Report - javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/

Report Overview

Visited public
2024-07-06 18:32:32
Tags
URL
javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Finishing URL
javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
JAV HD SNIS-103 Aoba Yui Peeing Of Shyness! Hiiragi Noa

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.cloudfrale.com	55750	2019-02-04	2019-02-06 17:01:05	2024-07-05 18:55:12	501 B	363 kB	45.133.44.20
accompanimentachyjustified.com	unknown	2024-07-01	2024-07-02 19:03:52	2024-07-02 19:03:52	3.2 kB	96 kB	172.240.127.234
ts.trafget.com	unknown	2023-01-20	2023-12-11 15:45:19	2024-07-05 15:53:27	1.6 kB	2.3 kB	172.67.128.119
javhdfree.icu	unknown	2019-06-29	2019-07-05 16:10:46	2023-04-21 19:58:10	512 B	461 B	172.234.222.143
pxl.tsyndicate.com	14763	2017-03-08	2017-07-05 15:51:06	2024-07-05 23:00:46	5.5 kB	611 B	144.76.197.134
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2024-07-05 18:54:52	521 B	480 B	35.244.181.201
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-05 18:12:12	981 B	2.7 kB	23.36.76.226
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-05 18:19:31	650 B	1.4 kB	142.250.74.131
creative.mnaspm.com	unknown	2022-07-05	2023-10-04 13:20:24	2024-07-05 20:33:12	4.2 kB	329 kB	104.18.40.50
video.xxxjmp.com	76113	2021-06-22	2021-07-02 12:51:52	2024-05-27 13:42:26	440 B	5.8 kB	104.18.40.50
s3t3d2y8.afcdn.net	unknown	2022-06-27	2022-08-09 00:22:56	2024-07-05 19:43:02	532 B	48 kB	185.76.9.19
cdn.tsyndicate.com	16265	2017-03-08	2017-07-04 08:00:09	2024-07-05 20:39:13	3.2 kB	183 kB	45.133.44.70
s.magsrv.com	unknown	2023-08-01	2023-08-04 14:48:00	2024-07-05 19:02:00	15 kB	48 kB	95.211.229.246
stripchat.webcam	unknown	2018-12-16	2019-03-13 13:28:21	2024-07-04 15:40:25	424 B	730 B	104.17.117.12
6v41p4bsq.com	unknown	2023-09-04	2023-09-04 12:37:40	2024-04-30 21:26:40	2.0 kB	86 kB	212.117.190.201
a.magsrv.com	unknown	2023-08-01	2023-08-04 18:18:00	2024-07-05 19:01:59	22 kB	669 kB	185.76.9.17
peeredplanned.com	unknown	2024-07-01	2024-07-03 14:05:21	2024-07-03 14:05:21	477 B	467 B	172.240.108.84
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-07-05 19:08:51	729 B	471 B	192.243.61.227
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-07-05 20:43:29	396 B	86 kB	188.114.97.1
recessinternetscald.com	unknown	2022-12-28	2022-12-28 16:11:21	2023-10-25 09:44:19	434 B	13 kB	192.243.59.12
go.mnaspm.com	unknown	2022-07-05	2023-10-04 13:16:29	2024-07-05 20:33:13	5.7 kB	13 kB	104.18.40.50
video.ktkjmp.com	23778	2020-08-07	2020-10-02 10:52:19	2024-07-05 20:33:13	442 B	1.0 kB	104.18.53.225
javhd.icu	194112	2019-11-11	2020-07-17 16:25:34	2023-10-29 02:17:37	29 kB	1.6 MB	188.114.96.1
acdn.tsyndicate.com	unknown	2017-03-08	2024-01-30 14:51:59	2024-07-05 22:00:53	458 B	32 kB	45.133.44.70
go.xxxjmp.com	14382	2021-06-22	2021-07-02 12:31:24	2024-06-21 17:27:54	714 B	1.8 kB	172.64.147.206
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-07-05 19:35:35	419 B	416 B	3.124.140.205
tsyndicate.com	13042	2017-03-08	2017-03-16 10:04:54	2024-07-05 23:00:46	3.5 kB	45 kB	195.201.244.188
img.strpst.com	12993	2021-05-31	2021-06-03 10:45:56	2024-07-05 20:33:15	894 B	29 kB	104.17.11.106
u3y8v8u4.aucdn.net	unknown	2022-06-27	2022-08-08 15:30:47	2024-07-05 19:43:02	532 B	132 kB	185.76.9.19
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2024-07-05 19:31:37	443 B	145 kB	45.133.44.9
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-07-05 20:18:45	5.6 kB	250 kB	142.250.74.168
3pkf5m0gd.com	unknown	2024-05-10	2024-05-14 14:04:12	2024-07-05 16:40:32	2.6 kB	127 kB	212.117.190.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-06 18:32:00	medium	Client IP	188.114.97.1	ET INFO Suspicious Domain (*.icu) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-06	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (65)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-152876315-1	ScriptElement	203 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-152876315-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 2fdc244bdcd4cfd8dd778a55927c8a93 8333eda29877ce9425aba7dbe54a4ab050c1c607 0f0bfb024b852aba030862476c3d7f07497363ea7d6b5076d278d171168356ff Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5335874	ScriptElement	759 B	2024-06-30	2024-09-20
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5335874 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-30 07:56 Last Seen2024-09-20 20:15 Times Seen268 Hash 92b496de1342a000906bd38cc3ee1f6d 4d4e2e31f592dfa9db108b96a7d57e33e648b10a e6feadfdeef841f35d1ff90f16faeb2f7dc65e7ef30064a6865775e16acd044a Loading...

	unknown	ScriptElement	196 B	2023-12-02	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 21:34 Last Seen2024-08-20 17:01 Times Seen2 Hash 917dcc713c15d4e8fccb2c1560aaee6b c7d0310d94ddb881e374594d333140717c2e4498 29adab3614517f115f698344af83f6af5910c94db78c7bf6c7b104e8df93ce8b Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	155 B	2023-03-07	2024-12-30
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:04 Last Seen2024-12-30 19:20 Times Seen6 Hash 4bd59a92a445d1b9ab53190b2caaaaa3 32b7c405dd78d156fc7df7dab082a9cf0153a2ec 723c1e944d175bdccd228cb1368f24befebfdb679a939692144d35b4bcb1f446 Loading...

	javhd.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-06-15
Pretty URL javhd.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-15 11:08 Times Seen73777 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?	ScriptElement	0 B	0001-01-01	2025-06-15
Pretty URL tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html? IP 195.201.244.188 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-15 11:32 Times Seen4967074 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	a.magsrv.com/iframe.js?idzone=5335876&size=300x250&sub=44189	ScriptElement	2.3 kB	2024-08-19	2024-08-19
Pretty URL a.magsrv.com/iframe.js?idzone=5335876&size=300x250&sub=44189 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 4a9ab28d7d3ed445d85cf8988d15e60b 29ac3eb1b23a294bd594dc9f09dcd77a01ca8360 572a4f20674a4279781271cd11921f62f3b087f188c86429a9f49ff1927779d8 Loading...

	pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zCyHeGFOjzA0cMlrAwGGDTAsaZGLYaCGGDAwxLWyUETMjTJkYYWbkmEFDxMMwdcZktFFSxhgyZmi0yCEDRpiTBVcalIHjJMowOMaUGSMmR5kcPiGSsUORxo0YOB7CqSNm4Y0cOW7Y-AkHzkIaNNDmeDgHzkQdNGbAqLFzrog2ff8GHpyjxo2HY9rY1UEYL4y9Ys0slPFYhBg3bhbOcJwDRw7Dbdxg1BFjhoymalOvPhujxoyHdWJkREOHDpw5Ol68OPPGReowfdu4GPOmzYs5bcLI8f0GzosxNnK0NgOjNgwYNByPeUlGDA7CN8qUpEHVRpgaNMbEkGEGBxn5TceEgeHeqRgZNcBwwwyumRZRGGH8UMccCCVBRg8pfWfGDUjFQNN5nHGUgxky7BeDVjbUYJ8YZpgnRnbZ0ZADfvLRkJ1KNCQ1kkoU0hDGh2FwUcd3Mtgwxxt1yKGVgz1URsNlOvJoQxtltCFGgw_aoQUVZsgBhRJafCGGE0fkIAYbcMgwxBgzPOEEHlKUcUYMc8xwhRh04NFCGDfA0QQOaswAhxAySLHGF2aowQYMc4yhBBYtkIEGFXUg0cINZ2ghBBVLwIFFHUdYEUQZbDxBRR5RpDFHEXjI8UQYeqCRhxgoJTGFGmRQ4UQVa8TARgxGtFHFEEwE0cQTX5xRRRJESFFFGknC0CMcMfSwGGEz2BAWGc1lpEYYdqBBhgtpjFFHWPr9tQUMXagl5EI1uIBDGSLV8BCJC8HgQneQwdHGF3Ccq4O84Ikow0Ny2DGZDBVtZW-884qIWx1pZHSZjTbccOJSZZBRw0mXzdACDoGxWx4OSYVYQ0dl4BBWGpOJoJ0LOcjLngu19QTwFyhntHLLLrwcc1h1hJFRE2_okQYbbITxQrowgIACFjHEsAMITKThRh14gIAHSV_YQMPTAetw2rwpgHDEVmu88UJTMXyXdgwgGJGGHGWY8QYeL3wNA7hC6SCCE0-E9YYcX4yR9959P8TG4EU4MW0ZdnwBNxsUOfZRtDh8B_AZoekAIA6dHdS4GHIshENaInj-RRtvkLEZSRWRIccboj30hkKamzt3Hug-REYemdMhRx1lABz3br39FtwL12a7bbd1vBDWHRnNV3lYaESvrMwizBFwRq_TEQYdf7dQhxtp0BETDS6QIYPf2pMF2Eg33BBgy60PftAX6odFRxsU3dCUDC3zn2H2tz7W-E9ZAewRZ2DwEzI4rgx9-cL3-ve_BBqGcRJkA0LoQLstxOAG5YIInDJyEDMAhQ0TUcvh4gWZ1cCgDwoICA%3D%3D&s=5595909c6ccb6d23e69e73f1f646883db046a7a8e904a961fc959ae60afad71e1720290726&w=t&r=1&d=725&priv=true	ScriptElement	24 B	2023-03-07	2025-06-15
Pretty URL pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zCyHeGFOjzA0cMlrAwGGDTAsaZGLYaCGGDAwxLWyUETMjTJkYYWbkmEFDxMMwdcZktFFSxhgyZmi0yCEDRpiTBVcalIHjJMowOMaUGSMmR5kcPiGSsUORxo0YOB7CqSNm4Y0cOW7Y-AkHzkIaNNDmeDgHzkQdNGbAqLFzrog2ff8GHpyjxo2HY9rY1UEYL4y9Ys0slPFYhBg3bhbOcJwDRw7Dbdxg1BFjhoymalOvPhujxoyHdWJkREOHDpw5Ol68OPPGReowfdu4GPOmzYs5bcLI8f0GzosxNnK0NgOjNgwYNByPeUlGDA7CN8qUpEHVRpgaNMbEkGEGBxn5TceEgeHeqRgZNcBwwwyumRZRGGH8UMccCCVBRg8pfWfGDUjFQNN5nHGUgxky7BeDVjbUYJ8YZpgnRnbZ0ZADfvLRkJ1KNCQ1kkoU0hDGh2FwUcd3Mtgwxxt1yKGVgz1URsNlOvJoQxtltCFGgw_aoQUVZsgBhRJafCGGE0fkIAYbcMgwxBgzPOEEHlKUcUYMc8xwhRh04NFCGDfA0QQOaswAhxAySLHGF2aowQYMc4yhBBYtkIEGFXUg0cINZ2ghBBVLwIFFHUdYEUQZbDxBRR5RpDFHEXjI8UQYeqCRhxgoJTGFGmRQ4UQVa8TARgxGtFHFEEwE0cQTX5xRRRJESFFFGknC0CMcMfSwGGEz2BAWGc1lpEYYdqBBhgtpjFFHWPr9tQUMXagl5EI1uIBDGSLV8BCJC8HgQneQwdHGF3Ccq4O84Ikow0Ny2DGZDBVtZW-884qIWx1pZHSZjTbccOJSZZBRw0mXzdACDoGxWx4OSYVYQ0dl4BBWGpOJoJ0LOcjLngu19QTwFyhntHLLLrwcc1h1hJFRE2_okQYbbITxQrowgIACFjHEsAMITKThRh14gIAHSV_YQMPTAetw2rwpgHDEVmu88UJTMXyXdgwgGJGGHGWY8QYeL3wNA7hC6SCCE0-E9YYcX4yR9959P8TG4EU4MW0ZdnwBNxsUOfZRtDh8B_AZoekAIA6dHdS4GHIshENaInj-RRtvkLEZSRWRIccboj30hkKamzt3Hug-REYemdMhRx1lABz3br39FtwL12a7bbd1vBDWHRnNV3lYaESvrMwizBFwRq_TEQYdf7dQhxtp0BETDS6QIYPf2pMF2Eg33BBgy60PftAX6odFRxsU3dCUDC3zn2H2tz7W-E9ZAewRZ2DwEzI4rgx9-cL3-ve_BBqGcRJkA0LoQLstxOAG5YIInDJyEDMAhQ0TUcvh4gWZ1cCgDwoICA%3D%3D&s=5595909c6ccb6d23e69e73f1f646883db046a7a8e904a961fc959ae60afad71e1720290726&w=t&r=1&d=725&priv=true IP 144.76.197.134 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-15 08:49 Times Seen4539 Hash 0959ba36d476b6dc1994ba3c678b07c4 d30b94da72daa02766965206a85b7e0356375f5e 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Loading...

	unknown	ScriptElement	145 B	2023-03-07	2024-12-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2024-12-30 19:20 Times Seen6 Hash 4c9591822fa19e5d2398e2da96cc1321 124b3b86c8ab2590ece161e8ff32251ac5f034c0 ed89a73ecc742609041e411ce98ae062907040ed2a4a3bda1d21302ec5021531 Loading...

	a.magsrv.com/ad-provider.js	ScriptElement	166 kB	2024-06-28	2024-08-21
Pretty URL a.magsrv.com/ad-provider.js IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-28 09:25 Last Seen2024-08-21 17:30 Times Seen612 Hash 710721b64ea5e3867ccff5f3de8ef294 18483d80947e14cf49f8c9ebbe3391e1f48fd0bc bc0563abe13d7d9aa2d4b78a528f19ab616341e43dbf486aabca10559ae58e64 Loading...

	javhd.icu/wp-content/plugins/wp-easy-review/scripts.js?ver=1.0	ScriptElement	672 B	2023-03-10	2024-08-29
Pretty URL javhd.icu/wp-content/plugins/wp-easy-review/scripts.js?ver=1.0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:20 Last Seen2024-08-29 17:20 Times Seen4 Hash 7d8105a0cbda176f06cb16e3e9f54adf 7d25212b061e5751c9a31a6b675e1573f61123c8 338d9046ad650a77368c155f2c9be97acdc40898c374bc0829d645bc70d051aa Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	3.2 kB	2024-08-19	2024-08-19
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash fd47f6f39a0698d43891e51bb26a441e 3b7b187f10394ad7e2a4ba4ded2c1f1be53c9291 d5367c9a1d08aab9ddc00b1c09592c3509c5db82e72e06e999645c32dc070fc5 Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	174 B	2023-11-10	2024-12-30
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-10 05:59 Last Seen2024-12-30 19:20 Times Seen6 Hash 17cd0e690da80b0e9a539c608fb00eba 895d690c7d4ed54dec0e9e911129e90b07cba2fc 2cd358dba8ae1723ef16c1fd05b079cb77f8e10054b160c12b40aa32b1ba0905 Loading...

	cdn.tsyndicate.com/sdk/v1/puengine.js	ScriptElement	90 kB	2024-01-15	2024-12-12
Pretty URL cdn.tsyndicate.com/sdk/v1/puengine.js IP 45.133.44.70 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-15 15:07 Last Seen2024-12-12 22:05 Times Seen824 Hash dd5e3d608cc7831780050c847b3b249e ae5df44b84829faa0cbf2614c5b3c23d1901063b 9f8cc0fa666cd6911977e73e8ea15747da46c0e2fed880b774d974aeec94fa50 Loading...

	3pkf5m0gd.com/aas/r45d/vki/2009932/105dadc5.js	ScriptElement	122 kB	2024-08-19	2024-08-19
Pretty URL 3pkf5m0gd.com/aas/r45d/vki/2009932/105dadc5.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 0bdf7b64c057082c59534d2f5a243b3f 7694ebdd47808ef6e8ad667290b9784d3e852690 23c9110f25db23444397d3f197348c820279ddae497af911224bd177e1f0932c Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	140 B	2024-07-06	2024-12-30
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-06 20:32 Last Seen2024-12-30 19:20 Times Seen4 Hash ef86ffb8ff094131bee08f2e2c74336a 7c27244f42414a253f5b87816418dd2d531047a2 f8f7f65bce4903185378970f3fa5e3f576544ec027bf0b0dc0fef700efa68405 Loading...

	cdn.tsyndicate.com/sdk/v1/p.js	ScriptElement	9.6 kB	2024-03-27	2024-08-20
Pretty URL cdn.tsyndicate.com/sdk/v1/p.js IP 45.133.44.70 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 19:22 Last Seen2024-08-20 06:48 Times Seen437 Hash 997c0eb1531ae5f01392669639803920 61e9e5abde4564d9afaf7860dee571faff73de92 326b6f87f5b1a4f8aeaf43e7117051c958fd72dca3a9508882b7646b9ea7d577 Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5335876	ScriptElement	759 B	2024-06-30	2024-09-20
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5335876 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-30 07:56 Last Seen2024-09-20 20:15 Times Seen251 Hash 98da9a5a47bec1d834537d8808d38d83 d1c1c9c8e775953bc6458627ba5dc4ca8c0e59d7 6521a7983e301cd749d8facc8ce44b1a027b2608a81b2896b157afd5e6eee4b7 Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	59 B	2023-03-07	2025-06-15
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-15 06:48 Times Seen4873 Hash de7507ad26c6c904109c87dd5dfac288 952cae1ce6ce1e74b010b31b4357424c12a5960c 09f81a5c463b570b389ce0b118a29bf489353d0ae7d47eefee9b9e7b703e0e02 Loading...

	javhd.icu/ads/300x250.js	ScriptElement	1.2 kB	2024-08-19	2024-08-19
Pretty URL javhd.icu/ads/300x250.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 640624d84eca06a1813eb59f377b5dea c7bb0defa82970216629165e03746c4414bbffc4 41c7bb36ece6e2cd4518b564c6c73ce921705a85095609c94774293a8ede1a13 Loading...

	6v41p4bsq.com/get/1872644?zoneid=1872644&jp=_cluue4mixhbf2cmb1axmvj&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=ajuIbnmSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=sSEhXQuaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=4897815577138176&eclog=0&im=1&cs=5&freq=0&uf=0	ScriptElement	4.9 kB	2024-08-19	2024-08-19
Pretty URL 6v41p4bsq.com/get/1872644?zoneid=1872644&jp=_cluue4mixhbf2cmb1axmvj&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=ajuIbnmSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=sSEhXQuaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=4897815577138176&eclog=0&im=1&cs=5&freq=0&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 58e47fe0b18fdb9c39de133345be1226 2bca2eeb55d46b2e0b766f147a1a0fe0a8cff5af 90bbead26a8576feaf1d611de7d18b5d7a24fe2ba787880cdd13d7e4aac6da43 Loading...

	acdn.tsyndicate.com/sdk/v1/b.b.js	ScriptElement	6.1 kB	2024-04-21	2025-05-08
Pretty URL acdn.tsyndicate.com/sdk/v1/b.b.js IP 45.133.44.70 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 10:03 Last Seen2025-05-08 06:21 Times Seen2398 Hash d42c27f2f4d3b1e907fb19769fbb487e 48378f62ba9bb1bfc4adf74adf8e8ca5d33d05ae 10aa5af82d490e9beb3b1b4884132c8dc748cb4f09cf9573f2865b4c7afc5e83 Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	1.2 kB	2023-11-10	2024-12-30
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-10 05:59 Last Seen2024-12-30 19:20 Times Seen6 Hash 89dc018dde1b68f69314ffc96c20fa1b c8deb52fad2246ca53e594000ae60def4eacdb64 65cc6688e4c5e77d89116d0e52330a10e53ca6829981d310a396f1b3b0ccd112 Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5335880	ScriptElement	759 B	2024-06-30	2024-09-20
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5335880 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-30 16:54 Last Seen2024-09-20 20:09 Times Seen40 Hash a0858d35816029024f8c75dbc4dbffe8 f1d8e0e5a5bd07cb0566b85f6e7ef7f481369f7f b0916550e2ae39ff3db8c41ff3b8825f3a86440ad1104d2df3b536e4616ebcc2 Loading...

	a.magsrv.com/iframe.js?idzone=5335880&size=300x250&sub=44189	ScriptElement	2.3 kB	2024-08-19	2024-08-19
Pretty URL a.magsrv.com/iframe.js?idzone=5335880&size=300x250&sub=44189 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash a061c5e251778dbc32ab6115b2ca10e0 00063b8884f2b2f56e3dc25979324ecbf8f26587 cc885cf39941971ebb5c44d8550af343155931b2d1bad538c8a1db5e61e5af13 Loading...

	a.magsrv.com/iframe.js?idzone=5335874&size=300x250&sub=44189	ScriptElement	2.3 kB	2024-08-19	2024-08-19
Pretty URL a.magsrv.com/iframe.js?idzone=5335874&size=300x250&sub=44189 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 37d51bc0bf831c1e4e45a7b436c3fc2c 65a7ca0c0e4dc62415a52fd4ebabc9274dcbc08a 87db32cd807f0960f71d00588fbea2a1e4488854615964188c7435fcaa923cd5 Loading...

	cdn.tsyndicate.com/sdk/v1/inpage.push.js	ScriptElement	14 kB	2024-04-20	2025-04-22
Pretty URL cdn.tsyndicate.com/sdk/v1/inpage.push.js IP 45.133.44.70 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-20 16:21 Last Seen2025-04-22 02:39 Times Seen426 Hash 00c3a437db0258c707944c3f8a13da32 0e1b2787c0fe785af9e2c441b52c1c627c6a21d1 d10120a1e35daa3c0265fff15739c99dc889b724614c5a7d23059597fc9eccdf Loading...

