5e6af46fd4f34f469dd8c809c59e1a104e3
6019bc5a3b61ec247e47766f1b8a728cf28021e65c137690de5369bde8fb0176
6a96810935b6f54d51d9c1b70caabfcc135bbb3d6c3fe2ae6cd1c1b871e70a43
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6fe5233b4ccd041305715d11fd354cb3a65abe22152fc698d6033124a2212fad
79940cfffd1ba3c7b8aaed4626b1e59f2513d5cfd1fe3509a0ce19fbd4b81844
7be5773afade685232a88dc41efe61c133d536973dcfd3dcb4de8fcc60866678
806819baaf2bffee48023c8bcaf835e5e6733383694b730c48989020ef7ed99a
88c31732f5a10b0a1eaa482179d84e429e41ba80f3f48c6b45c7b3de5d671a36
891b3886dccdba5ee5a6c7a7eb571b702d0e0632fe625eab0f14661db6f18a92
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323
91a6243d437c646e7cadd23844434acef844c5d90156b9eff3dc6e811ff50be5
a2a4ace64447adb5d2418874763c4109175bea10f3c7427a03ddbb4e456d412e
a60ab198ad242eced92a2bd932b85ed8071dd99ec88747d148875f6d5a99f2df
acfde0191e09d9049c5304cf54ee91bc9748bc11e6ad6091ca20c7de569d29b6
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
cdf2ea54da39706966e6fb4eb161784eb4b6e749b57f819491c71c953b88e1d3
ce57c7b07b5362d4714a35fc9741450891248d57de4e881e579772dffa81ed33
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
d08173618734c25631c16a40f00bd00da743f8df65175129809057da48aa6124
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5dfb4c60a0fb828e876f52ee65ba00a32e89a8798216118eebbb3864966b3e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f6a0c7279aa5db8c8a1f2b29ef506159e742d1cefa55bdf994fab5665b082b76
f7bf6e4c4307021b768a12ae166704879b8c175de71edb6a3c58a6f7b95cd17c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f857e9681d77442ee8414c0f21848a688fdff3c0595fc4546ce81668496cbc0c
f92a49ad3a22b8d1547e0fa2211dfa2eca0148cb2488b59581b3c6f888b7e0d8
fc87445fc63eb47f6a62028f410e714f3467917e458abdc96360decc677da817

m.javchill.com Open in urlscan Pro 2606:4700:3033::ac43:9360 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

82 %HTTPS

75 %IPv6

20 Domains

22 Subdomains

21 IPs

5 Countries

1184 kBTransfer

4005 kBSize

20 Cookies

2 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.javchill.com Open in urlscan Pro
2606:4700:3033::ac43:9360 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

82 %
HTTPS

75 %
IPv6

20
Domains

22
Subdomains

21
IPs

5
Countries

1184 kB
Transfer

4005 kB
Size

20
Cookies

56 HTTP transactions
0 data transactions