	unknown	ScriptElement	3.8 kB	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 733a0d03bf062c5a364802929c33e799 c6ac18b961e8f3a9f4661a7da591a6fabe9bae97 d0c5c4ea9a12de96cb42ea5a2031597a1ebc1aa782dcb6f787339fbf083890ee Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	451 B	2024-08-19	2024-08-19
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash fc4f341caabbd4ad299fc46053691897 3c53a86443e8ef94b4911b6805efe1bd87b5d4ca 3634a0dc9ee894643b0c11d2a8ff4c774d0cfd84857bb46825067a711d85e626 Loading...

	javhd.icu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-06-15
Pretty URL javhd.icu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-06-15 11:16 Times Seen112850 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	javhd.icu/wp-content/themes/videotube/assets/js/custom.js?ver=1687070962	ScriptElement	13 kB	2023-03-10	2024-08-29
Pretty URL javhd.icu/wp-content/themes/videotube/assets/js/custom.js?ver=1687070962 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:20 Last Seen2024-08-29 17:20 Times Seen5 Hash 5033edcf90f59d41de13d7a119e9b4b2 9aedda96bb66493ffefa8bdffc2c6d4cf4556599 da77bb7df295a679c72ccf0a325c370a9c89d333bdaadd0db8af952c57cbdb99 Loading...

	cdn.tsyndicate.com/sdk/v1/video.instant.message.js	ScriptElement	18 kB	2024-06-22	2024-11-08
Pretty URL cdn.tsyndicate.com/sdk/v1/video.instant.message.js IP 45.133.44.70 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-22 16:32 Last Seen2024-11-08 17:59 Times Seen50 Hash 2b867ddbfd75470beb3f6c6ae94da284 cea27812747f31f8cbcc29ce35f6fe4588482379 634df4d833fbd0ebd63714eb73e5a5bad07ab08f189342a26e91d4e7976ed9da Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	unknown	ScriptElement	1.4 kB	2023-04-11	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 23:00 Last Seen2024-08-21 09:44 Times Seen422 Hash 50c18af1b6fbe5f4d2b426e7f099d6b6 e8a8e009f76689f83ba01dd7cd714d6f916025e4 df729e9786ac1e06f9575ad607418b10cb5be239448bc498b401fb6d712d1d28 Loading...

	javhd.icu/wp-content/themes/videotube/assets/js/bootstrap.min.js?ver=1687070962	ScriptElement	60 kB	2023-03-07	2025-06-09
Pretty URL javhd.icu/wp-content/themes/videotube/assets/js/bootstrap.min.js?ver=1687070962 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:47 Last Seen2025-06-09 05:46 Times Seen149 Hash 4cfcd9ef665ac4f7b0a0164943fafc41 8bf0a31c56a8f04247d966cb121643e05f48f7d0 03ace13cf97c2b8a48d4f158222cce6c201ba7c88615c489043ca8c2acc8fdc1 Loading...

	accompanimentachyjustified.com/fd/1b/f2/fd1bf261a2e6772cb538655c23839785.js	ScriptElement	84 kB	2024-08-19	2024-08-19
Pretty URL accompanimentachyjustified.com/fd/1b/f2/fd1bf261a2e6772cb538655c23839785.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 0ad1181bce3501612ee4480f626257e9 cf160936dcb6b79a13b308e2573a2dd16607e854 493a24ae15a2e0760c1e8a522f8cd53f084c6d15fa89c4838d2bcab3639b2b54 Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5335878	ScriptElement	759 B	2024-06-30	2024-09-20
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5335878 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-30 07:56 Last Seen2024-09-20 20:15 Times Seen252 Hash 5d61aca8876a8ee7dc0ca8c2945782ed 4b1178b34700aad1661e75122f7488fbf48ba641 3e8b14a2beb2e12555d25da525ecd669250e51a43073415c460a8f6732b06dba Loading...

	3pkf5m0gd.com/get/2009932?zoneid=2009932&jp=_clyxc92c8syv9pu63l9075&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5&uf=0	ScriptElement	3.1 kB	2024-08-19	2024-08-19
Pretty URL 3pkf5m0gd.com/get/2009932?zoneid=2009932&jp=_clyxc92c8syv9pu63l9075&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 5f33d1edbe1658ecd506e1f04d37066f 5da263c34bf5307e925d7f4a371c85d9e598442a bcd618192712fbbb6a4c818c56bb50090ca74e6d90563d9ddfee739307ed359f Loading...

	javhd.icu/ads/300x100.js	ScriptElement	773 B	2023-11-10	2024-08-20
Pretty URL javhd.icu/ads/300x100.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 05:59 Last Seen2024-08-20 20:10 Times Seen3 Hash ca28898c41685603a4a6b0a5fcfe87fb 7c9acfd78abd9c4f52a2b8d560d6432138d9f7d5 939814b53dff824fe55f4b6db285f3c836bc7c9aa8ce9a392530c67afa26920c Loading...

	javhd.icu/wp-content/themes/videotube/assets/js/jquery.appear.js?ver=1687070962	ScriptElement	1.8 kB	2023-03-08	2025-01-01
Pretty URL javhd.icu/wp-content/themes/videotube/assets/js/jquery.appear.js?ver=1687070962 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:34 Last Seen2025-01-01 02:44 Times Seen11 Hash 6cf5352bff27e3920a0ecd8159d9c61c a27b4dd4fe7054da4a173139b9bb183ede54f1b1 96cec01b99c4f4c6d3bc83937fbe1fac3df5898da6c4b10dce7d93bb0f5d3c50 Loading...

	unknown	ScriptElement	276 B	2024-01-26	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-26 22:18 Last Seen2024-08-20 10:59 Times Seen112 Hash e5f7bb8ff9097e0c93c3c4841a6cbd13 7740aa7df2e0164aaab46bce0a0bda2bbaf6a2f5 976471657d3e2f85014a2c9615c217f800d56fc254d1d7599ad141aed5dbe8ca Loading...

	javhd.icu/wp-content/themes/videotube/assets/js/readmore.min.js?ver=1687070962	ScriptElement	4.0 kB	2023-03-07	2025-05-25
Pretty URL javhd.icu/wp-content/themes/videotube/assets/js/readmore.min.js?ver=1687070962 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-05-25 11:20 Times Seen72 Hash 5f35420c48577a8432b131adfe8164df 42cbc4bd233dd64bed5b4c123f5d180c3f6d4c24 9224caf0b41678f9110a7152d08de5605715f4cf7c96b5c58df930905a062388 Loading...

	a.magsrv.com/iframe.js?idzone=5335878&size=300x250&sub=44189	ScriptElement	2.3 kB	2024-08-19	2024-08-19
Pretty URL a.magsrv.com/iframe.js?idzone=5335878&size=300x250&sub=44189 IP 185.76.9.17 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 8ad1026e501f375b1777f89423600ce9 b86a4f037dde5fe6489a3bc7ba575eb95b83ee7f cc2d9eeadd74f30f35f66362eff754a402194c2f9440150ff8178b208f3c0998 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-15 11:23 Times Seen353524 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	javhd.icu/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5	ScriptElement	19 kB	2024-03-13	2025-06-15
Pretty URL javhd.icu/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02 Last Seen2025-06-15 11:13 Times Seen47726 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	301 B	2023-03-07	2024-12-30
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:04 Last Seen2024-12-30 19:20 Times Seen6 Hash 4cfaa7d4f2297a1a038444b3c774fd0a daeb2b2c1a6a6382346a76a1b57c6e98692b59d8 123e9d8fa5079c94e3ed256d6dc71dc473c3ac973b334fe186ba813f85465247 Loading...

	cdn.tsyndicate.com/sdk/v1/master.spot.js	ScriptElement	30 kB	2024-06-12	2024-08-19
Pretty URL cdn.tsyndicate.com/sdk/v1/master.spot.js IP 45.133.44.70 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 17:39 Last Seen2024-08-19 20:11 Times Seen45 Hash ea23c72d113c946dc4168bbc59770fa6 d010a52e85ef045e9ee59f4e1a08c7adc34ff445 2876e34d58db695abdddc66493b91e87d7eb99e7767a302d27909f2b0db254b6 Loading...

	unknown	EventHandler	12 B	2024-08-19	2024-08-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash b13effa0ea0fdacf92a6d7a329b1ac8e 988ca6f8fe978d4d847d977f68f4f00b2e8ab831 2a1a66cfa740d7d3ef6e669f296988c0bcef9b071b2f7105243c32219d497fc9 Loading...

	javhd.icu/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-06-15
Pretty URL javhd.icu/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-06-15 11:16 Times Seen100221 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/sandbox%20eval%20code		147 B	2023-04-11	2025-06-15
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-15 11:23 Times Seen354251 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	javhd.icu/wp-content/themes/videotube/assets/js/jquery.cookie.js?ver=1687070962	ScriptElement	2.0 kB	2023-03-07	2025-01-01
Pretty URL javhd.icu/wp-content/themes/videotube/assets/js/jquery.cookie.js?ver=1687070962 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-01-01 06:28 Times Seen290 Hash 62f1e648af870467847e82a196e6bc3d 494a213d988624a14582b8d0277581a5571bb55e 250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56 Loading...

	recessinternetscald.com/e94aba79152021f73efaa9cfb59f2f91/invoke.js	ScriptElement	31 kB	2024-08-19	2024-08-19
Pretty URL recessinternetscald.com/e94aba79152021f73efaa9cfb59f2f91/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 30c82513dd5dbdccf50656eb382eb1ea 8f555b5d295a0075fcd90b3c1d809bbb6e50b7f2 fcada3436274ead89488a1b4ac2715c953ac0a07115fed1392c61d90b812247f Loading...

	unknown	ScriptElement	2.4 kB	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash b63411bd6fdca0ce3d1ed5b2fa220777 ee8c22cfd94489d06156a2da643df4a051aeab19 3e47b38056c101816ea3e8292b63b0452a269cf05732e8bc8b88285427ffe952 Loading...

	www.googletagmanager.com/gtag/js?id=UA-152876315-1	ScriptElement	203 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-152876315-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash bc49ce8313953ee48860812699f1006a b7dcf064c3697516b2690b77c984bf48d14d19cb 72db8f58c362d7f7228e25ba7549aa31104e02f60aa30edd844f13429b64bba2 Loading...

	6v41p4bsq.com/lv/esnk/1872644/code.js	ScriptElement	133 kB	2024-08-19	2024-08-19
Pretty URL 6v41p4bsq.com/lv/esnk/1872644/code.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash a27b89322b7282fea2508e5bb31fe31c e47b9a3dbae2d7051ab778159cf543aeac4fe2ac 446f0a14a6558cbbca1324ba9567af3f582704566f9f8f550b6ae88e46759527 Loading...

	unknown	ScriptElement	2.9 kB	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 4f2635e9acf72fcb1f859493239fe3d4 18cf83ae798fe14c74f971b832fe8c63abc684c1 cfcef96a7091e70541c7fbb3b1d4162b27bb5a1fb2a87d9bab3b4ecc28dc76d8 Loading...

	creative.mnaspm.com/widgets/v4/Universal/main.1141b83260ebcd99a9da.js	ScriptElement	312 kB	2024-07-02	2024-08-19
Pretty URL creative.mnaspm.com/widgets/v4/Universal/main.1141b83260ebcd99a9da.js IP 104.18.40.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-02 14:42 Last Seen2024-08-19 18:21 Times Seen198 Hash dde4dec412f4dd35f049502165cb84e6 a769368a51ffed040cc065dbfacbb282e7ffac35 62ff6d3ad39d65ad20e24395578565539bebc933d3d77c9a2c53b1f05bac01a1 Loading...

	www.googletagmanager.com/gtag/js?id=G-KNM6NMZPS3&l=dataLayer&cx=c	ScriptElement	290 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-KNM6NMZPS3&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 682fb002deac0656b4c2c7aa69f30df1 220f6f0b5387783cad18cd30c0170f79f2f954a6 4fe96e71e48847dd1548b779d7ad19d2af9022b98d2f7efb380e1301f1a3f2e8 Loading...

	javhd.icu/wp-content/themes/videotube/assets/js/autosize.min.js?ver=1687070962	ScriptElement	3.6 kB	2023-03-07	2025-06-14
Pretty URL javhd.icu/wp-content/themes/videotube/assets/js/autosize.min.js?ver=1687070962 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32 Last Seen2025-06-14 17:23 Times Seen2191 Hash ad0656589d34c18cd55206d4fd2bc0d7 d7137cf274043ebe83187abf4605bf5e85ffe435 756f2ee1dbc42834e1269591c0b806ba06c04670373b6c2a05c55eae583d2cc7 Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	132 B	2023-11-10	2024-12-30
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-10 05:59 Last Seen2024-12-30 19:20 Times Seen6 Hash a15e9837d5cf79dfe86eeaf48696ab87 2fc8258c0ae723a3a1692ed328d99f5cecdbe3bb d780f56a7b52b49836b51577596248c20d32c5be7ba65604018d7e997853abdc Loading...

	javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/	ScriptElement	289 B	2024-07-06	2024-12-30
Pretty URL javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-06 20:32 Last Seen2024-12-30 19:20 Times Seen4 Hash 3f8a9b09e38f11058c63b92c5d98af13 cb15ad85d4d823f9434f7be3a871e6bcc7491012 5ead252097ea819b0204d5ca445fc51115049ed3e9e30cef5b6b6d1c6697836f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 01b77f8d0481756cbf9b74cf6307db84	2.1 kB	2024-08-19 17:48	2024-08-19 17:48
Pretty Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 01b77f8d0481756cbf9b74cf6307db84 890a4d4f09b5f11acb53e86f370c001a5e6ef913 a9764e84bc8d8b9bfc9fb0abab0276416c634d8ce69bc3bfcfabea2959a8e8d3 Loading...

		Size	First Seen	Last Seen
	#1 Write - d00f0d081e403145be14fbeb03086e0b	7.9 kB	2024-08-19 17:48	2024-08-19 17:48
Pretty Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash d00f0d081e403145be14fbeb03086e0b e10ec17c1c6d83f19e709b9fe987ecf5053df0c1 afea0cfe902f8cd913764a7ffa2cfaca1942d405db7db2e7f6245542ba054a86 Loading...

	#2 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-06-15 11:26
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-06-15 11:26 Times Seen67386 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

	#3 Write - 6d06d62d89b3b2076216922796eaa3f5	9.0 kB	2024-08-19 17:48	2024-08-19 17:48
Pretty Observations First Seen2024-08-19 17:48 Last Seen2024-08-19 17:48 Times Seen1 Hash 6d06d62d89b3b2076216922796eaa3f5 8cada547d8a35897e591d5e2ba3ab7318424d28b 15c6078dff666c3b213a73d09116debb62ad2992431e8c069c2706f74d55845f Loading...

HTTP Transactions (188)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
508d0867e7982df7cfa6ad58e05ce470
6f4e15b94e527d02e8dd38f8b69b493cfae84c56
376a5286b71a4a7e90b3eece9b39480f50435d5ef3c7793828481f590d04bc77

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "376A5286B71A4A7E90B3EECE9B39480F50435D5EF3C7793828481F590D04BC77"
Last-Modified: Thu, 04 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4334
Expires: Sat, 06 Jul 2024 19:44:14 GMT
Date: Sat, 06 Jul 2024 18:32:00 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3921
Expires: Sat, 06 Jul 2024 19:37:23 GMT
Date: Sat, 06 Jul 2024 18:32:02 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3921
Expires: Sat, 06 Jul 2024 19:37:23 GMT
Date: Sat, 06 Jul 2024 18:32:02 GMT
Connection: keep-alive

javhd.icu/

188.114.96.1

167 B

URL
javhd.icu/
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET / HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 06 Jul 2024 18:32:03 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 06 Jul 2024 19:32:03 GMT
Location: https://javhd.icu/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFsetdHwhqWRHo8A8%2BFNWz053dNfjXCLOcLrDI3Jgh%2Bniikgj%2F9N5LdRFFTCk8b7Xgy8UzkdXIUmMIf5Yjv%2FGmxVnObvR0YrJFCLM1dN5KN%2B37y15HkE0rVn0nE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89f1acdde9c1568a-OSL
alt-svc: h2=":443"; ma=60

javhd.icu/wp-content/uploads/2022/05/javhd-icu-banner.png

188.114.97.1

200 OK

2.5 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2022/05/javhd-icu-banner.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 249 x 67, 8-bit/color RGB, non-interlaced
Size
2.5 kB (2458 bytes)
Hash
9a5ec41701943979c8669b7647a376a6
c9d8950c03d3fb9c26283edff6ee0ff0bdd50846
388cb249288077f7348838e4419f731cdc23094bf87469073ac5ba73d4000b58

HTTP Headers

GET /wp-content/uploads/2022/05/javhd-icu-banner.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 2458
last-modified: Mon, 23 May 2022 10:54:27 GMT
etag: "628b67e3-99a"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 111
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hAmjZ1AbER%2BZJI6iUHgj92ll8XrKx3b5NyrVzPUlxTcOx0b3fiK%2FvrxvKy87kDp79zWvHny2YtD6vkEBGxIbPVu4uUJyqY3Su15w%2B35Oihd3lw83RcekCBIRkoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace7683bb515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/img/facebook.png

188.114.97.1

200 OK

547 B

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/img/facebook.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
547 B (547 bytes)
Hash
472fd5a15ed228d8bb11eff4132d5b2c
d4b76c47ff7bf1f16f19ea67f2797f2e60020871
0340d40c244e542f8dbf5281e80ba697465c84326d8678d57a61f3f2d9db2878

HTTP Headers

GET /wp-content/themes/videotube/img/facebook.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 547
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-223"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 110
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzyKKeB8DbdhifZPGKVXCeCiRgyhPIf6bXDt%2BP1ioNHKLx%2BBD64Qevn1T0C6NUVZvw7jhNlIRje1JMJ9RA5%2FfxhBW0DiIgMV4FIgoEyJbOac8Q2Ld%2BF1OhaG5X8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace76841b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/img/twitter.png

188.114.97.1

200 OK

1.1 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/img/twitter.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1096 bytes)
Hash
513761b9b36cc030ee50c097403a8885
27010221d594602e0731ed44121be878ac69be12
3760bed6a9c86823d1d3ac1d27a0d4603b712dab2d9fa20480351a2da97f72d9

HTTP Headers

GET /wp-content/themes/videotube/img/twitter.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 1096
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-448"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLuf%2F7k5N0NpU%2BZFs2o2xHlm4aI4hvXIhwdwOzKsIDmiSr6mYTDoffOL4TghZ0jtzAaZHeU3dhQ4Jy9DudrsTFRWmGJNS3Q18SU3KbQXORe%2F7ciSHNb5kEN67no%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace77843b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/img/pinterest.png

188.114.97.1

200 OK

1.6 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/img/pinterest.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1567 bytes)
Hash
cfa8779663f5c4f39015426a40184804
ae29543ee013237b4f282e6aa71193f3cd193e1c
213e1c6230edcd5e43302463f8b0271cca7404eec3d35f4e231914c6b958518b

HTTP Headers

GET /wp-content/themes/videotube/img/pinterest.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-61f"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xwZ0odNjiKEauf%2FdWOBgkL%2BR1D4sY6TkDZoEoK%2FL1dbbGSbbS02ajxu%2FMYQBI1v%2BX6lzc5HDcaQIJcJ2hPx4gxO0WWbPAWMoQ3zqu%2BOI5%2BNHUsz2UIcAwyeD0tg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace77844b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/img/reddit.png

188.114.97.1

200 OK

2.2 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/img/reddit.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2239 bytes)
Hash
bbc23ae5b1683b8f39fe0a1a50d206fb
300afd232836ad2d0c74e2e7bf88c5973bc64ebc
bc345e41d45b164dac1fdc95acf8576c134049aa298abd3aedd9841f3f4eb1f8

HTTP Headers

GET /wp-content/themes/videotube/img/reddit.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 2239
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-8bf"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1g1OsRWTbEDlGUSB5A3q7yT5MZxLPQII3PvVh18ynDGu0ZjZ16%2B3dwNmoxr%2FZuXImJt19dztz02Q2iAUvBt%2BJgfK3UVLf0Ed5GjPP4e4%2FmLkcwU66LWobXNEZJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace77849b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/img/linkedin.png

188.114.97.1

200 OK

700 B

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/img/linkedin.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
700 B (700 bytes)
Hash
2587abc7380d82786a1d1509466807f2
fecd44f960b167cef8035bd733b11c5c6812b33c
f0fbbe2eac91865d18f425bd938a86ed503d61c55f2abda856bb17e0ec2f101a

HTTP Headers

GET /wp-content/themes/videotube/img/linkedin.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 700
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-2bc"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flck4NdYjb8%2FiDCMRwmElYeghQ56thJWwm8MInSRFOGlKBE5WHA6NjD1xHcI4Yg3%2F8Zl1zXX9upnyAQBADh5UTi6jNThQqK45Q11FzjCMcdw01hWBJCa%2FCyKeMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace7784bb515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/img/email.png

188.114.97.1

200 OK

667 B

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/img/email.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
667 B (667 bytes)
Hash
0b0d2cfeac683129a9439c2c600410dc
3f4875d8ca6768f94da20ee61d7ec5fb88232095
ff391e91bd5212296c509f9531a5017257014d77d17a078ad07da27bafe09555

HTTP Headers

GET /wp-content/themes/videotube/img/email.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 667
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-29b"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SU6c%2FB5lnZzzPLCfnOXZCMI08kCZ7vph9xhluDA2WV5kHqDMYs2aQuEY5cKcuOZx4d3Wk7yC1KDm%2BwopK4enw3v5NJBKnyfW%2BP0%2B%2FnaI%2BEHHef2WPYa2EiFmwuY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace7784eb515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/07/JAV-HD-SONE-250-Aoi-Tsukasa-360x240.jpg

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/07/JAV-HD-SONE-250-Aoi-Tsukasa-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
26 kB (26079 bytes)
Hash
e5ad6205bae00d98dfc7f8e9a12f65dc
b79b3ad40e74cddfdd4cdbffee9c385e50b848c4
8bdcc88b8609124d76c541388ddaed3dfbbf546fd51fe575498a464a05e1ea2b

HTTP Headers

GET /wp-content/uploads/2024/07/JAV-HD-SONE-250-Aoi-Tsukasa-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/jpeg
content-length: 26079
last-modified: Sat, 06 Jul 2024 09:34:32 GMT
etag: "66890fa8-65df"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 870
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ck25UCHqqhY4xNj%2Bme80Qco%2BYy5uRgmgkbixixInKXxiMNQT77VwtenVEnoztHOreMXeHyIkdijVvd4zZt8pOcWggeJktn0vx0%2BACT4FHgS9Cn%2BEmtI4%2FB492E4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace77852b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/07/JAV-HD-SONE-251-Kiyohara-Miyuu-360x240.jpg

188.114.97.1

200 OK

24 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/07/JAV-HD-SONE-251-Kiyohara-Miyuu-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
24 kB (24229 bytes)
Hash
d8788367d98a41b328c0d48953734158
13f8aa7f49b2f2374683ebbb06df1122253dbe35
eb1a1ed05d27428e1623e4cc3acee7e326cc88c2bc2d27c05930e574a80f106f

HTTP Headers

GET /wp-content/uploads/2024/07/JAV-HD-SONE-251-Kiyohara-Miyuu-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/jpeg
content-length: 24229
last-modified: Sat, 06 Jul 2024 09:32:23 GMT
etag: "66890f27-5ea5"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 27874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xl01iFds%2FWb9h8C8T%2BFxaI%2BVY9ChCI0s6VMYC4d6y%2FO6Nywtg2BgsM1sOQEw10v6F0kIbM5nx%2FsACbVmQ4B1FlnE8m0%2BDX3CEplufkHYis579dulkag3sLU1W3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace77853b515-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f5107db6896e2b3bea184b658d9b6de0
75cbc65f1ab4e587155fe4e6db04bdcecab6b81d
fb0891afa24117129cd317c3a6085d80642d8f019e77e52ae7f0f9ccc6b7430a

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 06 Jul 2024 18:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

javhd.icu/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1720290716

188.114.97.1

200 OK

0 B

URL GET HTTP/3
javhd.icu/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1720290716
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1720290716 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/css
content-length: 0
cache-control: max-age=31536000
cf-bgj: minify
etag: "63c9abe8-0"
last-modified: Thu, 19 Jan 2023 20:45:28 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ua0yT%2B4tX34O2bfWgj2m8P5sVX7%2BB6SB02zbI1peHDLwK0xHR6LRU03KsQ%2BHdrCa32uKtSO8RpQCX8Xyrfckbp2du56BBCmtNGeAQkh5wrNlv%2BwYRrQL%2BEDgzNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace7886bb515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2020/01/SNIS-103-Aoba-Yui-Peeing-Of-Shyness.jpg

188.114.97.1

200 OK

140 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2020/01/SNIS-103-Aoba-Yui-Peeing-Of-Shyness.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3
Size
140 kB (139874 bytes)
Hash
200dd1f8e37c80513b0ddebf4478f301
44a1a43463ac745f63997ac1fae4271ebd14f1a5
ec612aa0efe57eba985f1837e567c2e24d5663fd82ba05535a9b51d26d90dd35

HTTP Headers

GET /wp-content/uploads/2020/01/SNIS-103-Aoba-Yui-Peeing-Of-Shyness.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/jpeg
content-length: 139874
last-modified: Mon, 06 Jan 2020 15:45:10 GMT
etag: "5e135606-22262"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fczZWg%2BmGoZ7B7vlRWHs2ZuHvq7SjfkB%2BQiqdjqN8r0rckNwwwaVlBryK871WvKHHP4H%2BseQBQI2tBiBJSibWq%2B7mkhOnyzUJhiPMv6il4x6vAQekmGU%2BGajew%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace77851b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/img/play-icon.png

188.114.97.1

200 OK

1.7 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/img/play-icon.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1748 bytes)
Hash
118eb721587bfda21e46fa11baa9f98c
a9cc805b6cf1902ed536fc858746de2ef0314061
815c218882c9353f6f02c61b05fb9e5618e890ff023668f3de1858d26dc908fe

HTTP Headers

GET /wp-content/themes/videotube/img/play-icon.png HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/wp-content/themes/videotube/style.css?ver=1687077852
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: image/png
content-length: 1748
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-6d4"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bu08A2uG2XRmR7uoti62MhuskskRyXF4ank11xW%2FUWkBcO5CpkKmu2%2Bg2BXCD7oIMgAcUPJpBhWe41KMO8rfLa5EFuBULpR3ae9uY4BvPYqMhvSX3lxBfaq7jXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace9ac55b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/assets/webfonts/fa-solid-900.woff2

188.114.97.1

200 OK

79 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/webfonts/fa-solid-900.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
Web Open Font Format (Version 2), TrueType, length 79444, version 331.524
Size
79 kB (79444 bytes)
Hash
b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

HTTP Headers

GET /wp-content/themes/videotube/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://javhd.icu/wp-content/themes/videotube/assets/css/solid.min.css?ver=6.5.5
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: font/woff2
content-length: 79444
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-13654"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyFrRsLFFxpjctVwp%2FA%2Bo9DwzLjb3asDWTUMCNniYr59NG8n%2B41hWZB2XSr5oBtBh59%2FwhboaiemtnVtmxoy6o7%2Bcz8g13RiY5aafLcAFcSqadxrK%2BYAEAGIcIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace9ac57b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

188.114.97.1

200 OK

24 kB

URL GET HTTP/3
javhd.icu/fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: font/woff2
content-length: 23580
cf-ray: 89f1ace9ac5bb515-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 11095
cache-control: public, max-age=28800
last-modified: Tue, 02 May 2023 15:17:22 GMT
cf-apo-via: proxy
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FS1WTDOCMgrLSa7hs2bKnwKi5MlKmW5okICLbWnOWPPn5MJKgqyjr1JlrUC7UpAKaJjB0GakE90orTliIJG2zvKVz88T5ysfQlFenITZHznPJkoHUwkVGfiG84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/assets/webfonts/fa-brands-400.woff2

188.114.97.1

200 OK

77 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/webfonts/fa-brands-400.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76612, version 331.524
Size
77 kB (76612 bytes)
Hash
a06da7f0950f9dd366fc9db9d56d618a
509988477da79c146cb93fb728405f18e923c2de
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

HTTP Headers

GET /wp-content/themes/videotube/assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://javhd.icu/wp-content/themes/videotube/assets/css/all.min.css?ver=6.5.5
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: font/woff2
content-length: 76612
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-12b44"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFsQQ2Bzf6W%2FzXyEuifJC%2F4Ad91BKEgf8rspX%2BY8l0SbnzuXSI2Bo5LDzT0NYCoDJSyaJmT3gijqBUaD%2FaXWeBMZESZDzE6pvV9%2FOp7bc8bfq83ELa92HzFh7SA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace9ac5db515-OSL
alt-svc: h3=":443"; ma=86400

6v41p4bsq.com/lv/esnk/1872644/code.js

212.117.190.201

200 OK

63 kB

URL GET HTTP/2
6v41p4bsq.com/lv/esnk/1872644/code.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint8E:C7:E1:4C:FB:1B:1D:25:76:B6:75:76:0F:E1:F1:0E:58:A4:07:3A
ValidityFri, 21 Jun 2024 22:45:10 GMT - Tue, 17 Dec 2024 22:59:00 GMT

File type
gzip compressed data, max speed, from Unix
Size
63 kB (62748 bytes)
Hash
e8af564565b823fb74a99922a8917b0d
8d57435a8d1d9639a4302276d61d1be7c43997b8
27fa97da2f0b7707da80be59b993dd2ce5e634268eb064c4213d2d311b7894c8

HTTP Headers

GET /lv/esnk/1872644/code.js HTTP/1.1
Host: 6v41p4bsq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
last-modified: Thu, 04 Jul 2024 15:05:38 GMT
vary: Accept-Encoding
etag: W/"6686ba42-207d4"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-152876315-1

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-152876315-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
74 kB (73599 bytes)
Hash
bc49ce8313953ee48860812699f1006a
b7dcf064c3697516b2690b77c984bf48d14d19cb
72db8f58c362d7f7228e25ba7549aa31104e02f60aa30edd844f13429b64bba2

HTTP Headers

GET /gtag/js?id=UA-152876315-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jul 2024 18:32:05 GMT
expires: Sat, 06 Jul 2024 18:32:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

javhd.icu/ads/300x100.js

188.114.97.1

200 OK

23 kB

URL GET HTTP/3
javhd.icu/ads/300x100.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
ASCII text, with very long lines (387)
Size
23 kB (23311 bytes)
Hash
ca28898c41685603a4a6b0a5fcfe87fb
7c9acfd78abd9c4f52a2b8d560d6432138d9f7d5
939814b53dff824fe55f4b6db285f3c836bc7c9aa8ce9a392530c67afa26920c

HTTP Headers

GET /ads/300x100.js HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=778
etag: W/"65b9d343-30a"
last-modified: Wed, 31 Jan 2024 04:57:39 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 111
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WW2HguBLBk4ExtZIYY84v5TA1WauvIL8VB72rYOQnU9KSCk9X9oJFS7ga2A5816HPi8cyWKZpdjShSBYQMYIDfV0moEDzzYstc3y2jIX9H0eAHwJ8H6SubjMkb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7683cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-152876315-1

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-152876315-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
74 kB (73596 bytes)
Hash
2fdc244bdcd4cfd8dd778a55927c8a93
8333eda29877ce9425aba7dbe54a4ab050c1c607
0f0bfb024b852aba030862476c3d7f07497363ea7d6b5076d278d171168356ff

HTTP Headers

GET /gtag/js?id=UA-152876315-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jul 2024 18:32:05 GMT
expires: Sat, 06 Jul 2024 18:32:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-KNM6NMZPS3&l=dataLayer&cx=c

142.250.74.168

200 OK

99 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-KNM6NMZPS3&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
99 kB (98941 bytes)
Hash
682fb002deac0656b4c2c7aa69f30df1
220f6f0b5387783cad18cd30c0170f79f2f954a6
4fe96e71e48847dd1548b779d7ad19d2af9022b98d2f7efb380e1301f1a3f2e8

HTTP Headers

GET /gtag/js?id=G-KNM6NMZPS3&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 06 Jul 2024 18:32:05 GMT
expires: Sat, 06 Jul 2024 18:32:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f5107db6896e2b3bea184b658d9b6de0
75cbc65f1ab4e587155fe4e6db04bdcecab6b81d
fb0891afa24117129cd317c3a6085d80642d8f019e77e52ae7f0f9ccc6b7430a

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 06 Jul 2024 18:32:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

a.magsrv.com/ad-provider.js

185.76.9.17

200 OK

44 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
44 kB (43519 bytes)
Hash
7d2d974e5b2f8c755335dd795ae160c7
3530e1f849ac18845f6390e14aefecdd65118919
573d5c0c29baeed7af8c86275b5640d3c9260329cadad9f5958fa80515c9d2e8

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
etag: W/"18483d80947e14cf49f8c9ebbe3"
expires: Thu, 04 Jul 2024 18:06:20 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3+AUAAAwBuUwKEwH3OwMAAAwBJRPCNAH30wIAAA
x-77-nzt-ray: c0a4cc28915eb261a58d896622ad8c08
x-accel-expires: @1720299997
x-accel-date: 1720289197
x-77-cache: HIT
x-77-age: 1528
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107130
x-cache: HIT
x-age: 1528
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

javhd.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

188.114.97.1

200 OK

655 B

URL GET HTTP/3
javhd.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
9e8f56e8e1806253ba01a95cfc3d392c
a8af90d7482e1e99d03de6bf88fed2315c5dd728
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
last-modified: Thu, 04 Jul 2024 09:57:52 GMT
etag: W/"66867220-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hyU%2Fr5AoKbu6guufdphIGtMo7dTWQlX1OzbaefUUcrw8OeNXt1%2FGke6jXQEGdSKXoQEJfMwfmP0Fq5t2ho%2BsSJD8D%2Bni4scc%2BStnOnZzBY%2FlskDBClqZah3%2FblI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace77855b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 08 Jul 2024 18:32:05 GMT
cache-control: max-age=172800, public
content-encoding: gzip

javhd.icu/wp-content/themes/videotube/assets/js/autosize.min.js?ver=1687070962

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/js/autosize.min.js?ver=1687070962
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (3507)
Size
1.3 kB (1300 bytes)
Hash
ad0656589d34c18cd55206d4fd2bc0d7
d7137cf274043ebe83187abf4605bf5e85ffe435
756f2ee1dbc42834e1269591c0b806ba06c04670373b6c2a05c55eae583d2cc7

HTTP Headers

GET /wp-content/themes/videotube/assets/js/autosize.min.js?ver=1687070962 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
vary: Accept-Encoding
etag: W/"648ea8f2-dfc"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1o9nTJ5GJrUUqG4XpuH6Yf23EMItqrBmx8t24yiHesqdZ2s%2BfAhNO9dF2IHm%2F47TPancBWfPAzzdfFcGNuAaFas%2BQauFAMtNskFNjKyYien72oxVvPi0BzEQKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7887eb515-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdgalast&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdgalast&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdgalast&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.tsyndicate.com/sdk/v1/inpage.push.js

45.133.44.70

200 OK

5.2 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/inpage.push.js
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
FingerprintD1:BA:EE:F0:8D:8F:47:DF:CC:82:D6:69:8B:C5:E6:32:61:B2:10:52
ValiditySat, 08 Jun 2024 03:00:23 GMT - Fri, 06 Sep 2024 03:00:22 GMT

File type
JavaScript source, ASCII text, with very long lines (13920)
Size
5.2 kB (5187 bytes)
Hash
00c3a437db0258c707944c3f8a13da32
0e1b2787c0fe785af9e2c441b52c1c627c6a21d1
d10120a1e35daa3c0265fff15739c99dc889b724614c5a7d23059597fc9eccdf

HTTP Headers

GET /sdk/v1/inpage.push.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 15 Mar 2024 13:15:44 GMT
etag: W/"65f44a00-36b5"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:05 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

recessinternetscald.com/e94aba79152021f73efaa9cfb59f2f91/invoke.js

192.243.59.12

200 OK

12 kB

URL GET HTTP/1.1
recessinternetscald.com/e94aba79152021f73efaa9cfb59f2f91/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectrecessinternetscald.com
Fingerprint4F:C4:53:5A:A2:7D:83:60:A3:C9:04:99:88:92:90:FC:F7:1F:5A:11
ValidityFri, 21 Jun 2024 08:47:57 GMT - Thu, 19 Sep 2024 08:47:56 GMT

File type
JavaScript source, ASCII text, with very long lines (31331), with no line terminators
Size
12 kB (11854 bytes)
Hash
30c82513dd5dbdccf50656eb382eb1ea
8f555b5d295a0075fcd90b3c1d809bbb6e50b7f2
fcada3436274ead89488a1b4ac2715c953ac0a07115fed1392c61d90b812247f

HTTP Headers

GET /e94aba79152021f73efaa9cfb59f2f91/invoke.js HTTP/1.1
Host: recessinternetscald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 06 Jul 2024 18:32:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0795144d35dc1652156b498ebe0f33bd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

javhd.icu/wp-content/uploads/2024/06/JAV-HD-CAWD-693-Sasaki-Miyu-360x240.jpg

188.114.97.1

200 OK

29 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/06/JAV-HD-CAWD-693-Sasaki-Miyu-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
29 kB (28643 bytes)
Hash
b072b6561c9d7c64eb649f7909399c65
563df4a5c4a9a2474edbc668134688e36bf108c8
9adc6248d982b571f8a656417aa45fa6320d6c1ce1334447ac3b6a4de1c3c84e

HTTP Headers

GET /wp-content/uploads/2024/06/JAV-HD-CAWD-693-Sasaki-Miyu-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 28643
last-modified: Fri, 28 Jun 2024 10:36:02 GMT
etag: "667e9212-6fe3"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpsfV3QQ5v61hD1bzvp%2BbEeUFP8S%2BZZ0a0XOqW4bb%2FezCZQw3kzVVcscjwyOopC207gA%2FhAJeWcmn992u6BKB0bATvjUW1UUYhEY0opHpTR%2B18q2sLZSjdItq5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedacd2b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/07/JAV-HD-FSDSS-835-Hinano-Yuna-360x240.jpg

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/07/JAV-HD-FSDSS-835-Hinano-Yuna-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 360x240, components 3
Size
26 kB (25855 bytes)
Hash
5375c600d6fee81b2d3e619d524fe41f
f7f069262cb0f35c771b0df79c6848d82d676623
bfcfb8f4fd7f2b5c3e3c82aee769eadbbfe1ccaa04f2fc5c9ab1f3f302e54b8d

HTTP Headers

GET /wp-content/uploads/2024/07/JAV-HD-FSDSS-835-Hinano-Yuna-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 25855
last-modified: Wed, 03 Jul 2024 08:04:12 GMT
etag: "668505fc-64ff"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 14989
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABhFM4grLbgAr3MXaCJwhXR47i5YSKWgSARp6W6x6dhRI4XKWLuoQ%2B5uadg2upIv4vuJ5SSsosqu%2BSy3mkIyJge9f2wG%2FNBi%2BlFDjY9ER5GUEFkoHsny1y1S3uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedacddb515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/07/JAV-HD-YOCH-012-Yamase-Miki-360x240.jpg

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/07/JAV-HD-YOCH-012-Yamase-Miki-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
34 kB (33651 bytes)
Hash
6e16f53412d244c329e784187158a6fe
d9118781dbc541f18530d9c12799a732cbf3cd3b
a4e2774d76a95487fe15155f042da0dbe1dfe5673f3fc4940340134c5b0aa894

HTTP Headers

GET /wp-content/uploads/2024/07/JAV-HD-YOCH-012-Yamase-Miki-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 33651
last-modified: Thu, 04 Jul 2024 08:17:12 GMT
etag: "66865a88-8373"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 12715
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VrbR482gILltEAJebqEDKNiUidRR%2BLYjnlT%2Bbvflc51k2LB%2B%2FtZ5qei7GbVGxl8wOdAyvCf5qv5p2PwsqcIVRBAi08tVYilXA3WZNmdqSuz7Mr23sAH9G52K7rw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedace4b515-OSL
alt-svc: h3=":443"; ma=86400

acdn.tsyndicate.com/sdk/v1/b.b.js

45.133.44.70

200 OK

31 kB

URL GET HTTP/2
acdn.tsyndicate.com/sdk/v1/b.b.js
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?
Certificate
IssuerLet's Encrypt
Subjectacdn.tsyndicate.com
FingerprintF5:6B:0F:76:65:C8:AA:55:4F:5E:D5:AC:D6:4B:11:00:25:55:72:A8
ValidityWed, 29 May 2024 03:00:32 GMT - Tue, 27 Aug 2024 03:00:31 GMT

File type
gzip compressed data, from Unix
Size
31 kB (31264 bytes)
Hash
f0d6dae90d51880d271fcc4f2f5a6aba
ac2a8b179c4f6c58b01b14b34a1fca8aaa2a32cf
c9cba67d7b6c6a7ebefc21bf7f7a728033ba6795fe28313f371b9535be15300d

HTTP Headers

GET /sdk/v1/b.b.js HTTP/1.1
Host: acdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 19 Apr 2024 10:07:41 GMT
etag: W/"6622426d-17bf"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:05 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

javhd.icu/wp-content/uploads/2024/06/JAV-HD-MIDV-765-Ichinose-Aoi-360x240.jpg

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/06/JAV-HD-MIDV-765-Ichinose-Aoi-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
26 kB (25460 bytes)
Hash
84879b63f5623d18f78ddb519131ed52
f5d2cfdeca2ca08da75a09dc49655235d27f94c6
2f6609b5f26161ba12c2588d32dca730c22fea262985ff35dbb57743861d0ed4

HTTP Headers

GET /wp-content/uploads/2024/06/JAV-HD-MIDV-765-Ichinose-Aoi-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 25460
last-modified: Sat, 29 Jun 2024 07:27:40 GMT
etag: "667fb76c-6374"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4J7bfPHUDtBS7AfVd3DVqKpbNHizfYZVd%2B6BhZ%2BUZGjfhNaAKbJ0Zaq4crogdsK8JcRLp11PJIxLpwYxKt2zo5l5T%2BebL6mPsT5IPccR1mh3HE8SRhSP%2BAwchbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedbcf4b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/07/JAV-HD-DASS-421-Tsukinoe-Sui-360x240.jpg

188.114.97.1

200 OK

29 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/07/JAV-HD-DASS-421-Tsukinoe-Sui-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
29 kB (28763 bytes)
Hash
c6f5abb98f51d61f0f7afa32e6da8ccb
2527d7cc612712a7f9d0a39ae50aa939510315c6
e04e509ca3e17a9946f4ef47e1eff30fd6323390d07435d846951b9f7eeb4a74

HTTP Headers

GET /wp-content/uploads/2024/07/JAV-HD-DASS-421-Tsukinoe-Sui-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 28763
last-modified: Sat, 06 Jul 2024 08:12:10 GMT
etag: "6688fc5a-705b"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leo61jX9RjHZZwjOe9pVCymIGHjLOP4WU%2BzRGWSWRaVTdOFNcjLNLTqudQEEA9FK8l6HSoRaYrYKIzNZ431gFMeYOoVVswzeq91xDcqGIdKMpntXbNqtQXwwyys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedbd02b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/02/JAV-HD-JUQ-564-Akari-Tsumugi-360x240.jpg

188.114.97.1

200 OK

30 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/02/JAV-HD-JUQ-564-Akari-Tsumugi-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
30 kB (29503 bytes)
Hash
f568d3277aa267d183e7fdea6e40c06f
595b3d5d98bb8ceccb7767f9fa64d6c930201191
d216429d108058a5e0a04a2337756436d2191fb2aebddd010a205ab77e620ffa

HTTP Headers

GET /wp-content/uploads/2024/02/JAV-HD-JUQ-564-Akari-Tsumugi-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 29503
last-modified: Sun, 11 Feb 2024 14:24:12 GMT
etag: "65c8d88c-733f"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 13920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxtNR0htXkl6Q1ixhry2HPwhafX3kSavsCF98wlk3mVO4EfmNsJ9lb6iz3mP7YE4h75uzG6rDovUalLM3enKhDxLVl8aISKEozee%2Fai5sgPAiN05qqWkk3UADzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedcd20b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/07/JAV-HD-NPJS-044-Misaki-Azusa-360x240.jpg

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/07/JAV-HD-NPJS-044-Misaki-Azusa-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
36 kB (35983 bytes)
Hash
4441af6d78b7cb6eff0ca3335261e353
0233856842048b85e855dc270b893a3fdaeccbd3
27aa3d8f7b40917c074b50020c42e290a5483a4455db991603dcd75d80656afa

HTTP Headers

GET /wp-content/uploads/2024/07/JAV-HD-NPJS-044-Misaki-Azusa-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 35983
last-modified: Mon, 01 Jul 2024 08:15:51 GMT
etag: "668265b7-8c8f"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 14584
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yqG4xCmBmGgE74Pa6lFA%2BX7KdsQJt2M1y8T8pMSQRpfbAAiKLSOHjUGkzTu0Lx1fmpRg8NG9TjyZgvcNSadCJAmbNrRxUz%2FGk93uFpVEOCLyBTddc8cVosT1634%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedace8b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/07/JAV-HD-FC2PPV-4493156-360x240.jpg

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/07/JAV-HD-FC2PPV-4493156-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 360x240, components 3
Size
19 kB (19072 bytes)
Hash
9f27934172442a690b58ab1bb20849bf
59a56672e7c0c62a5950af73386c61e24f7676a3
f11c36894b21b6e0dc44d06c54aa06c766c36a3c3133aea6c7d57714ab0907a2

HTTP Headers

GET /wp-content/uploads/2024/07/JAV-HD-FC2PPV-4493156-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 19072
last-modified: Thu, 04 Jul 2024 08:41:21 GMT
etag: "66866031-4a80"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 14255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBYH92KW3RuCvdENnpXra6Rq9OF8gjiJ1A21%2FuvV8n1EAq68cAFB0aFeRZiBVJzePNQ29y3WIZPO33vWlAy9aopmg2xD63Ya6tWDZOMF%2Bme0WqBlEBXrzEta1No%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acee0d74b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/06/JAV-HD-MIDV-777-Futaba-Sara-360x240.jpg

188.114.97.1

200 OK

27 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/06/JAV-HD-MIDV-777-Futaba-Sara-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
27 kB (26713 bytes)
Hash
d461ab61105c42d557a98bcdcce34baf
e8b67acbd0f6696a311558927afaadd4604e5604
12aeccb6abef0f3cd7c427f003141ef43285ec53bc0df7fad1e995648598cc9b

HTTP Headers

GET /wp-content/uploads/2024/06/JAV-HD-MIDV-777-Futaba-Sara-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 26713
last-modified: Sun, 30 Jun 2024 12:53:44 GMT
etag: "66815558-6859"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7103
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XoKJ7%2BHlVf%2FWZsDUzYqFQw5so9eR%2BEUZ2DNVm9mjuk6p14g%2BVu3Chb59RKVOEjWRBK6lIg6QLZDRGMq9huQV8%2BZwbwu9DlNYHAA26zRT47IsOGBFTLIezJksg2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acee0d7bb515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2024/06/JAV-HD-MIFD-490-Himekawa-Kanon-360x240.jpg

188.114.97.1

200 OK

25 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/06/JAV-HD-MIFD-490-Himekawa-Kanon-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
25 kB (24906 bytes)
Hash
b14576f95415d42892d36aab10df8fa2
267a18564e969238259fabdaaa926991a194dd9f
130f5a841a4501cec0c6a9b2f1852c0b145ce543404f4b15cb2a8fc453705273

HTTP Headers

GET /wp-content/uploads/2024/06/JAV-HD-MIFD-490-Himekawa-Kanon-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 24906
last-modified: Sat, 29 Jun 2024 06:56:41 GMT
etag: "667fb029-614a"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 14540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjhACjHZhPRWyLMwiJIyknqyrE3PJYPqiYpWHKNRsB%2FmBO3Qm0yrYGNdfgL8Dma4anRsmZINPWQZ6YiQQFBVZPAV2P%2BmNlaHhtfUcqUFBZbaHxy%2BjdN9xAANGOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acee0d79b515-OSL
alt-svc: h3=":443"; ma=86400

javhdfree.icu/v/q2dp0hewjk7nj7x

172.234.222.143

302 Found

142 B

URL GET HTTP/2
javhdfree.icu/v/q2dp0hewjk7nj7x
IP
172.234.222.143:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectjavhdfree.icu
FingerprintE8:01:65:55:20:AB:0A:13:7E:86:8F:5D:96:8A:A4:1A:BF:EF:DA:36
ValiditySat, 20 Apr 2024 08:22:54 GMT - Fri, 19 Jul 2024 08:22:53 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /v/q2dp0hewjk7nj7x HTTP/1.1
Host: javhdfree.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html
content-length: 142
location: http://ww99.javhdfree.icu/v/q2dp0hewjk7nj7x
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: no-store, max-age=0
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.124.140.205

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.140.205:443
ASN
#16509 AMAZON-02

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
04790e0f09d6babd43abef4a3ad1c4ce
de21b3741c2a9ace0805c82540922723ef6476e4
953299e0d1708951257bf7abcc198e049968b4bb1b0c09a0a5c60910c447f8a1

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javhd.icu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd:1:1; expires=Tue, 04 Jul 2034 18:32:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

javhd.icu/wp-content/uploads/2024/06/JAV-HD-ADN-575-Yuzuki-Ria-360x240.jpg

188.114.97.1

200 OK

25 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/06/JAV-HD-ADN-575-Yuzuki-Ria-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
25 kB (25210 bytes)
Hash
f61e67b700b7a87e0aebcfeac8b3f35b
3a2198f58ca227d97de662b9c821b16fad256b4e
8a7c69ac7236cb0e5e8370bbd50a571c53ca8e3dc428711f03941047d98610e2

HTTP Headers

GET /wp-content/uploads/2024/06/JAV-HD-ADN-575-Yuzuki-Ria-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 25210
last-modified: Sat, 29 Jun 2024 09:49:43 GMT
etag: "667fd8b7-627a"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7hogR7SPnoRdb4G3pt10sS1bRGIxEqt6Ek9UH0veU4ExmhT10rtQYlEs9dC7qIfeG6Vb7rI8ofpESGUp4HvXXGSKKoC%2BQOXUApA3iwie6hDGPeZeT%2FNIG6ckmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedcd1bb515-OSL
alt-svc: h3=":443"; ma=86400

cdn.tsyndicate.com/sdk/v1/puengine.js

45.133.44.70

200 OK

90 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/puengine.js
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
FingerprintD1:BA:EE:F0:8D:8F:47:DF:CC:82:D6:69:8B:C5:E6:32:61:B2:10:52
ValiditySat, 08 Jun 2024 03:00:23 GMT - Fri, 06 Sep 2024 03:00:22 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
90 kB (89731 bytes)
Hash
dd5e3d608cc7831780050c847b3b249e
ae5df44b84829faa0cbf2614c5b3c23d1901063b
9f8cc0fa666cd6911977e73e8ea15747da46c0e2fed880b774d974aeec94fa50

HTTP Headers

GET /sdk/v1/puengine.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 89731
server: nginx
last-modified: Mon, 15 Jan 2024 13:51:12 GMT
etag: "65a53850-15e83"
x-robots-tag: noindex, nofollow
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:06 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

1.3 kB

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
1.3 kB (1306 bytes)
Hash
daae042e6beb30276585f9eeab7d5a61
f125cc04a1901be5425ee20b8eb26c6f807f60f7
7fd831716740c3137a9857b557e4397ca4d2a4cec1fb3563f10b126b937597ab

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 323
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D; expires=Mon, 06-Jul-2026 18:32:06 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/splash.php?idzone=5334128&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334128&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334128&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da65ae675.458865281891600204%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:06 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334130&sub=44189
X-Robots-Tag: noindex, follow

s.magsrv.com/splash.php?idzone=5334130&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334130&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334130&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2266898da6860671.69213661924922120%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:06 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334132&sub=44189
X-Robots-Tag: noindex, follow

s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11Qy0oEMRD8FX9gQnWnO+ns2bOC4gdkkhnUgxdZWaE/3mR0YTFFk35UV4owWBbkBemO5BT5hOSFQkEQDqTiD49PLuTv9eu1h7d2dhETJY9SCoubZR6XUrJM7Aobec4GeInJFEOC1KNjgDWKzCwA5Bn+8nx/BE3AI3BhxSjmq87wsey4zN1Ee221Wcta2tpXyJ772mRV3rtomsQbl/hFmMp8rQaWSYskkYeTceBHu35+fzT3G+LE1TcO8f/Tv4nBs5PIJHntZmV8KW1r3SyB9tQlKbY9t1iz/gCkEM0abwEAAA==&dbt=e2e_66898da64ed0b5.35879920&scr_info=YXN5bmN8fDM%3D

95.211.229.246

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11Qy0oEMRD8FX9gQnWnO+ns2bOC4gdkkhnUgxdZWaE/3mR0YTFFk35UV4owWBbkBemO5BT5hOSFQkEQDqTiD49PLuTv9eu1h7d2dhETJY9SCoubZR6XUrJM7Aobec4GeInJFEOC1KNjgDWKzCwA5Bn+8nx/BE3AI3BhxSjmq87wsey4zN1Ee221Wcta2tpXyJ772mRV3rtomsQbl/hFmMp8rQaWSYskkYeTceBHu35+fzT3G+LE1TcO8f/Tv4nBs5PIJHntZmV8KW1r3SyB9tQlKbY9t1iz/gCkEM0abwEAAA==&dbt=e2e_66898da64ed0b5.35879920&scr_info=YXN5bmN8fDM%3D
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA11Qy0oEMRD8FX9gQnWnO+ns2bOC4gdkkhnUgxdZWaE/3mR0YTFFk35UV4owWBbkBemO5BT5hOSFQkEQDqTiD49PLuTv9eu1h7d2dhETJY9SCoubZR6XUrJM7Aobec4GeInJFEOC1KNjgDWKzCwA5Bn+8nx/BE3AI3BhxSjmq87wsey4zN1Ee221Wcta2tpXyJ772mRV3rtomsQbl/hFmMp8rQaWSYskkYeTceBHu35+fzT3G+LE1TcO8f/Tv4nBs5PIJHntZmV8KW1r3SyB9tQlKbY9t1iz/gCkEM0abwEAAA==&dbt=e2e_66898da64ed0b5.35879920&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIoCNHhI4YLESgKROGTBk5cwzGqJEwzBg6Bm8kpHPGoAgZM2DIyNFwRgszNcyIaUGjhgwzLcLYGEOjRY4bMmrYsEGDZw0xZUQkHMMmjcQYNmZUrDPGYw4yYsaImSEGB8sYYmKwLGMDhk0YM3K0iCHjxoyQZW_UKENGqAgxadrqEDGjBowaOfDW7JqTJYwbNW_SKHMSaAwaMMjUCJO1aUUydiTerTEDR0I4dcRkzHHTRkU4cAzSoBEDR46Ec-Bg1DE6BuAaGkU0NGMw6eU2bjrquBFjolIRdWJ4REOHDpw5Ol68mOOiTZgzc-TYcTHmTZvlcNiEmYPGBRw0cH7E1fPGTZkelGeQloGDSx0YIm3MydyjtWm3ZKx7VBPGDhoyLqQxRh1ujRHGalvA0MVlcjSlwwwu5EAYDJ6JMAYcbXwBR4MGweACfCHhgJAI0oWmgwwjlnFhGx1-CNZpwNVh1Fw94UBGGDPg2IJLnLFUmQ0tiMHeGC2gSIYMNMyA0g0wjDGDW2mYKEIOMUToIQ0yuDARDW7J8UWUTlWZw5VZbulWHWF41MQbeqTBhnYv1PAhCChg0dsOIDCRhht14AECHjjY8AVPeEqnQw42fJgCCEeouMYbL8gAQwzwURoDCEakIUcZZryBxwuIfliggyI48YRbb3g5BqmmusUGqUU4gV8ZdnyxKRsSwXYDDjPYgAN8CclxhhsG5YRDbA7VKkZBOuBgmQjJftHGG3KxZ8OIZMjxhkG_vRHRiQx6modBFJHI6XDFHZfcC_z5B6CAdbzg1h0ekfWrW2jUKxKXlz05lx1xlfFGgG7MQUcYbtDRXBlzzPFcGS6oERFq0nmk7cF0pNpCHW6kQcdYObhwJKrRRfbgpDjgBdgMMiREBqkOfTHyRiwehJNIY-JUIR1tyCDRzSP9JcO1eT1mK8NwfHHgz5IGrXNCtCrNxkN0fLuFegvKJsZq0HIaRh1sYHTZqx0OpRsMfSgQEA%3D%3D&s=ce428cd4d50ab4643606c9fb068c95da4c3d8ad9d451bb7451b0209890254a1d1720290726

144.76.197.134

200 OK

43 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIoCNHhI4YLESgKROGTBk5cwzGqJEwzBg6Bm8kpHPGoAgZM2DIyNFwRgszNcyIaUGjhgwzLcLYGEOjRY4bMmrYsEGDZw0xZUQkHMMmjcQYNmZUrDPGYw4yYsaImSEGB8sYYmKwLGMDhk0YM3K0iCHjxoyQZW_UKENGqAgxadrqEDGjBowaOfDW7JqTJYwbNW_SKHMSaAwaMMjUCJO1aUUydiTerTEDR0I4dcRkzHHTRkU4cAzSoBEDR46Ec-Bg1DE6BuAaGkU0NGMw6eU2bjrquBFjolIRdWJ4REOHDpw5Ol68mOOiTZgzc-TYcTHmTZvlcNiEmYPGBRw0cH7E1fPGTZkelGeQloGDSx0YIm3MydyjtWm3ZKx7VBPGDhoyLqQxRh1ujRHGalvA0MVlcjSlwwwu5EAYDJ6JMAYcbXwBR4MGweACfCHhgJAI0oWmgwwjlnFhGx1-CNZpwNVh1Fw94UBGGDPg2IJLnLFUmQ0tiMHeGC2gSIYMNMyA0g0wjDGDW2mYKEIOMUToIQ0yuDARDW7J8UWUTlWZw5VZbulWHWF41MQbeqTBhnYv1PAhCChg0dsOIDCRhht14AECHjjY8AVPeEqnQw42fJgCCEeouMYbL8gAQwzwURoDCEakIUcZZryBxwuIfliggyI48YRbb3g5BqmmusUGqUU4gV8ZdnyxKRsSwXYDDjPYgAN8CclxhhsG5YRDbA7VKkZBOuBgmQjJftHGG3KxZ8OIZMjxhkG_vRHRiQx6modBFJHI6XDFHZfcC_z5B6CAdbzg1h0ekfWrW2jUKxKXlz05lx1xlfFGgG7MQUcYbtDRXBlzzPFcGS6oERFq0nmk7cF0pNpCHW6kQcdYObhwJKrRRfbgpDjgBdgMMiREBqkOfTHyRiwehJNIY-JUIR1tyCDRzSP9JcO1eT1mK8NwfHHgz5IGrXNCtCrNxkN0fLuFegvKJsZq0HIaRh1sYHTZqx0OpRsMfSgQEA%3D%3D&s=ce428cd4d50ab4643606c9fb068c95da4c3d8ad9d451bb7451b0209890254a1d1720290726
IP
144.76.197.134:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/p/p.gif?p=APeIoCNHhI4YLESgKROGTBk5cwzGqJEwzBg6Bm8kpHPGoAgZM2DIyNFwRgszNcyIaUGjhgwzLcLYGEOjRY4bMmrYsEGDZw0xZUQkHMMmjcQYNmZUrDPGYw4yYsaImSEGB8sYYmKwLGMDhk0YM3K0iCHjxoyQZW_UKENGqAgxadrqEDGjBowaOfDW7JqTJYwbNW_SKHMSaAwaMMjUCJO1aUUydiTerTEDR0I4dcRkzHHTRkU4cAzSoBEDR46Ec-Bg1DE6BuAaGkU0NGMw6eU2bjrquBFjolIRdWJ4REOHDpw5Ol68mOOiTZgzc-TYcTHmTZvlcNiEmYPGBRw0cH7E1fPGTZkelGeQloGDSx0YIm3MydyjtWm3ZKx7VBPGDhoyLqQxRh1ujRHGalvA0MVlcjSlwwwu5EAYDJ6JMAYcbXwBR4MGweACfCHhgJAI0oWmgwwjlnFhGx1-CNZpwNVh1Fw94UBGGDPg2IJLnLFUmQ0tiMHeGC2gSIYMNMyA0g0wjDGDW2mYKEIOMUToIQ0yuDARDW7J8UWUTlWZw5VZbulWHWF41MQbeqTBhnYv1PAhCChg0dsOIDCRhht14AECHjjY8AVPeEqnQw42fJgCCEeouMYbL8gAQwzwURoDCEakIUcZZryBxwuIfliggyI48YRbb3g5BqmmusUGqUU4gV8ZdnyxKRsSwXYDDjPYgAN8CclxhhsG5YRDbA7VKkZBOuBgmQjJftHGG3KxZ8OIZMjxhkG_vRHRiQx6modBFJHI6XDFHZfcC_z5B6CAdbzg1h0ekfWrW2jUKxKXlz05lx1xlfFGgG7MQUcYbtDRXBlzzPFcGS6oERFq0nmk7cF0pNpCHW6kQcdYObhwJKrRRfbgpDjgBdgMMiREBqkOfTHyRiwehJNIY-JUIR1tyCDRzSP9JcO1eT1mK8NwfHHgz5IGrXNCtCrNxkN0fLuFegvKJsZq0HIaRh1sYHTZqx0OpRsMfSgQEA%3D%3D&s=ce428cd4d50ab4643606c9fb068c95da4c3d8ad9d451bb7451b0209890254a1d1720290726 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/gif
content-length: 43
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

go.mnaspm.com/smartpop/c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594409&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&p1=4305936

104.18.40.50

302 Found

0 B

URL GET HTTP/2
go.mnaspm.com/smartpop/c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594409&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&p1=4305936
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smartpop/c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594409&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&p1=4305936 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 06 Jul 2024 18:32:06 GMT
content-length: 0
location: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89f1acf11ed4b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.magsrv.com/ad-provider.js

185.76.9.17

200 OK

90 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
90 kB (89809 bytes)
Hash
f6166dbb3375adfa4dd29a7672e3bf1a
de292f2bf5942a504675c4f6264e96e23c43e2d7
69e15e43df0a5312b70745fea084309ff0d204c92f621ed84b6a2e8450364839

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript
etag: W/"18483d80947e14cf49f8c9ebbe3"
expires: Thu, 04 Jul 2024 18:06:20 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3+QUAAAwBuUwKEwH3OwMAAAwBJRPCNAH30wIAAA
x-77-nzt-ray: c0a4cc28915eb261a68d896688376e1e
x-accel-expires: @1720299997
x-accel-date: 1720289197
x-77-cache: HIT
x-77-age: 1529
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107130
x-cache: HIT
x-age: 1529
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334132&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334132&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334132&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da6a2b580.929846504050510703%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:06 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334134&sub=44189
X-Robots-Tag: noindex, follow

3pkf5m0gd.com/solid.gif?z=2009932&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5

212.117.190.201

200 OK

43 B

URL POST HTTP/2
3pkf5m0gd.com/solid.gif?z=2009932&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint70:73:69:43:4D:B1:BF:B0:38:3A:37:4F:FE:52:FC:49:36:88:AD:7E
ValidityFri, 10 May 2024 15:27:38 GMT - Tue, 05 Nov 2024 22:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=2009932&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5 HTTP/1.1
Host: 3pkf5m0gd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Sat, 09 Aug 2025 18:32:06 GMT; Secure; SameSite=None
UID=24070613327fa40686120443f4aa05fc1799; Path=/; Expires=Sat, 09 Aug 2025 18:32:06 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

javhd.icu/ads/300x250.js

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
javhd.icu/ads/300x250.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
ASCII text, with very long lines (387)
Size
31 kB (30966 bytes)
Hash
640624d84eca06a1813eb59f377b5dea
c7bb0defa82970216629165e03746c4414bbffc4
41c7bb36ece6e2cd4518b564c6c73ce921705a85095609c94774293a8ede1a13

HTTP Headers

GET /ads/300x250.js HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=1167
etag: W/"6637161b-48f"
last-modified: Sun, 05 May 2024 05:16:11 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnuTiH53grmgdsvueYHk0SBPagHsPVnafdrkydW%2FgANagUB39Gb7XBCLbr0ax5Q%2FIAV%2BmrX7jXoySJTdpz5U58c3OISGNjiwo1qi8pBsEVfgCpZOGfBy1aPHx7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace78868b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.magsrv.com/iframe.js?idzone=5335874&size=300x250&sub=44189

185.76.9.17

200 OK

1.4 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5335874&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (2834), with no line terminators
Size
1.4 kB (1420 bytes)
Hash
a62c28e4f307f8271a70d82a1ee22fa8
cbe2fdd211a5606e2385444ff390ab92609cac0c
486f1d7fd657bd20b2b4800ab0b356f0e355049ab7f6f7f6308e65c6b02f4a8d

HTTP Headers

GET /iframe.js?idzone=5335874&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript
etag: W/"65a7ca0c0e4dc62415a52fd4eba"
expires: Thu, 04 Jul 2024 18:18:03 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoBAfcAAAAADAElE8IuAfdFBQAA
x-77-nzt-ray: c0a4cc28915eb261a68d89664436c121
x-accel-expires: @1720301388
x-accel-date: 1720290726
x-77-cache: HIT
x-77-age: 0
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

cdn.cloudfrale.com/bn/c50/cf9/928/c50cf9928e75954c4a192ef77469fb276f88cbc7.mp4

45.133.44.20

206 Partial Content

362 kB

URL GET HTTP/2
cdn.cloudfrale.com/bn/c50/cf9/928/c50cf9928e75954c4a192ef77469fb276f88cbc7.mp4
IP
45.133.44.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintC7:59:0C:CC:F5:3F:DC:64:5E:C5:23:EA:9B:E9:E2:05:E3:08:21:C4
ValiditySat, 22 Jun 2024 22:28:33 GMT - Wed, 18 Dec 2024 22:59:00 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
362 kB (362447 bytes)
Hash
f2d9f8d3f4f5e49bc0abcee950a5f982
c50cf9928e75954c4a192ef77469fb276f88cbc7
3afc095150562a4ecce69abf62467ecf77c70943404d321c23d6dd98b98573bb

HTTP Headers

GET /bn/c50/cf9/928/c50cf9928e75954c4a192ef77469fb276f88cbc7.mp4 HTTP/1.1
Host: cdn.cloudfrale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: video/mp4
content-length: 362447
server: nginx/1.26.0
etag: f2d9f8d3f4f5e49bc0abcee950a5f982
last-modified: Tue, 27 Feb 2024 10:52:19 GMT
x-timestamp: 1709031138.59093
x-trans-id: tx571b21b91a3d4e96820d3-0066856785
x-openstack-request-id: tx571b21b91a3d4e96820d3-0066856785
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Mon, 08 Jul 2024 18:32:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-362446/362447
X-Firefox-Spdy: h2

video.xxxjmp.com/push/eu3/1720290720/122444166.jpeg

104.18.40.50

200 OK

5.3 kB

URL GET HTTP/2
video.xxxjmp.com/push/eu3/1720290720/122444166.jpeg
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectvideo.xxxjmp.com
FingerprintDA:15:7D:E3:CE:93:A1:7A:45:D7:68:C9:9E:FE:83:95:19:D3:D3:AA
ValidityThu, 30 May 2024 05:31:32 GMT - Wed, 28 Aug 2024 05:31:31 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.3 kB (5288 bytes)
Hash
a2f015a017dcb42cd0ef2b40fbd03d26
39b16e8229832dff6fe5a1674d552aacc29b8f27
48a24bc16bd092cb5056ef3fce8afac1c74d3e1fbcab4a96179b12de2a8559ee

HTTP Headers

GET /push/eu3/1720290720/122444166.jpeg HTTP/1.1
Host: video.xxxjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/webp
content-length: 5288
etag: W/"b983d7472a1a6dc1f83dbfe254ef7852"
last-modified: Sat, 06 Jul 2024 18:31:14 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
expires: Sat, 06 Jul 2024 22:32:06 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 89f1acf2383b568a-OSL
X-Firefox-Spdy: h2

tsyndicate.com/do2/6699e731beed4dbc8e16f43b56633d73/push?w=1280&h=1024&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&tz=0&t=in_page_push

195.201.244.188

200 OK

2.4 kB

URL GET HTTP/2
tsyndicate.com/do2/6699e731beed4dbc8e16f43b56633d73/push?w=1280&h=1024&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&tz=0&t=in_page_push
IP
195.201.244.188:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
JSON text data
Size
2.4 kB (2442 bytes)
Hash
602d7c324b449a379d0dc7ae60ae91f1
9c8c8416b8e4b55be2b36f86dc94f430e2f43de5
b9b9c8d38edcbc6b89d7c955694f17a9f03270418eec4948ee62424b73109d90

HTTP Headers

GET /do2/6699e731beed4dbc8e16f43b56633d73/push?w=1280&h=1024&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&tz=0&t=in_page_push HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://javhd.icu
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: d297245b0b9233f0
set-cookie: ts_uid=5ed53e12-99f6-4fd2-9e1f-6b2f462b4f91; expires=Mon, 06 Jan 2025 18:32:06 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
ad6c881472586e9e0d8af69314088791
d41167e9786f54df7dbcfc3f51e21954cba33da9
a798eff1c799f774e62f07c8d46df77c1e71737ed978eda099ccc7666fe8a37e

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189

185.76.9.17

200 OK

739 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://ts.trafget.com/nw.php?subid=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
739 B (739 bytes)
Hash
bda5abce03252a342f7e5274127720d2
dc824a3570968544daff61ca8bc6c62fea4f4600
230bdeb3045716e9fbcdb87e9d8787288bf8cd25eda596322504f20210b2c5fe

HTTP Headers

GET /iframe.php?idzone=5335874&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ts.trafget.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 06 Jul 2024 21:28:19 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoBAffjAAAADAGKxyXEAbNFKgAA
x-77-nzt-ray: c0a4cc28915eb261a68d8966f3fce426
x-accel-expires: @1720301299
x-accel-date: 1720290499
x-77-cache: HIT
vary: Accept-Encoding
content-encoding: gzip
x-77-age: 227
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334134&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334134&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334134&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da6e1dc55.029045783059453516%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:06 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334136&sub=44189
X-Robots-Tag: noindex, follow

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3CwAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a68d89664d284438
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 11
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 11
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

6v41p4bsq.com/check.html

212.117.190.201

200 OK

1.6 kB

URL GET HTTP/2
6v41p4bsq.com/check.html
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint8E:C7:E1:4C:FB:1B:1D:25:76:B6:75:76:0F:E1:F1:0E:58:A4:07:3A
ValidityFri, 21 Jun 2024 22:45:10 GMT - Tue, 17 Dec 2024 22:59:00 GMT

File type
HTML document, ASCII text, with very long lines (2025)
Size
1.6 kB (1609 bytes)
Hash
3a604b597a14385e819f6b408b8776f9
c99a0266536a8827e472d0bd0c38030c0d495bdd
e7071632eed5f425a78464eb81cac2091be2c2ff6df2ee26460b217ab3119b0e

HTTP Headers

GET /check.html HTTP/1.1
Host: 6v41p4bsq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html
last-modified: Thu, 27 Jun 2024 07:16:08 GMT
vary: Accept-Encoding
etag: W/"667d11b8-394"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

accompanimentachyjustified.com/watch.1111033423741.js?dev=e&key=e94aba79152021f73efaa9cfb59f2f91&kw=%5B%22jav%22%2C%22hd%22%2C%22snis-103%22%2C%22aoba%22%2C%22yui%22%2C%22peeing%22%2C%22of%22%2C%22shyness%22%2C%22hiiragi%22%2C%22noa%22%5D&pst=1720290786&refer=https%3A%2F%2Fjavhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&res=14.2071&rmtc=t&shu=24938f0195683cf0f7440b9815436181661af1e82adf67878e0ea705165ab77d8197935c976849b1c2978e5b3e82eb7c0429c22ac2701ec32bb84e8144993140013d27c1de90290cc46c8bdfece087d0691f9968a3ec2fb19fdf6f&tz=0&uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1

172.240.127.234

200 OK

2.5 kB

URL GET HTTP/1.1
accompanimentachyjustified.com/watch.1111033423741.js?dev=e&key=e94aba79152021f73efaa9cfb59f2f91&kw=%5B%22jav%22%2C%22hd%22%2C%22snis-103%22%2C%22aoba%22%2C%22yui%22%2C%22peeing%22%2C%22of%22%2C%22shyness%22%2C%22hiiragi%22%2C%22noa%22%5D&pst=1720290786&refer=https%3A%2F%2Fjavhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&res=14.2071&rmtc=t&shu=24938f0195683cf0f7440b9815436181661af1e82adf67878e0ea705165ab77d8197935c976849b1c2978e5b3e82eb7c0429c22ac2701ec32bb84e8144993140013d27c1de90290cc46c8bdfece087d0691f9968a3ec2fb19fdf6f&tz=0&uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectaccompanimentachyjustified.com
Fingerprint0D:4F:F9:C8:33:C1:17:07:5C:6F:DF:E4:C6:AF:A0:F6:C4:A8:5A:F3
ValidityMon, 01 Jul 2024 15:38:04 GMT - Sun, 29 Sep 2024 15:38:03 GMT

File type
JavaScript source, ASCII text, with very long lines (3159)
Size
2.5 kB (2467 bytes)
Hash
f7285d757115174d0a02bd046948ae73
95d048ede70edbc5ed4366115273a115d41c46bb
1cc467b4b35d46b718cf0516c04acff00287972597db98ab803baf17de04e144

HTTP Headers

GET /watch.1111033423741.js?dev=e&key=e94aba79152021f73efaa9cfb59f2f91&kw=%5B%22jav%22%2C%22hd%22%2C%22snis-103%22%2C%22aoba%22%2C%22yui%22%2C%22peeing%22%2C%22of%22%2C%22shyness%22%2C%22hiiragi%22%2C%22noa%22%5D&pst=1720290786&refer=https%3A%2F%2Fjavhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&res=14.2071&rmtc=t&shu=24938f0195683cf0f7440b9815436181661af1e82adf67878e0ea705165ab77d8197935c976849b1c2978e5b3e82eb7c0429c22ac2701ec32bb84e8144993140013d27c1de90290cc46c8bdfece087d0691f9968a3ec2fb19fdf6f&tz=0&uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1 HTTP/1.1
Host: accompanimentachyjustified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: u_pl=16420765; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyMDc2NSwiayI6ImU5NGFiYTc5MTUyMDIxZjczZWZhYTljZmI1OWYyZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjAxNTQ1LCJwaWQiOjMzNDA2MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ3eWJndnl1ZSIsImNwa3MiOnsiMjgiOiJmZDFiZjI2MWEyZTY3NzJjYjUzODY1NWMyMzgzOTc4NSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2EvIiwiYXIiOltdfX0.YZ1-7BuLKT3fzKV-7psRUZCEosbobdZ6Qa0kq2NDz5c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javhd.icu
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd:1:1; expires=Sat, 13 Jul 2024 18:32:07 GMT; path=/; secure; SameSite=None
iprc077e9871f934a8153a5b9c8e2fb6200c=3569681; expires=Sat, 06 Jul 2024 22:32:07 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 07 Jul 2024 18:32:07 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 07 Jul 2024 18:32:07 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Sun, 07 Jul 2024 18:32:07 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Sun, 07 Jul 2024 18:32:07 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c46e4a186bffddacfac00a788d7c0b74
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

s.magsrv.com/splash.php?idzone=5334138&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334138&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334138&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da7172646.951807212201176409%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334140&sub=44189
X-Robots-Tag: noindex, follow

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
ad6c881472586e9e0d8af69314088791
d41167e9786f54df7dbcfc3f51e21954cba33da9
a798eff1c799f774e62f07c8d46df77c1e71737ed978eda099ccc7666fe8a37e

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
681a79c0996ebd5b2d9fa1608e6d3188
bb9d46c5b520aea4edba87cdffbba62603f7534b
1c8ba767c298d400dd4d592209aed05c632bbf9597bf823485d5d179d6641f94

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/splash.php?idzone=5334140&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334140&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334140&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2266898da731bb73.91816123318782835%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334142&sub=44189
X-Robots-Tag: noindex, follow

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89665622de0d
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89664336c20e
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
681a79c0996ebd5b2d9fa1608e6d3188
bb9d46c5b520aea4edba87cdffbba62603f7534b
1c8ba767c298d400dd4d592209aed05c632bbf9597bf823485d5d179d6641f94

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/splash.php?idzone=5334142&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334142&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334142&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da741a9f1.692137012252711628%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334144&sub=44189
X-Robots-Tag: noindex, follow

video.ktkjmp.com/adsbygoogle.js

104.18.53.225

200 OK

16 B

URL GET HTTP/2
video.ktkjmp.com/adsbygoogle.js
IP
104.18.53.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerLet's Encrypt
Subjectvideo.ktkjmp.com
Fingerprint3B:FF:2A:E5:EB:57:BC:D5:16:7F:46:F3:69:2C:46:45:6D:4C:6E:BB
ValiditySat, 01 Jun 2024 01:16:13 GMT - Fri, 30 Aug 2024 01:16:12 GMT

File type
ASCII text
Size
16 B (16 bytes)
Hash
3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

HTTP Headers

GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: N/Ka+VmEDZ+RBUPAKEXkZYRhYoVPp3IVLDlCSFPWfBjFyG3UCPHobJOnrnQ3zm9qgt4NdsJz6Qw=
x-amz-request-id: QGYDYNCRRYZH5ZW9
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.mnaspm.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 6404
expires: Sat, 06 Jul 2024 22:32:07 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf59efd568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

peeredplanned.com/pixel/purst?dl=0&th=0&sc=0&rs=6205&rd=6205&fd=752&bv=24.5.8230&tmpl=70

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
peeredplanned.com/pixel/purst?dl=0&th=0&sc=0&rs=6205&rd=6205&fd=752&bv=24.5.8230&tmpl=70
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectpeeredplanned.com
Fingerprint23:64:4C:B2:E0:6C:C8:01:56:A7:88:5E:78:56:C8:24:25:DE:C5:37
ValidityMon, 01 Jul 2024 15:36:13 GMT - Sun, 29 Sep 2024 15:36:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=6205&rd=6205&fd=752&bv=24.5.8230&tmpl=70 HTTP/1.1
Host: peeredplanned.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

a.magsrv.com/ad-provider.js

185.76.9.17

200 OK

231 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
231 kB (231042 bytes)
Hash
9f5b9037d44d3c3b484bbc2c0d118449
02b65f52f16df3a517b7a03c7e35ba52b3cb6e2a
bc3d8454fbcb40d64d83ac674c26459e63c5af3b5c1e74f83736df51ff9c97e3

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"18483d80947e14cf49f8c9ebbe3"
expires: Thu, 04 Jul 2024 18:06:20 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3+gUAAAwBuUwKEwH3OwMAAAwBJRPCNAH30wIAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966c6d80c00
x-accel-expires: @1720299997
x-accel-date: 1720289197
x-77-cache: HIT
x-77-age: 1530
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107130
x-cache: HIT
x-age: 1530
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89665b777b16
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334144&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334144&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334144&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da7613998.416270572310958208%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334146&sub=44189
X-Robots-Tag: noindex, follow

a.magsrv.com/ad-provider.js

185.76.9.17

200 OK

43 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (35849)
Size
43 kB (43015 bytes)
Hash
710721b64ea5e3867ccff5f3de8ef294
18483d80947e14cf49f8c9ebbe3391e1f48fd0bc
bc0563abe13d7d9aa2d4b78a528f19ab616341e43dbf486aabca10559ae58e64

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"18483d80947e14cf49f8c9ebbe3"
expires: Thu, 04 Jul 2024 18:06:20 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3+gUAAAwBuUwKEwH3OwMAAAwBJRPCNAH30wIAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966070a2718
x-accel-expires: @1720299997
x-accel-date: 1720289197
x-77-cache: HIT
x-77-age: 1530
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107130
x-cache: HIT
x-age: 1530
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

img.strpst.com/thumbs/1720290630/125247729_webp

104.17.11.106

200 OK

11 kB

URL GET HTTP/2
img.strpst.com/thumbs/1720290630/125247729_webp
IP
104.17.11.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (10560 bytes)
Hash
c0d43177ada5d4021d07ad13c6269715
82696d1af9f2fb0b34f23c0934e524204d2ecdab
aa8e30bbeb6794972ee14b0f7e8f53da2da521c927b2505cced7e1dd683579df

HTTP Headers

GET /thumbs/1720290630/125247729_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: image/webp
content-length: 10560
etag: "c0d43177ada5d4021d07ad13c6269715"
last-modified: Sat, 06 Jul 2024 18:29:32 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 77
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf6c8dd0b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

javhd.icu/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5

188.114.97.1

200 OK

91 kB

URL GET HTTP/3
javhd.icu/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
gzip compressed data, from Unix
Size
91 kB (91189 bytes)
Hash
aa28ead30d0bed572701ae192255cd3b
c81928973dadb337890be11369c7c6a574e46ee1
15d9ecf6feaedb310e19edcf0d52f051c7d3f815f5ce0d597b7b7f8e27e95f50

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.5 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript
last-modified: Tue, 02 Apr 2024 20:45:37 GMT
vary: Accept-Encoding
etag: W/"660c6e71-4926"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 15157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2B6TVlDoXLm6VdQglLSG4UyJet%2BTf86HM9Zu0ycdLOFFl5Icd79%2BvZRVcoX4cOBZJgtOY5AblOQ7ObBgDYiV9GV%2BBbpVo%2BA9v9i0f20w2j9YTKvz%2FYf%2FpN2y5RE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1aceeceb8b515-OSL
alt-svc: h3=":443"; ma=86400

6v41p4bsq.com/get/1872644?zoneid=1872644&jp=_cluue4mixhbf2cmb1axmvj&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=ajuIbnmSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=sSEhXQuaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=4897815577138176&eclog=0&im=1&cs=5&freq=0&uf=0

212.117.190.201

200 OK

20 kB

URL GET HTTP/2
6v41p4bsq.com/get/1872644?zoneid=1872644&jp=_cluue4mixhbf2cmb1axmvj&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=ajuIbnmSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=sSEhXQuaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=4897815577138176&eclog=0&im=1&cs=5&freq=0&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint8E:C7:E1:4C:FB:1B:1D:25:76:B6:75:76:0F:E1:F1:0E:58:A4:07:3A
ValidityFri, 21 Jun 2024 22:45:10 GMT - Tue, 17 Dec 2024 22:59:00 GMT

File type
gzip compressed data, from Unix
Size
20 kB (19512 bytes)
Hash
687091a407efe40a6892629fb94dda2a
63fa97349fff543e7c7e5de0086d6a743cb70b1c
33187b4ba8cda792aba90b25646d8f80b6cc1e492bce6e16ac0ccd6a13745df3

HTTP Headers

GET /get/1872644?zoneid=1872644&jp=_cluue4mixhbf2cmb1axmvj&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=ajuIbnmSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=sSEhXQuaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=4897815577138176&eclog=0&im=1&cs=5&freq=0&uf=0 HTTP/1.1
Host: 6v41p4bsq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 09 Aug 2025 18:32:06 GMT; Secure; SameSite=None
UID=24070613324682d6d4d29041a39a679fb5ef; Path=/; Expires=Sat, 09 Aug 2025 18:32:06 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189

185.76.9.17

200 OK

185 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text
Size
185 B (185 bytes)
Hash
8cba12961bd203fce8b0cedfe274e07e
2360a9ebf2e63d43ed0a64f9230c05356a371b03
5e9545a9454d67a84027636b3fcf3308374a0cdce90d8df758a74e0218d17a31

HTTP Headers

GET /iframe.php?idzone=5335878&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 06 Jul 2024 18:57:49 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoBAffvIgAADAGckiEnAfc7AQAA
x-77-nzt-ray: c0a4cc28915eb261a78d896630b18e17
x-accel-expires: @1720292269
x-accel-date: 1720281784
x-77-cache: HIT
x-77-age: 8943
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
681a79c0996ebd5b2d9fa1608e6d3188
bb9d46c5b520aea4edba87cdffbba62603f7534b
1c8ba767c298d400dd4d592209aed05c632bbf9597bf823485d5d179d6641f94

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

go.mnaspm.com/api/models?landing=WidgetV4Universal&masterSmartpopId=1605&quality=240p&smartpopId=1062&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=2&usePreroll=0&sortBy=recommended

104.18.40.50

200 OK

2.4 kB

URL GET HTTP/3
go.mnaspm.com/api/models?landing=WidgetV4Universal&masterSmartpopId=1605&quality=240p&smartpopId=1062&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=2&usePreroll=0&sortBy=recommended
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type
JavaScript source, ASCII text, with very long lines (6442), with no line terminators
Size
2.4 kB (2380 bytes)
Hash
5b5ff64411091782c2b10fb643d7d660
3258caeab76516d8f63e2ed76c84337852f357af
edd1c206009d2997bd9da4e90effac1821f83d5c125d8083f6dcca3c898fef16

HTTP Headers

GET /api/models?landing=WidgetV4Universal&masterSmartpopId=1605&quality=240p&smartpopId=1062&tag=girls&webp=1&forceClient=1&stripcashR=0&limit=2&usePreroll=0&sortBy=recommended HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-encoding: gzip
last-modified: Sat, 06 Jul 2024 18:31:39 GMT
cf-cache-status: HIT
age: 4
server: cloudflare
cf-ray: 89f1acf648ddb509-OSL
alt-svc: h3=":443"; ma=86400

a.magsrv.com/iframe.js?idzone=5335876&size=300x250&sub=44189

185.76.9.17

200 OK

3.5 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5335876&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (2298)
Size
3.5 kB (3523 bytes)
Hash
298121a075d87145e560314edca98a9f
f51cf7ffd7420da974ec89cac4cc4557e6a967ee
a5d47895d333c86dc4c9ac91d942b00043f10034d8685f9f12cb7e18e8d15289

HTTP Headers

GET /iframe.js?idzone=5335876&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"29ac3eb1b23a294bd594dc9f09d"
expires: Thu, 04 Jul 2024 18:17:44 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoBAffwIgAADAElE8IuAfdaBQAA
x-77-nzt-ray: c0a4cc28915eb261a78d89668b3a8906
x-accel-expires: @1720292268
x-accel-date: 1720281783
x-77-cache: HIT
x-77-age: 8944
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89668c9c9c23
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966960f9025
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334152&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334152&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334152&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da799f893.593024213374772711%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334154&sub=44189
X-Robots-Tag: noindex, follow

a.magsrv.com/iframe.js?idzone=5335878&size=300x250&sub=44189

185.76.9.17

200 OK

1.4 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5335878&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (2834), with no line terminators
Size
1.4 kB (1420 bytes)
Hash
14b0f30b26207367146e3c519dbcb0cc
b57ae949501c14695bb0743bdd5c5249f7dd75d8
df1ba1351f8c6e2c75e36124a136ea705a82f445cc3be0e41b8aaa41ecd05e1a

HTTP Headers

GET /iframe.js?idzone=5335878&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"b86a4f037dde5fe6489a3bc7ba5"
expires: Thu, 04 Jul 2024 18:17:46 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoTAffvIgAADAHUZjgRAfdZBQAA
x-77-nzt-ray: c0a4cc28915eb261a78d896605cd711e
x-accel-expires: @1720292269
x-accel-date: 1720281784
x-77-cache: HIT
x-77-age: 10312
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUIUNGxg0ZNsS0CIkjTAsaMWiIFBOGhpmRNWzImDEmTMkaBUU8DFNnTMYyOGxsFCMDx0gYZG6chCGzRcSSR1mSocHRzEefO8nYoYiDRg4cD-HUEbPwRo4cN2zshANnIQ2UOHI8nANnog4aM5jCqCFXxJg2bXXUoGH2Bo2sZijCOCxCjBs3C2fQgBEjhg2wItq4wchwhgwZMMJq5nyjco0ZD-vEyIiGDh04c3S8eHHmjQs8uNUAdjHmTZsXYeCkedHmzUE2c17QmfODThg5Z8rQIeI7TBo3PebQkZMGzhg0Yejw9s2lDgwYIOvMQZiETI-NNMpI9gpaRksaYczYjDGjIYwbYeRARgz2xTBGDjJ5FkNQMJShkhljjGFfGDGIMcMMFOIQ1w1i2NBgeeeB1EYZbYjBnntrTJHHDFG89kYQMcyRRRRH0HGHElAUAUcLVtiAxhl10DBEEFFUQQMdWrCRxBsxpEGEGEJ8MYccZjShhwxrPJHDEUtcsUYcaCCRgxpBVNGGHWXIEEMcUaAhRxU3DBFDElQMUQMcS6CRRxxFuIEHEWbEUYUQTbzhBBZ0xMHEDVS0kYYWSeiRxQ1B5MHEGmXkQYcSMkTxxRlVJEGEFFWkASJ6NsARQw946cXXqSDN8UYdcoxRRns9DFYYDbCmKkMPklFmGQ69OndGDy2ckYYcyJUggxHXkZFGGJCJRtFDb8DRxrUikOFbRmqEYQcaZLiQxhh16ORXeAttAUMXD4mRmA4wuEDZQ3LYEZiaqdWRRkY4kXFaGQS2cJYZNpxkRkcGE_xSSDKYQYNMYriUw2oPdZfRxS7kUC8NMrjQEA3qyvGFxjqIwLHHLoAs8mDq1hFGRoXqkQYbbITxQg32goACFpXtAAIT19WBBwh4BPWFDTQIna8OCNqbAghHlDHGGm-8AFoM53EdAwjQylGGGW_g8ULUMKgbYUZOPKHuGyavnXLb6rLhU8pFOKHuQXZ8ITYbFNVwww04zHDZefieAZkOMtSAww0P8f2FGHIspGHkZfRdHBkLFWVDRd3K8UZk2CrEeFii45HHQg6JIPa8A7kGm2wvhDtuuefW8YK6d2REIA5pP4SG7-iRPFe-GYnuHB1wt1CHG2nQ0YIMNLjQ0dtTbsUQDP1piB7oZNzdbRlfXG_Rtgx9hJ7HH6klAh1tyECR-jKwD1JDmBnkdxl0fcFu-vWxn_sy5z82IGQ57ZIMvCAiBruMTz91YMNEwmK3hYTGL5yBQR8UEBA%3D&r=1&s=483ce3ce1de1f309c541605d6d44937e515a71dd820aed2b26c02cbe5f67a5bc1720290726&w=t

144.76.197.134

200 OK

43 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUIUNGxg0ZNsS0CIkjTAsaMWiIFBOGhpmRNWzImDEmTMkaBUU8DFNnTMYyOGxsFCMDx0gYZG6chCGzRcSSR1mSocHRzEefO8nYoYiDRg4cD-HUEbPwRo4cN2zshANnIQ2UOHI8nANnog4aM5jCqCFXxJg2bXXUoGH2Bo2sZijCOCxCjBs3C2fQgBEjhg2wItq4wchwhgwZMMJq5nyjco0ZD-vEyIiGDh04c3S8eHHmjQs8uNUAdjHmTZsXYeCkedHmzUE2c17QmfODThg5Z8rQIeI7TBo3PebQkZMGzhg0Yejw9s2lDgwYIOvMQZiETI-NNMpI9gpaRksaYczYjDGjIYwbYeRARgz2xTBGDjJ5FkNQMJShkhljjGFfGDGIMcMMFOIQ1w1i2NBgeeeB1EYZbYjBnntrTJHHDFG89kYQMcyRRRRH0HGHElAUAUcLVtiAxhl10DBEEFFUQQMdWrCRxBsxpEGEGEJ8MYccZjShhwxrPJHDEUtcsUYcaCCRgxpBVNGGHWXIEEMcUaAhRxU3DBFDElQMUQMcS6CRRxxFuIEHEWbEUYUQTbzhBBZ0xMHEDVS0kYYWSeiRxQ1B5MHEGmXkQYcSMkTxxRlVJEGEFFWkASJ6NsARQw946cXXqSDN8UYdcoxRRns9DFYYDbCmKkMPklFmGQ69OndGDy2ckYYcyJUggxHXkZFGGJCJRtFDb8DRxrUikOFbRmqEYQcaZLiQxhh16ORXeAttAUMXD4mRmA4wuEDZQ3LYEZiaqdWRRkY4kXFaGQS2cJYZNpxkRkcGE_xSSDKYQYNMYriUw2oPdZfRxS7kUC8NMrjQEA3qyvGFxjqIwLHHLoAs8mDq1hFGRoXqkQYbbITxQg32goACFpXtAAIT19WBBwh4BPWFDTQIna8OCNqbAghHlDHGGm-8AFoM53EdAwjQylGGGW_g8ULUMKgbYUZOPKHuGyavnXLb6rLhU8pFOKHuQXZ8ITYbFNVwww04zHDZefieAZkOMtSAww0P8f2FGHIspGHkZfRdHBkLFWVDRd3K8UZk2CrEeFii45HHQg6JIPa8A7kGm2wvhDtuuefW8YK6d2REIA5pP4SG7-iRPFe-GYnuHB1wt1CHG2nQ0YIMNLjQ0dtTbsUQDP1piB7oZNzdbRlfXG_Rtgx9hJ7HH6klAh1tyECR-jKwD1JDmBnkdxl0fcFu-vWxn_sy5z82IGQ57ZIMvCAiBruMTz91YMNEwmK3hYTGL5yBQR8UEBA%3D&r=1&s=483ce3ce1de1f309c541605d6d44937e515a71dd820aed2b26c02cbe5f67a5bc1720290726&w=t
IP
144.76.197.134:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUIUNGxg0ZNsS0CIkjTAsaMWiIFBOGhpmRNWzImDEmTMkaBUU8DFNnTMYyOGxsFCMDx0gYZG6chCGzRcSSR1mSocHRzEefO8nYoYiDRg4cD-HUEbPwRo4cN2zshANnIQ2UOHI8nANnog4aM5jCqCFXxJg2bXXUoGH2Bo2sZijCOCxCjBs3C2fQgBEjhg2wItq4wchwhgwZMMJq5nyjco0ZD-vEyIiGDh04c3S8eHHmjQs8uNUAdjHmTZsXYeCkedHmzUE2c17QmfODThg5Z8rQIeI7TBo3PebQkZMGzhg0Yejw9s2lDgwYIOvMQZiETI-NNMpI9gpaRksaYczYjDGjIYwbYeRARgz2xTBGDjJ5FkNQMJShkhljjGFfGDGIMcMMFOIQ1w1i2NBgeeeB1EYZbYjBnntrTJHHDFG89kYQMcyRRRRH0HGHElAUAUcLVtiAxhl10DBEEFFUQQMdWrCRxBsxpEGEGEJ8MYccZjShhwxrPJHDEUtcsUYcaCCRgxpBVNGGHWXIEEMcUaAhRxU3DBFDElQMUQMcS6CRRxxFuIEHEWbEUYUQTbzhBBZ0xMHEDVS0kYYWSeiRxQ1B5MHEGmXkQYcSMkTxxRlVJEGEFFWkASJ6NsARQw946cXXqSDN8UYdcoxRRns9DFYYDbCmKkMPklFmGQ69OndGDy2ckYYcyJUggxHXkZFGGJCJRtFDb8DRxrUikOFbRmqEYQcaZLiQxhh16ORXeAttAUMXD4mRmA4wuEDZQ3LYEZiaqdWRRkY4kXFaGQS2cJYZNpxkRkcGE_xSSDKYQYNMYriUw2oPdZfRxS7kUC8NMrjQEA3qyvGFxjqIwLHHLoAs8mDq1hFGRoXqkQYbbITxQg32goACFpXtAAIT19WBBwh4BPWFDTQIna8OCNqbAghHlDHGGm-8AFoM53EdAwjQylGGGW_g8ULUMKgbYUZOPKHuGyavnXLb6rLhU8pFOKHuQXZ8ITYbFNVwww04zHDZefieAZkOMtSAww0P8f2FGHIspGHkZfRdHBkLFWVDRd3K8UZk2CrEeFii45HHQg6JIPa8A7kGm2wvhDtuuefW8YK6d2REIA5pP4SG7-iRPFe-GYnuHB1wt1CHG2nQ0YIMNLjQ0dtTbsUQDP1piB7oZNzdbRlfXG_Rtgx9hJ7HH6klAh1tyECR-jKwD1JDmBnkdxl0fcFu-vWxn_sy5z82IGQ57ZIMvCAiBruMTz91YMNEwmK3hYTGL5yBQR8UEBA%3D&r=1&s=483ce3ce1de1f309c541605d6d44937e515a71dd820aed2b26c02cbe5f67a5bc1720290726&w=t HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8; bfq=APeIECNCx5YZNW7kwJHDRhcWIsYU3BLjoYgyE2PckAFjxo0bMWQ47KMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/gif
content-length: 43
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zCyHeGFOjzA0cMlrAwGGDTAsaZGLYaCGGDAwxLWyUETMjTJkYYWbkmEFDxMMwdcZktFFSxhgyZmi0yCEDRpiTBVcalIHjJMowOMaUGSMmR5kcPiGSsUORxo0YOB7CqSNm4Y0cOW7Y-AkHzkIaNNDmeDgHzkQdNGbAqLFzrog2ff8GHpyjxo2HY9rY1UEYL4y9Ys0slPFYhBg3bhbOcJwDRw7Dbdxg1BFjhoymalOvPhujxoyHdWJkREOHDpw5Ol68OPPGReowfdu4GPOmzYs5bcLI8f0GzosxNnK0NgOjNgwYNByPeUlGDA7CN8qUpEHVRpgaNMbEkGEGBxn5TceEgeHeqRgZNcBwwwyumRZRGGH8UMccCCVBRg8pfWfGDUjFQNN5nHGUgxky7BeDVjbUYJ8YZpgnRnbZ0ZADfvLRkJ1KNCQ1kkoU0hDGh2FwUcd3Mtgwxxt1yKGVgz1URsNlOvJoQxtltCFGgw_aoQUVZsgBhRJafCGGE0fkIAYbcMgwxBgzPOEEHlKUcUYMc8xwhRh04NFCGDfA0QQOaswAhxAySLHGF2aowQYMc4yhBBYtkIEGFXUg0cINZ2ghBBVLwIFFHUdYEUQZbDxBRR5RpDFHEXjI8UQYeqCRhxgoJTGFGmRQ4UQVa8TARgxGtFHFEEwE0cQTX5xRRRJESFFFGknC0CMcMfSwGGEz2BAWGc1lpEYYdqBBhgtpjFFHWPr9tQUMXagl5EI1uIBDGSLV8BCJC8HgQneQwdHGF3Ccq4O84Ikow0Ny2DGZDBVtZW-884qIWx1pZHSZjTbccOJSZZBRw0mXzdACDoGxWx4OSYVYQ0dl4BBWGpOJoJ0LOcjLngu19QTwFyhntHLLLrwcc1h1hJFRE2_okQYbbITxQrowgIACFjHEsAMITKThRh14gIAHSV_YQMPTAetw2rwpgHDEVmu88UJTMXyXdgwgGJGGHGWY8QYeL3wNA7hC6SCCE0-E9YYcX4yR9959P8TG4EU4MW0ZdnwBNxsUOfZRtDh8B_AZoekAIA6dHdS4GHIshENaInj-RRtvkLEZSRWRIccboj30hkKamzt3Hug-REYemdMhRx1lABz3br39FtwL12a7bbd1vBDWHRnNV3lYaESvrMwizBFwRq_TEQYdf7dQhxtp0BETDS6QIYPf2pMF2Eg33BBgy60PftAX6odFRxsU3dCUDC3zn2H2tz7W-E9ZAewRZ2DwEzI4rgx9-cL3-ve_BBqGcRJkA0LoQLstxOAG5YIInDJyEDMAhQ0TUcvh4gWZ1cCgDwoICA%3D%3D&s=5595909c6ccb6d23e69e73f1f646883db046a7a8e904a961fc959ae60afad71e1720290726&w=t&r=1&d=725&priv=true

144.76.197.134

200 OK

24 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zCyHeGFOjzA0cMlrAwGGDTAsaZGLYaCGGDAwxLWyUETMjTJkYYWbkmEFDxMMwdcZktFFSxhgyZmi0yCEDRpiTBVcalIHjJMowOMaUGSMmR5kcPiGSsUORxo0YOB7CqSNm4Y0cOW7Y-AkHzkIaNNDmeDgHzkQdNGbAqLFzrog2ff8GHpyjxo2HY9rY1UEYL4y9Ys0slPFYhBg3bhbOcJwDRw7Dbdxg1BFjhoymalOvPhujxoyHdWJkREOHDpw5Ol68OPPGReowfdu4GPOmzYs5bcLI8f0GzosxNnK0NgOjNgwYNByPeUlGDA7CN8qUpEHVRpgaNMbEkGEGBxn5TceEgeHeqRgZNcBwwwyumRZRGGH8UMccCCVBRg8pfWfGDUjFQNN5nHGUgxky7BeDVjbUYJ8YZpgnRnbZ0ZADfvLRkJ1KNCQ1kkoU0hDGh2FwUcd3Mtgwxxt1yKGVgz1URsNlOvJoQxtltCFGgw_aoQUVZsgBhRJafCGGE0fkIAYbcMgwxBgzPOEEHlKUcUYMc8xwhRh04NFCGDfA0QQOaswAhxAySLHGF2aowQYMc4yhBBYtkIEGFXUg0cINZ2ghBBVLwIFFHUdYEUQZbDxBRR5RpDFHEXjI8UQYeqCRhxgoJTGFGmRQ4UQVa8TARgxGtFHFEEwE0cQTX5xRRRJESFFFGknC0CMcMfSwGGEz2BAWGc1lpEYYdqBBhgtpjFFHWPr9tQUMXagl5EI1uIBDGSLV8BCJC8HgQneQwdHGF3Ccq4O84Ikow0Ny2DGZDBVtZW-884qIWx1pZHSZjTbccOJSZZBRw0mXzdACDoGxWx4OSYVYQ0dl4BBWGpOJoJ0LOcjLngu19QTwFyhntHLLLrwcc1h1hJFRE2_okQYbbITxQrowgIACFjHEsAMITKThRh14gIAHSV_YQMPTAetw2rwpgHDEVmu88UJTMXyXdgwgGJGGHGWY8QYeL3wNA7hC6SCCE0-E9YYcX4yR9959P8TG4EU4MW0ZdnwBNxsUOfZRtDh8B_AZoekAIA6dHdS4GHIshENaInj-RRtvkLEZSRWRIccboj30hkKamzt3Hug-REYemdMhRx1lABz3br39FtwL12a7bbd1vBDWHRnNV3lYaESvrMwizBFwRq_TEQYdf7dQhxtp0BETDS6QIYPf2pMF2Eg33BBgy60PftAX6odFRxsU3dCUDC3zn2H2tz7W-E9ZAewRZ2DwEzI4rgx9-cL3-ve_BBqGcRJkA0LoQLstxOAG5YIInDJyEDMAhQ0TUcvh4gWZ1cCgDwoICA%3D%3D&s=5595909c6ccb6d23e69e73f1f646883db046a7a8e904a961fc959ae60afad71e1720290726&w=t&r=1&d=725&priv=true
IP
144.76.197.134:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a

HTTP Headers

GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zCyHeGFOjzA0cMlrAwGGDTAsaZGLYaCGGDAwxLWyUETMjTJkYYWbkmEFDxMMwdcZktFFSxhgyZmi0yCEDRpiTBVcalIHjJMowOMaUGSMmR5kcPiGSsUORxo0YOB7CqSNm4Y0cOW7Y-AkHzkIaNNDmeDgHzkQdNGbAqLFzrog2ff8GHpyjxo2HY9rY1UEYL4y9Ys0slPFYhBg3bhbOcJwDRw7Dbdxg1BFjhoymalOvPhujxoyHdWJkREOHDpw5Ol68OPPGReowfdu4GPOmzYs5bcLI8f0GzosxNnK0NgOjNgwYNByPeUlGDA7CN8qUpEHVRpgaNMbEkGEGBxn5TceEgeHeqRgZNcBwwwyumRZRGGH8UMccCCVBRg8pfWfGDUjFQNN5nHGUgxky7BeDVjbUYJ8YZpgnRnbZ0ZADfvLRkJ1KNCQ1kkoU0hDGh2FwUcd3Mtgwxxt1yKGVgz1URsNlOvJoQxtltCFGgw_aoQUVZsgBhRJafCGGE0fkIAYbcMgwxBgzPOEEHlKUcUYMc8xwhRh04NFCGDfA0QQOaswAhxAySLHGF2aowQYMc4yhBBYtkIEGFXUg0cINZ2ghBBVLwIFFHUdYEUQZbDxBRR5RpDFHEXjI8UQYeqCRhxgoJTGFGmRQ4UQVa8TARgxGtFHFEEwE0cQTX5xRRRJESFFFGknC0CMcMfSwGGEz2BAWGc1lpEYYdqBBhgtpjFFHWPr9tQUMXagl5EI1uIBDGSLV8BCJC8HgQneQwdHGF3Ccq4O84Ikow0Ny2DGZDBVtZW-884qIWx1pZHSZjTbccOJSZZBRw0mXzdACDoGxWx4OSYVYQ0dl4BBWGpOJoJ0LOcjLngu19QTwFyhntHLLLrwcc1h1hJFRE2_okQYbbITxQrowgIACFjHEsAMITKThRh14gIAHSV_YQMPTAetw2rwpgHDEVmu88UJTMXyXdgwgGJGGHGWY8QYeL3wNA7hC6SCCE0-E9YYcX4yR9959P8TG4EU4MW0ZdnwBNxsUOfZRtDh8B_AZoekAIA6dHdS4GHIshENaInj-RRtvkLEZSRWRIccboj30hkKamzt3Hug-REYemdMhRx1lABz3br39FtwL12a7bbd1vBDWHRnNV3lYaESvrMwizBFwRq_TEQYdf7dQhxtp0BETDS6QIYPf2pMF2Eg33BBgy60PftAX6odFRxsU3dCUDC3zn2H2tz7W-E9ZAewRZ2DwEzI4rgx9-cL3-ve_BBqGcRJkA0LoQLstxOAG5YIInDJyEDMAhQ0TUcvh4gWZ1cCgDwoICA%3D%3D&s=5595909c6ccb6d23e69e73f1f646883db046a7a8e904a961fc959ae60afad71e1720290726&w=t&r=1&d=725&priv=true HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8; bfq=APeIECNCx5YZNW7kwJHDRhcWIsYU3BLjoYgyE2PckAFjxo0bMWQ47KMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/javascript
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d896617afe929
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334154&sub=44189

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334154&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334154&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2266898da7a9ab66.06904038479186596%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334156&sub=44189
X-Robots-Tag: noindex, follow

stripchat.webcam/checkUrl

104.17.117.12

200 OK

15 B

URL GET HTTP/2
stripchat.webcam/checkUrl
IP
104.17.117.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerLet's Encrypt
Subjectstripchat.webcam
Fingerprint63:30:0B:3B:CF:60:42:4B:9C:98:E0:67:F9:DA:00:44:7F:8B:B0:2E
ValiditySun, 30 Jun 2024 08:56:48 GMT - Sat, 28 Sep 2024 08:56:47 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5

HTTP Headers

GET /checkUrl HTTP/1.1
Host: stripchat.webcam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://creative.mnaspm.com
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=kupXdJxg8sqp.h2636.jh_qAfm.8Jnd1La4Co7o_.1M-1720290727-1.0.1.1-jYRveMUuqhEgm9.vf.9kdzLjsA9DQUwmWGq30EE_jaLjNxUzSB_7zHgwL_prRk_fC30JyWE6BS9vhlKVYh0tVePmk8oFXqcCTbBi3VHYgm4; path=/; expires=Sat, 06-Jul-24 19:02:07 GMT; domain=.stripchat.webcam; HttpOnly; Secure; SameSite=None
__cflb=02DiuGyDLPvii6XBe55W4fnWesJS32hqUztd1aTuiHCqA; SameSite=None; Secure; path=/; expires=Sun, 07-Jul-24 18:32:07 GMT; HttpOnly
server: cloudflare
cf-ray: 89f1acf7fa5d56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

javhd.icu/wp-content/uploads/2020/08/cropped-JAVHD-ICU-192x192.jpg

188.114.97.1

200 OK

4.3 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2020/08/cropped-JAVHD-ICU-192x192.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left, software=www.meitu.com], baseline, precision 8, 192x192, components 3
Size
4.3 kB (4330 bytes)
Hash
3f847d0d7422a66982e6507203df393a
61e0706ec90ed89380d98f206f2414f0ba0cb28d
07c619b5e9eb4dc7a53f6b2c53b0e7aefaea65c8d21711bf4e6cb893a5ccb306

HTTP Headers

GET /wp-content/uploads/2020/08/cropped-JAVHD-ICU-192x192.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726; dom3ic8zudi28v8lr6fgphwffqoz0j6c=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1; ts_popunder-cnt=0; ts_popunder=Sat%20Jul%2006%202024%2018%3A32%3A26%20GMT%2B0000%20(GMT); __PPU_CAIFRQ=ACzeRAAAAAAAAAAB; __PPU_CAIFRT=ACzeRAAAAABmiiDQ; __PPU_MTIFRQ=AD4XMQAAAAAAAAAB; __PPU_MTIFRT=AD4XMQAAAABmiiDQ; bnState_1872644={"impressions":1,"delayStarted":0}; pp_main_fd1bf261a2e6772cb538655c23839785=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: image/jpeg
content-length: 4330
last-modified: Wed, 26 Aug 2020 07:38:53 GMT
etag: "5f46118d-10ea"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 19056
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B78KAesX%2Fb%2FjdiVZhxxelIWtBZzqKARRLO1l1EbaPXiEUx%2F3%2Byzjf%2BE%2BWYEpc%2BaTZEXH%2FlmEv7iqguo%2B8R0SwCtNhfq2Kj%2FE2G0RkQE1QxtnetlSua3tu2c2S10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf8cab3b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/uploads/2020/08/cropped-JAVHD-ICU-32x32.jpg

188.114.97.1

200 OK

811 B

URL GET HTTP/3
javhd.icu/wp-content/uploads/2020/08/cropped-JAVHD-ICU-32x32.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left, software=www.meitu.com], baseline, precision 8, 32x32, components 3
Size
811 B (811 bytes)
Hash
e81bb9c2ddd600339ebe38c3fd88f4f2
3f615bf12523c8ff8a26bae2324d6199631e7fe1
55bfb728317e6287326c4e94d58d68562db5b9658010a60063ae2c1673069bc5

HTTP Headers

GET /wp-content/uploads/2020/08/cropped-JAVHD-ICU-32x32.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726; dom3ic8zudi28v8lr6fgphwffqoz0j6c=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1; ts_popunder-cnt=0; ts_popunder=Sat%20Jul%2006%202024%2018%3A32%3A26%20GMT%2B0000%20(GMT); __PPU_CAIFRQ=ACzeRAAAAAAAAAAB; __PPU_CAIFRT=ACzeRAAAAABmiiDQ; __PPU_MTIFRQ=AD4XMQAAAAAAAAAB; __PPU_MTIFRT=AD4XMQAAAABmiiDQ; bnState_1872644={"impressions":1,"delayStarted":0}; pp_main_fd1bf261a2e6772cb538655c23839785=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: image/jpeg
content-length: 811
last-modified: Wed, 26 Aug 2020 07:38:53 GMT
etag: "5f46118d-32b"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 16949
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ai8sbZJq1Upr%2BT6seueefAYPZxl1LTsguA1JtcuZ9K23v2kB4uJhz5Nnc7YN2DlN60tqVOy60QqGuMBX1MXJ2TGVQ26LDU5dLnLa%2BC%2BQl17OxegTutBxF3xybRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf8cab6b515-OSL
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/app/domain-checker/check-result

104.18.40.50

204 No Content

0 B

URL POST HTTP/3
go.mnaspm.com/app/domain-checker/check-result
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /app/domain-checker/check-result HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 239
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 06 Jul 2024 18:32:07 GMT
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89f1acf89d81b509-OSL
alt-svc: h3=":443"; ma=86400

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
17e9af99c9fed800d0e9050408fdfd30
42407a8c283e1b5c2ce915d95c90e3bcfc012360
8462f65acfd4f95068cbb3b56edd8f09290c3b7f34039d87780b3987474ffe76

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966bfbe4835
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334156&sub=44189

95.211.229.246

200 OK

2.9 kB

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334156&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
XML 1.0 document, ASCII text, with very long lines (1775)
Size
2.9 kB (2930 bytes)
Hash
82562081be2ffe55ef2e686b72a7f046
99c0aac74d858b2502af2499e31aa6afac8e5ba5
5cfab5060287a18845cf9873de19177e8bc56aeec3f6ae616205fd8478a1f7d0

HTTP Headers

GET /splash.php?idzone=5334156&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da7dcfcf0.082739222786911115%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C5334156%7C94549550%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C44189%7Cjavhd.icu%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1720290727%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C8aafd37fb06185e921ad3c246b7d91b7%7Cok%22%7D; expires=Sun, 07 Jul 2024 18:32:07 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
b16322290d6163323a8ecd3bcbe87ee6
fbd0d947b06719d0108b5026e54b65b6b9d0ee44
1fb3cd47203ba8fc3b4120769d74066a3bcbb0eebed9b8c2c83fb8f09dccdbdc

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
b16322290d6163323a8ecd3bcbe87ee6
fbd0d947b06719d0108b5026e54b65b6b9d0ee44
1fb3cd47203ba8fc3b4120769d74066a3bcbb0eebed9b8c2c83fb8f09dccdbdc

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DAAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89669cee6e3b
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 12
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 12
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=5334156&22148fbe1a4fbceeae7b0ec3093e91c7=tsVuZ8uHLpt4d9vDtq49PXPl64d9dlTlK8E.fnju88N3Tlu49emtqayWunDMos7XA3GxK9Yw85n0466oK3F35qq5WJHM5sYmJaa2dzU0muBthu1ymuCpynPxw5dOXTXA3PYzHBU.5Tn479u3Pprgbqgrcz48OPjh27a4G8ZpXM.vPn049e2uBtpitx6anDPrw8a4G2mJJ2IHpc.vHv47c.WuBu1imBiuCaXPz069PPXrw1wNzVZ8euuBtmma6pynPnrgbbctgacz4a4G2mKaYHKc.GuBuCqfPl159OmuqxnPp04.POu1iOxzPhu4cOHHXPYzHBU.5SvSxW5n34a57GY4Kn3KV2rKaXJWsM0TwNbTEk7ED0q7VlNLkrWGaJ4Gty9p9iV5xeuZeexmOCp9ynPjrcvafYlecXrmXlcrumpiz462G168J3M.PjW7NTIxXnrgblcrumpiz462prJa6cF5qYHoJWI8yiztb9dc6967s1NzFLbja7s1OeuBuemZuxqtdpitx6anDPj41z0wNQSvLyTNuR5.Nb9dc9WfHXU1S45KvS5VNHZXBNLnrsqcpXgbz4a7KY132Kn8.Pjwzx5cWO_fr36dGmG.XTxwbdZdZ4cOXPq3rgknpcqqgmlXqrYrsqz464JJ6XKqoJpV4JbWI4G16XGKppc.Gulx1ylyleqCtxd.aquViRzOFi19vdA1ZrYbZjmaiz4a4G5nXXKc.GuBuNiVuCV5edh5zPhrcvcasrgmlXrgkcz4buHHXA22xWw05LW5Tny1wNtMU0wOUr1TWUtOZ8Ncs1TVME9efDXBK1M9LBXMvJM25nw11uVVryTNuZ8NdLj0E0q7zk0rEji8DefDXPTNfgvVWxXZVnt464G52Ka5XKc.GtqCvBd5yaViRxeBvPnx6c.XTprlcrYasgrwXnpmvwXrwncz1yuVsNWQV4Lz0zX4LtuVNUwT1wTS562G2Y5mol7XKc9cEk9LlVUE0q7Eca8EtrEcDa9LjFU0tWfDXVYzyz4a6rGeefDXU1TBPWvXhO5nrqapgnrXlYkcz11NUwT1r2uU562aZrqnKV7XKc.Gu2nPhrglrcplYjz4a5Zl3bJW6s.GuBulyqeaWqC1xeNjCayvPhrgbksjrgxmlcz4a3JGII14Kp8.GupqmCetdtytiCPPtrqapgnrXtcpqgmlz464G2G7XKa4KnKV2G168J3M.XHXA3PTNfhnw1wNyuV3TUxL14TuZ8dcDbTEk7ED0q9eE7mfDXTWyvBLa5LXNTgvA3nrprZXgltclrmpwXlYkcz1xOYL2sR2OL8c.GuJzBe1iOxxflnw1xOYL2sR2OL88.GuJzBe1iOxxfpnw1xOYL2sR2OL9c.GuJzBe1iOxxftnw1xOYL2sR2OL98.GuJzBe1iOxxfxnw1xOYL2sR2OL.c.GuJzBe1iOxxfjwz4a2m5V7KmHnM.3Lp01s2Ux567KnKV2mJ54JXs9dlTlK7TE88Ery7tLlFjkrWGeu2yyBvPj35cOXnh35d.PPpw88OfHt27dvHnw2x3bcb889dcEjlVbEk.fHvy4cvPDvy762ppooHGppanJa8.MA-

95.211.229.246

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=5334156&22148fbe1a4fbceeae7b0ec3093e91c7=tsVuZ8uHLpt4d9vDtq49PXPl64d9dlTlK8E.fnju88N3Tlu49emtqayWunDMos7XA3GxK9Yw85n0466oK3F35qq5WJHM5sYmJaa2dzU0muBthu1ymuCpynPxw5dOXTXA3PYzHBU.5Tn479u3Pprgbqgrcz48OPjh27a4G8ZpXM.vPn049e2uBtpitx6anDPrw8a4G2mJJ2IHpc.vHv47c.WuBu1imBiuCaXPz069PPXrw1wNzVZ8euuBtmma6pynPnrgbbctgacz4a4G2mKaYHKc.GuBuCqfPl159OmuqxnPp04.POu1iOxzPhu4cOHHXPYzHBU.5SvSxW5n34a57GY4Kn3KV2rKaXJWsM0TwNbTEk7ED0q7VlNLkrWGaJ4Gty9p9iV5xeuZeexmOCp9ynPjrcvafYlecXrmXlcrumpiz462G168J3M.PjW7NTIxXnrgblcrumpiz462prJa6cF5qYHoJWI8yiztb9dc6967s1NzFLbja7s1OeuBuemZuxqtdpitx6anDPj41z0wNQSvLyTNuR5.Nb9dc9WfHXU1S45KvS5VNHZXBNLnrsqcpXgbz4a7KY132Kn8.Pjwzx5cWO_fr36dGmG.XTxwbdZdZ4cOXPq3rgknpcqqgmlXqrYrsqz464JJ6XKqoJpV4JbWI4G16XGKppc.Gulx1ylyleqCtxd.aquViRzOFi19vdA1ZrYbZjmaiz4a4G5nXXKc.GuBuNiVuCV5edh5zPhrcvcasrgmlXrgkcz4buHHXA22xWw05LW5Tny1wNtMU0wOUr1TWUtOZ8Ncs1TVME9efDXBK1M9LBXMvJM25nw11uVVryTNuZ8NdLj0E0q7zk0rEji8DefDXPTNfgvVWxXZVnt464G52Ka5XKc.GtqCvBd5yaViRxeBvPnx6c.XTprlcrYasgrwXnpmvwXrwncz1yuVsNWQV4Lz0zX4LtuVNUwT1wTS562G2Y5mol7XKc9cEk9LlVUE0q7Eca8EtrEcDa9LjFU0tWfDXVYzyz4a6rGeefDXU1TBPWvXhO5nrqapgnrXlYkcz11NUwT1r2uU562aZrqnKV7XKc.Gu2nPhrglrcplYjz4a5Zl3bJW6s.GuBulyqeaWqC1xeNjCayvPhrgbksjrgxmlcz4a3JGII14Kp8.GupqmCetdtytiCPPtrqapgnrXtcpqgmlz464G2G7XKa4KnKV2G168J3M.XHXA3PTNfhnw1wNyuV3TUxL14TuZ8dcDbTEk7ED0q9eE7mfDXTWyvBLa5LXNTgvA3nrprZXgltclrmpwXlYkcz1xOYL2sR2OL8c.GuJzBe1iOxxflnw1xOYL2sR2OL88.GuJzBe1iOxxfpnw1xOYL2sR2OL9c.GuJzBe1iOxxftnw1xOYL2sR2OL98.GuJzBe1iOxxfxnw1xOYL2sR2OL.c.GuJzBe1iOxxfjwz4a2m5V7KmHnM.3Lp01s2Ux567KnKV2mJ54JXs9dlTlK7TE88Ery7tLlFjkrWGeu2yyBvPj35cOXnh35d.PPpw88OfHt27dvHnw2x3bcb889dcEjlVbEk.fHvy4cvPDvy762ppooHGppanJa8.MA-
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /vregister.php?a=vimp&tracking_event=impression&idzone=5334156&22148fbe1a4fbceeae7b0ec3093e91c7=tsVuZ8uHLpt4d9vDtq49PXPl64d9dlTlK8E.fnju88N3Tlu49emtqayWunDMos7XA3GxK9Yw85n0466oK3F35qq5WJHM5sYmJaa2dzU0muBthu1ymuCpynPxw5dOXTXA3PYzHBU.5Tn479u3Pprgbqgrcz48OPjh27a4G8ZpXM.vPn049e2uBtpitx6anDPrw8a4G2mJJ2IHpc.vHv47c.WuBu1imBiuCaXPz069PPXrw1wNzVZ8euuBtmma6pynPnrgbbctgacz4a4G2mKaYHKc.GuBuCqfPl159OmuqxnPp04.POu1iOxzPhu4cOHHXPYzHBU.5SvSxW5n34a57GY4Kn3KV2rKaXJWsM0TwNbTEk7ED0q7VlNLkrWGaJ4Gty9p9iV5xeuZeexmOCp9ynPjrcvafYlecXrmXlcrumpiz462G168J3M.PjW7NTIxXnrgblcrumpiz462prJa6cF5qYHoJWI8yiztb9dc6967s1NzFLbja7s1OeuBuemZuxqtdpitx6anDPj41z0wNQSvLyTNuR5.Nb9dc9WfHXU1S45KvS5VNHZXBNLnrsqcpXgbz4a7KY132Kn8.Pjwzx5cWO_fr36dGmG.XTxwbdZdZ4cOXPq3rgknpcqqgmlXqrYrsqz464JJ6XKqoJpV4JbWI4G16XGKppc.Gulx1ylyleqCtxd.aquViRzOFi19vdA1ZrYbZjmaiz4a4G5nXXKc.GuBuNiVuCV5edh5zPhrcvcasrgmlXrgkcz4buHHXA22xWw05LW5Tny1wNtMU0wOUr1TWUtOZ8Ncs1TVME9efDXBK1M9LBXMvJM25nw11uVVryTNuZ8NdLj0E0q7zk0rEji8DefDXPTNfgvVWxXZVnt464G52Ka5XKc.GtqCvBd5yaViRxeBvPnx6c.XTprlcrYasgrwXnpmvwXrwncz1yuVsNWQV4Lz0zX4LtuVNUwT1wTS562G2Y5mol7XKc9cEk9LlVUE0q7Eca8EtrEcDa9LjFU0tWfDXVYzyz4a6rGeefDXU1TBPWvXhO5nrqapgnrXlYkcz11NUwT1r2uU562aZrqnKV7XKc.Gu2nPhrglrcplYjz4a5Zl3bJW6s.GuBulyqeaWqC1xeNjCayvPhrgbksjrgxmlcz4a3JGII14Kp8.GupqmCetdtytiCPPtrqapgnrXtcpqgmlz464G2G7XKa4KnKV2G168J3M.XHXA3PTNfhnw1wNyuV3TUxL14TuZ8dcDbTEk7ED0q9eE7mfDXTWyvBLa5LXNTgvA3nrprZXgltclrmpwXlYkcz1xOYL2sR2OL8c.GuJzBe1iOxxflnw1xOYL2sR2OL88.GuJzBe1iOxxfpnw1xOYL2sR2OL9c.GuJzBe1iOxxftnw1xOYL2sR2OL98.GuJzBe1iOxxfxnw1xOYL2sR2OL.c.GuJzBe1iOxxfjwz4a2m5V7KmHnM.3Lp01s2Ux567KnKV2mJ54JXs9dlTlK7TE88Ery7tLlFjkrWGeu2yyBvPj35cOXnh35d.PPpw88OfHt27dvHnw2x3bcb889dcEjlVbEk.fHvy4cvPDvy762ppooHGppanJa8.MA- HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D

185.76.9.17

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined&scr_info=YXN5bmN8fDM%3D
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined&scr_info=YXN5bmN8fDM%3D HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 06 Jul 2024 18:32:08 GMT
content-type: text/html
content-length: 548
x-77-nzt: EwwBuUwJDQH3DQAAAAwBuUwKCQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: c0a4cc28915eb261a88d896691105401
x-accel-expires: @1720290775
x-accel-date: 1720290715
x-77-cache: HIT
x-77-age: 13
server: CDN77-Turbo
x-accel-date-max: 1720290715
x-cache: HIT
x-age: 13
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

336 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type
JSON text data
Size
336 B (336 bytes)
Hash
b16322290d6163323a8ecd3bcbe87ee6
fbd0d947b06719d0108b5026e54b65b6b9d0ee44
1fb3cd47203ba8fc3b4120769d74066a3bcbb0eebed9b8c2c83fb8f09dccdbdc

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 334
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 06 Jul 2024 18:32:08 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189

185.76.9.17

200 OK

732 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
732 B (732 bytes)
Hash
77f3f5554803bae2e45938054a1e19ba
b53d6e297cf6a75a091313f213d20b4d2bc36b68
2348fee97316f868603e55e491acac4d9fb39487c7efe4827a7d3d65ba47f36e

HTTP Headers

GET /iframe.php?idzone=5335880&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 06 Jul 2024 18:44:26 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoMAffjJgAADAGckiEnAfdqAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89667f727036
x-accel-expires: @1720291466
x-accel-date: 1720280772
x-77-cache: HIT
x-77-age: 10061
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.js?idzone=5335880&size=300x250&sub=44189

185.76.9.17

200 OK

2.2 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5335880&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (4594), with no line terminators
Size
2.2 kB (2168 bytes)
Hash
f1532ef21109d79d95b33f3c4cdeb201
4aaf2d673a4f0bac69c84e428a75945788dd9960
2654f081693864f48673cc2409e3bca08f77fd5d7769f0f2c8278f965588c42d

HTTP Headers

GET /iframe.js?idzone=5335880&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"00063b8884f2b2f56e3dc259793"
expires: Thu, 04 Jul 2024 18:17:47 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoBAffjJgAADAGckiEnAfepBgAA
x-77-nzt-ray: c0a4cc28915eb261a78d896686335033
x-accel-expires: @1720291469
x-accel-date: 1720280772
x-77-cache: HIT
x-77-age: 9955
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd1bf261a2e6772cb538655c23839785&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd1bf261a2e6772cb538655c23839785&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF5:95:0F:2B:01:D6:36:49:AB:2E:61:76:F7:EC:A5:45:3D:F1:0E:59
ValidityTue, 21 May 2024 07:36:27 GMT - Mon, 19 Aug 2024 07:36:26 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd1bf261a2e6772cb538655c23839785&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 18:32:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 08b3216d8bce95bfbf8d7b1481388c45
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

a.magsrv.com/ad-provider.js

185.76.9.17

200 OK

214 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
214 kB (213950 bytes)
Hash
2dfd96c30aacb7990303b24434aff89f
778525e3938c63ba0e1995889e2b020904ee1a2b
fc36925838a05ea36dd93d5a28f6cabad4cc97c61d4205efa7334ca7ecdbf75b

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"18483d80947e14cf49f8c9ebbe3"
expires: Thu, 04 Jul 2024 18:06:20 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3+gUAAAwBuUwKEwH3OwMAAAwBJRPCNAH30wIAAA
x-77-nzt-ray: c0a4cc28915eb261a78d896619897031
x-accel-expires: @1720299997
x-accel-date: 1720289197
x-77-cache: HIT
x-77-age: 1530
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107130
x-cache: HIT
x-age: 1530
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.js?idzone=5335876&size=300x250&sub=44189

185.76.9.17

200 OK

1.2 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5335876&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
gzip compressed data, from Unix
Size
1.2 kB (1166 bytes)
Hash
3a440f420eeedeca0857c3aad69490be
91be094bfaad873f5740256a6b796398e4af348f
b1398ac46fd3a6578e5fc7e20dd8663fcf939c48a5b999aff0b8730c5a7986bc

HTTP Headers

GET /iframe.js?idzone=5335876&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"29ac3eb1b23a294bd594dc9f09d"
expires: Thu, 04 Jul 2024 18:17:44 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoBAffwIgAADAElE8IuAfdaBQAA
x-77-nzt-ray: c0a4cc28915eb261a78d89661434ee03
x-accel-expires: @1720292268
x-accel-date: 1720281783
x-77-cache: HIT
x-77-age: 8944
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

42 B

URL
aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text
Size
42 B (42 bytes)
Hash
f8f24fa0c857d8f2ee493e131b85ab62
cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6
e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f

HTTP Headers

GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:29 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/td?id=G-KNM6NMZPS3&v=3&t=t&pid=386862523&dl=javhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&tdp=G-KNM6NMZPS3;79135526;1;1;0&frm=0&pcid=_UA-152876315-1&z=0

142.250.74.168

204 No Content

0 B

URL GET HTTP/3
www.googletagmanager.com/td?id=G-KNM6NMZPS3&v=3&t=t&pid=386862523&dl=javhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&tdp=G-KNM6NMZPS3;79135526;1;1;0&frm=0&pcid=_UA-152876315-1&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /td?id=G-KNM6NMZPS3&v=3&t=t&pid=386862523&dl=javhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&tdp=G-KNM6NMZPS3;79135526;1;1;0&frm=0&pcid=_UA-152876315-1&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 06 Jul 2024 18:32:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ts.trafget.com/nw.php?subid=44189

172.67.128.119

200 OK

179 B

URL GET HTTP/2
ts.trafget.com/nw.php?subid=44189
IP
172.67.128.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?
Certificate
IssuerGoogle Trust Services LLC
Subjecttrafget.com
Fingerprint1A:BA:5D:DF:13:FB:83:84:1A:04:01:98:82:50:B0:82:EF:E9:3B:C8
ValidityMon, 03 Jun 2024 21:27:06 GMT - Sun, 01 Sep 2024 21:27:05 GMT

File type
ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
a93acb819eb64697e917e849126632af
8dc36e5c7f88ee86a44983e129b414dfbe87a0be
7d418d0a74b0cc049df346fca0fac550ca49a5217e9a960549fcf1c90763950a

HTTP Headers

GET /nw.php?subid=44189 HTTP/1.1
Host: ts.trafget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.8, PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BNaTBMf7%2BiFOvL4k0PoOK1%2Ba6Cxm4uWHhrzuhUaMZByZb6MiTv4xlaN1d66HiXg91TwfJtRXI8LNx%2BjXQZpYC1n8Ci1DrjfxGMka%2FzPbORpFkK2nycPNhv8l6qB6VWLlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1acee1a940b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

javhd.icu/wp-content/plugins/wp-easy-review/style.css?ver=1.3

188.114.97.1

200 OK

1.1 kB

URL GET HTTP/3
javhd.icu/wp-content/plugins/wp-easy-review/style.css?ver=1.3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
ASCII text, with very long lines (1095), with no line terminators
Size
1.1 kB (1095 bytes)
Hash
01d5f41f6c03f433d604c671a6bba008
23c902e9d53eed5b8ce4c4138f95fcf6d7a442f7
4cbb8eec852b76643c8373a5ae2ebd7058e7573aa16f0e810ded953a51f5975a

HTTP Headers

GET /wp-content/plugins/wp-easy-review/style.css?ver=1.3 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=1412
etag: W/"648ea996-584"
last-modified: Sun, 18 Jun 2023 06:52:06 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8FoyfMH3W8uUpwNZ3d7H8B4hrjm6%2F13ii8OO1R%2F3GkHXbd6UEj4ud0ijVYsRwoLL3RR38t8ym76Ee1pJP8ZYXn0TJY2Re0NUEhZ%2B4kN%2B2mnYbNd4oi83kh3Z98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7682fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s.magsrv.com/splash.php?idzone=5334150&sub=44189

95.211.229.246

302 Found

6.4 kB

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334150&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
6.4 kB (6356 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334150&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da78dde52.810419661544441102%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334152&sub=44189
X-Robots-Tag: noindex, follow

javhd.icu/wp-content/uploads/2024/06/JAV-HD-CAWD-656-Itou-Mayuki-360x240.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
javhd.icu/wp-content/uploads/2024/06/JAV-HD-CAWD-656-Itou-Mayuki-360x240.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
Size
28 kB (28099 bytes)
Hash
195b45d6eec64e850ae149b3507cac94
e60f85decf942bb7b1df0cacc127e92b2e199535
8c6ba32a9efc373408e06a57b1a6829ad2c7b75a7b9991424ef04826b0ebec5f

HTTP Headers

GET /wp-content/uploads/2024/06/JAV-HD-CAWD-656-Itou-Mayuki-360x240.jpg HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Cookie: _ga_KNM6NMZPS3=GS1.1.1720290725.1.0.1720290725.0.0.0; _ga=GA1.1.514908657.1720290726
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: image/jpeg
content-length: 28099
last-modified: Sat, 29 Jun 2024 09:37:41 GMT
etag: "667fd5e5-6dc3"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 12152
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OH92X5jMZ1au9j5NCsvxxirzQ45wFqGoPyGwKFf1lSwHfeBmEKXMqwqsvdufLbf9JHPQLRFSLdiUTU2Qfd7XvTjywj9ATfm5RikE8r%2Be6yR29aWXbKzq6EoGZHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acedacd7b515-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/assets/css/bootstrap.min.css?ver=1687070962

188.114.97.1

200 OK

160 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/css/bootstrap.min.css?ver=1687070962
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (159469 bytes)
Hash
39b15b4e3342acd0927de05e17ae7518
6747ed3671ebc8e475b3211464639380ae3cd0f2
a98de7f79af22bd534296f9a1779bc76876282d7e55b6e65975b9946b31f5f5b

HTTP Headers

GET /wp-content/themes/videotube/assets/css/bootstrap.min.css?ver=1687070962 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/css
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
vary: Accept-Encoding
etag: W/"648ea8f2-26eed"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJGKPYFvnX%2BmxiCxxd8VPegTtvJbB18At6%2Bppi2E6lXA3E7J2IwEIaS0Y%2FYIJjsK6pSyTWjht9KOTrmP6nWFO0al60W%2FVSIcEuC7zzmIBr927ZNYdyOzJsbcS8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7681bb515-OSL
alt-svc: h3=":443"; ma=86400

ts.trafget.com/nw.php?subid=44189

172.67.128.119

200 OK

179 B

URL GET HTTP/2
ts.trafget.com/nw.php?subid=44189
IP
172.67.128.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?
Certificate
IssuerGoogle Trust Services LLC
Subjecttrafget.com
Fingerprint1A:BA:5D:DF:13:FB:83:84:1A:04:01:98:82:50:B0:82:EF:E9:3B:C8
ValidityMon, 03 Jun 2024 21:27:06 GMT - Sun, 01 Sep 2024 21:27:05 GMT

File type
ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
a93acb819eb64697e917e849126632af
8dc36e5c7f88ee86a44983e129b414dfbe87a0be
7d418d0a74b0cc049df346fca0fac550ca49a5217e9a960549fcf1c90763950a

HTTP Headers

GET /nw.php?subid=44189 HTTP/1.1
Host: ts.trafget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.8, PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxWKsDtVC2h1YalR%2BI3T7PBvHvh2lXlfMxDIQYPs8Y6b%2BDvb7k15RRvoU03OopMyHs47NJyos9eijQ8X7x%2B%2BhxIeF%2BUWWhCLucLjomuFUkh2zmWtbG%2B9ItInPWG%2BvULtiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1acee1a8f0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

javhd.icu/wp-content/themes/videotube/assets/js/readmore.min.js?ver=1687070962

188.114.97.1

200 OK

4.0 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/js/readmore.min.js?ver=1687070962
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4209), with no line terminators
Size
4.0 kB (4041 bytes)
Hash
8f9b2357cba7ede53475844982141af2
f936bc2075713d341bc3ac2b4637667d99de60e1
353e26c23ddb7793d1082cb4762c7d90014050df19255698e0f18f2187b2bdae

HTTP Headers

GET /wp-content/themes/videotube/assets/js/readmore.min.js?ver=1687070962 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
vary: Accept-Encoding
etag: W/"648ea8f2-fc9"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HNBW%2FfMUXsN1noxp9ZPMYrRnCzmJlrJFVhj7OYNYT80TjWO%2FA9aRC7r1hAX9l45zqOLySW06xSdMHM52yv0nw5Q4QW0OZbH%2FgrZ0U3v68363Luralo1VR7DAlY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7887ab515-OSL
alt-svc: h3=":443"; ma=86400

a.magsrv.com/build-iframe-js-url.js?idzone=5335878

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335878
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
e331ba1c6a83acac3ae169ed0c778aae
ac9c4dcffcec6f9b290ce09e5b792e5a5b61a544
91eda1dd412d2c5ea6ee5c42a660705a891556f67df3dd9fea842cd10077185c

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335878 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"4b1178b34700aad1661e75122f7"
expires: Thu, 04 Jul 2024 18:06:23 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39gUAAAwBuUwKAQH38wUAAAwB1GY4EQH3ZAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966e994b227
x-accel-expires: @1720300000
x-accel-date: 1720289201
x-77-cache: HIT
x-77-age: 1526
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107206
x-cache: HIT
x-age: 1526
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/448451/87509dd9c0982731f9ed80f068d37e069dfd50a2.mp4

185.76.9.19

206 Partial Content

47 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/448451/87509dd9c0982731f9ed80f068d37e069dfd50a2.mp4
IP
185.76.9.19:443
ASN
#60068 Datacamp Limited

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
47 kB (46794 bytes)
Hash
1900d577f65b6659e244bee550caeba1
87509dd9c0982731f9ed80f068d37e069dfd50a2
001888f493493ead47379f00b38a115df332541502c062ba21b0593ad1eae7f3

HTTP Headers

GET /library/448451/87509dd9c0982731f9ed80f068d37e069dfd50a2.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: video/mp4
content-length: 46794
last-modified: Fri, 01 Mar 2024 20:06:15 GMT
etag: "65e23537-b6ca"
accept-ch: 
expires: Sat, 01 Mar 2025 20:40:01 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJDQH3QFCnAAwBuUwKEwH3RQAAAAgBJRPCNAGB
x-77-nzt-ray: c0a4cc285f5849a2a68d89664572d026
x-accel-expires: @1740861601
x-77-cache: HIT
x-accel-date: 1709325670
x-77-age: 10965056
server: CDN77-Turbo
x-accel-date-max: 1709325670
x-cache: HIT
x-age: 10965056
x-77-pop: stockholmSE
content-range: bytes 0-46793/46794
X-Firefox-Spdy: h2

javhd.icu/wp-content/themes/videotube/assets/webfonts/fa-regular-400.woff2

188.114.97.1

200 OK

14 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/webfonts/fa-regular-400.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13584, version 331.524
Size
14 kB (13584 bytes)
Hash
c20b5b7362d8d7bb7eddf94344ace33e
260bb01acd44d88dcb7f501a238ab968f86bef9e
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

HTTP Headers

GET /wp-content/themes/videotube/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://javhd.icu/wp-content/themes/videotube/assets/css/all.min.css?ver=6.5.5
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: font/woff2
content-length: 13584
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
etag: "648ea8f2-3510"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
cf-cache-status: HIT
age: 24736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvIACj4KpOu%2BY19Tfi2k%2FEmwi5IU2A9Fn9sF%2FMc%2BOwflfkWcHo8uw3m4Rt6OPa2q868ncrJ047c%2BcMsqDUhLsbwVkr9gL8xyWWLayua2JNnLDh%2FOoiOt1Agys7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1ace9bc63b515-OSL
alt-svc: h3=":443"; ma=86400

cdn.tsyndicate.com/sdk/v1/inpage.push.v2.css

45.133.44.70

200 OK

22 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/inpage.push.v2.css
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
FingerprintD1:BA:EE:F0:8D:8F:47:DF:CC:82:D6:69:8B:C5:E6:32:61:B2:10:52
ValiditySat, 08 Jun 2024 03:00:23 GMT - Fri, 06 Sep 2024 03:00:22 GMT

File type
ASCII text, with very long lines (21744), with no line terminators
Size
22 kB (21744 bytes)
Hash
b4ac1d9cb97e96cbe37dcc8baf27f734
0b6a51d6587380b8296a5fc8f7827040813e5f31
59e92e521ef354de958402f21a9f5a437965e047b554382274bc3af767974a49

HTTP Headers

GET /sdk/v1/inpage.push.v2.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8; bfq=APeIECNCx5YZNW7kwJHDRhcWIsYU3BLjoYgyE2PckAFjxo0bMWQ47KMg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/css
server: nginx
last-modified: Fri, 15 Mar 2024 13:15:06 GMT
etag: W/"65f449da-54f0"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:06 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

javhd.icu/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

188.114.97.1

200 OK

88 kB

URL GET HTTP/3
javhd.icu/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 20:45:36 GMT
vary: Accept-Encoding
etag: W/"654aa1f0-15601"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BS%2BSvJwSM7IsMBRoPmIKGVpIRsD0toatXrhl98cLUYhEhNfc8NXcor2XNfYAgVXqtJwpXiQfbLUjXFTRd97vi0g%2BkOK34lnwMW2nMpAuJufwvLieiimijAbXaZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace76836b515-OSL
alt-svc: h3=":443"; ma=86400

tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?

195.201.244.188

200 OK

7.9 kB

URL GET HTTP/2
tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?
IP
195.201.244.188:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
HTML document, ASCII text, with very long lines (7963), with no line terminators
Size
7.9 kB (7876 bytes)
Hash
350f0c47da2e10a7a61a2e9777c643ed
25cd24e0212bfc0e1e5fccb041a0fd046225b667
326cb05e06b3dd8a9d2393d873fbaf8aefbed0d8cfd84a3d4c8eaebcd3b5876f

HTTP Headers

GET /iframes2/63cea708f975413091091b186a90d4e7.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://acdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: f64414dd9252d787
set-cookie: ts_uid=beabf6a3-fbfd-4449-892a-49e1bf1b0e29; expires=Mon, 06 Jan 2025 18:32:05 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

javhd.icu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

188.114.97.1

200 OK

14 kB

URL GET HTTP/3
javhd.icu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
last-modified: Tue, 08 Aug 2023 20:45:41 GMT
vary: Accept-Encoding
etag: W/"64d2a975-3509"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfBmgwwnIQreOPT2KC02ZpIyP5yxI6pCYU33U7PkORfjhrar7txTCfjmYSDeVmcYriKhE9UJJyqqAptLfF1XmVV02sA66w3DXV0ygBkoyq5%2BoJxXn3XwJvQXXC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace76837b515-OSL
alt-svc: h3=":443"; ma=86400

3pkf5m0gd.com/get/2009932?zoneid=2009932&jp=_clyxc92c8syv9pu63l9075&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5&uf=0

212.117.190.201

200 OK

3.1 kB

URL GET HTTP/2
3pkf5m0gd.com/get/2009932?zoneid=2009932&jp=_clyxc92c8syv9pu63l9075&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint70:73:69:43:4D:B1:BF:B0:38:3A:37:4F:FE:52:FC:49:36:88:AD:7E
ValidityFri, 10 May 2024 15:27:38 GMT - Tue, 05 Nov 2024 22:59:00 GMT

File type
ASCII text, with very long lines (3442), with no line terminators
Size
3.1 kB (3090 bytes)
Hash
b9ec18f85fc031c8ae87775517fb378b
617d29cc1c6413e8d59bc6f44900945031275e56
ea937c94bdf73dd23c9d88b1f07ce70f8d9e50ce812ff028a4ea3f2c510abd3b

HTTP Headers

GET /get/2009932?zoneid=2009932&jp=_clyxc92c8syv9pu63l9075&nojs=0&abvar=0&febuild=1.0.285&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=2&pt=KtRbSyDSkFWJTIwSEQlMjBTTklTLTEwMyUyMEFvYmElMjBZdWklMjBQZWVpbmclMjBPZiUyMFNoeW5lc3MhJTIwSGlpcmFnaSUyME5vYTo6U05JUy0xMDMlMjBBb2JhJTIwWXVpJTIwUGVlaW5nJTIwT2YlMjBTaHluZXNzISUyMEhpaXJhZ2klMjBOb2E&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=1IiUOpKaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2Ev&afid=675690926503936&caifrq=ACzeRAAAAAAAAAAB&mtifrq=AD4XMQAAAAAAAAAB&eclog=0&im=1&cs=5&uf=0 HTTP/1.1
Host: 3pkf5m0gd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 09 Aug 2025 18:32:06 GMT; Secure; SameSite=None
UID=2407061332c74563ea33a14bf39eb9812de0; Path=/; Expires=Sat, 09 Aug 2025 18:32:06 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5335874

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335874
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
81e3e0fa9b3e05bfea931606f53d0025
c168a63e91a165aeda0e0d2279842628624057f3
4d0761f084c796b5860c7bd6d43eb4963a31a9ff0e03503dab7e64ff9c3c7066

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335874 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript
etag: W/"4d4e2e31f592dfa9db108b96a7d"
expires: Thu, 04 Jul 2024 18:06:19 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39QUAAAwBuUwKCQH3FQYAAAwBnJIhHwH3HwAAAA
x-77-nzt-ray: c0a4cc28915eb261a68d89668612ec36
x-accel-expires: @1720299996
x-accel-date: 1720289201
x-77-cache: HIT
x-77-age: 1525
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107167
x-cache: HIT
x-age: 1525
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

go.xxxjmp.com/api/models/ts?targetDomain=stripchat.com&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&memberId=kSy3QtpoA1sYQGtwJPEp-V6hgu4CAQU4tZlIo1iDbB_srfMz2kO9GKWkqhH9jAUmve21qQhrU7C1ITC5pKhyqEnxDfqUBMoNXtqL7TmiZIzY7AyLkeytJ2Q_gUIDRUi&p1=4306059&sourceId=547974&p2=3401168&tag=-girls%2Findian

172.64.147.206

200 OK

1.3 kB

URL GET HTTP/2
go.xxxjmp.com/api/models/ts?targetDomain=stripchat.com&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&memberId=kSy3QtpoA1sYQGtwJPEp-V6hgu4CAQU4tZlIo1iDbB_srfMz2kO9GKWkqhH9jAUmve21qQhrU7C1ITC5pKhyqEnxDfqUBMoNXtqL7TmiZIzY7AyLkeytJ2Q_gUIDRUi&p1=4306059&sourceId=547974&p2=3401168&tag=-girls%2Findian
IP
172.64.147.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectgo.xxxjmp.com
Fingerprint26:9F:65:73:DB:D0:66:42:2C:27:F5:39:E6:06:3C:9D:7A:D5:58:CE
ValidityThu, 30 May 2024 00:05:55 GMT - Wed, 28 Aug 2024 00:05:54 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1414), with no line terminators
Size
1.3 kB (1266 bytes)
Hash
d18380828b059d7f6a09bfb6ba0c3dd0
e4b41a8ab5ea68f8626ebbd4818a5775ab41154c
46c4d5649f08fe899180128b41e49cc45bca16fbc031c2a91107297a9d59d05b

HTTP Headers

GET /api/models/ts?targetDomain=stripchat.com&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&memberId=kSy3QtpoA1sYQGtwJPEp-V6hgu4CAQU4tZlIo1iDbB_srfMz2kO9GKWkqhH9jAUmve21qQhrU7C1ITC5pKhyqEnxDfqUBMoNXtqL7TmiZIzY7AyLkeytJ2Q_gUIDRUi&p1=4306059&sourceId=547974&p2=3401168&tag=-girls%2Findian HTTP/1.1
Host: go.xxxjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/json
access-control-allow-origin: https://javhd.icu
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89f1acefbf9b5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

javhd.icu/wp-content/themes/videotube/assets/js/jquery.cookie.js?ver=1687070962

188.114.97.1

200 OK

2.0 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/js/jquery.cookie.js?ver=1687070962
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1985), with no line terminators
Size
2.0 kB (1956 bytes)
Hash
b7459dae9cf89629ec79aa493c76527a
fee01448ffb8aa651ea7d928b4228ce9e99d87ab
cf0e055dba48793af47d32c4141edc64878018103e8e75e4a2fae60fa9770724

HTTP Headers

GET /wp-content/themes/videotube/assets/js/jquery.cookie.js?ver=1687070962 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=3121
etag: W/"648ea8f2-c31"
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohrHqwJp8Yz9YjmRwdhxU962gFxBnWFdcU%2FctA0dlIHf6ts9KuESL3XvfB1gih6PNoxugCDlC32QFmzVzp00l3cuGv8ap34aRA2x710pLdU0zRmEZg3LKf7KGto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace78873b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/assets/js/custom.js?ver=1687070962

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/js/custom.js?ver=1687070962
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1447)
Size
13 kB (12999 bytes)
Hash
5033edcf90f59d41de13d7a119e9b4b2
9aedda96bb66493ffefa8bdffc2c6d4cf4556599
da77bb7df295a679c72ccf0a325c370a9c89d333bdaadd0db8af952c57cbdb99

HTTP Headers

GET /wp-content/themes/videotube/assets/js/custom.js?ver=1687070962 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=20057
etag: W/"648ea8f2-4e59"
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ngwymhRoM5np2GfabLaUHiSd7Kkq3Y%2B9Vd9w250vCEEG0r9pBgkVo%2BlEUi8kac77gMDLvfipzygyTosYE6ZQqEyNHGmuNBdnhrfiP1VRJu7IW%2Fac292bLnBJot8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace78882b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

recordedthereby.com/sfp.js

188.114.97.1

200 OK

85 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subjectrecordedthereby.com
FingerprintA1:CB:3E:AF:CE:F5:E9:D2:26:FB:E2:D4:FE:4B:29:D2:B3:C9:AD:3B
ValiditySat, 06 Jul 2024 15:25:15 GMT - Fri, 04 Oct 2024 15:25:14 GMT

File type

Size
85 kB (85378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: 33a622d13c09f722362c6da17a9187b2
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2PshIGfxbfNKfGv278w46LfaHtaovrrIVzkDHGnrECRgz8ixRp3STqoB4thuLHjN6zT9Zw47k7Qk6%2B54imCVH8AZF%2BBmf2EILy%2FaVd0hblUQWfGy48926mFi2ngGTnWugZbII5q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf3abe3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.tsyndicate.com/sdk/v1/master.spot.js

45.133.44.70

200 OK

30 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/master.spot.js
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
FingerprintD1:BA:EE:F0:8D:8F:47:DF:CC:82:D6:69:8B:C5:E6:32:61:B2:10:52
ValiditySat, 08 Jun 2024 03:00:23 GMT - Fri, 06 Sep 2024 03:00:22 GMT

File type
JavaScript source, ASCII text, with very long lines (30352)
Size
30 kB (30440 bytes)
Hash
ea23c72d113c946dc4168bbc59770fa6
d010a52e85ef045e9ee59f4e1a08c7adc34ff445
2876e34d58db695abdddc66493b91e87d7eb99e7767a302d27909f2b0db254b6

HTTP Headers

GET /sdk/v1/master.spot.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 12 Jun 2024 11:31:23 GMT
etag: W/"6669870b-76e8"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:05 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

go.mnaspm.com/event/ml

104.18.40.50

200 OK

47 B

URL POST HTTP/3
go.mnaspm.com/event/ml
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type
ASCII text, with no line terminators
Size
47 B (47 bytes)
Hash
adbfcaa4081cdf9c291e6f67558ac20b
54211dbb8ab09529b46f178035e9a68feb78d006
58c9a442b2e516b2b431bb3538fe74f6510dd42314c907e410c53e4b2ea4ae3a

HTTP Headers

POST /event/ml HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 293
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89f1acf83cd4b509-OSL
alt-svc: h3=":443"; ma=86400

ts.trafget.com/nw.php?subid=44189

172.67.128.119

200 OK

179 B

URL GET HTTP/2
ts.trafget.com/nw.php?subid=44189
IP
172.67.128.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjecttrafget.com
Fingerprint1A:BA:5D:DF:13:FB:83:84:1A:04:01:98:82:50:B0:82:EF:E9:3B:C8
ValidityMon, 03 Jun 2024 21:27:06 GMT - Sun, 01 Sep 2024 21:27:05 GMT

File type
ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
a93acb819eb64697e917e849126632af
8dc36e5c7f88ee86a44983e129b414dfbe87a0be
7d418d0a74b0cc049df346fca0fac550ca49a5217e9a960549fcf1c90763950a

HTTP Headers

GET /nw.php?subid=44189 HTTP/1.1
Host: ts.trafget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.8, PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Vz6A2ukYnRjgAQ2XUqFYKjFQyohDvma9XTB24E%2FhRJQ2ap8iz0VMtCEIrJMbXqTwrOf90UBAEhPJ8Mv3R5DSRmy5KnD0BmS%2B72cKD%2FOtnWH0jAFivZxEnrcTecfvmLLYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1acf0aef20b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5335880

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335880
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
ef04e15a4c7763aec07ea95893300cee
3cd14669532cfdf6d55d4c700858095bd711c4f5
078383bd76eed5b931ccdc355950758f7e7ca915e4b323bdb80041db73dc7bd6

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335880 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"f1d8e0e5a5bd07cb0566b85f6e7"
expires: Thu, 04 Jul 2024 18:06:25 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQHX1gUAAAwBuUwKAQH35AUAAAwBisclxAH3mwAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966d97c633b
x-accel-expires: @1720300002
x-accel-date: 1720289233
x-77-cache: HIT
x-77-age: 1494
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107248
x-cache: HIT
x-age: 1494
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189

185.76.9.17

200 OK

275 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with no line terminators
Size
275 B (275 bytes)
Hash
108b8272495baec092e74ca21c00d4dc
9aab79a01b1085832446326df8cbfabcbe397a0e
bf61cb099ab14987aa2509f504f68473d32194851580b1806abf9e7330348b17

HTTP Headers

GET /iframe.php?idzone=5335876&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 06 Jul 2024 18:37:30 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoTAffjJgAADAElE8I0AfcJAgAA
x-77-nzt-ray: c0a4cc28915eb261a68d896673b7ea39
x-accel-expires: @1720291050
x-accel-date: 1720280771
x-77-cache: HIT
x-77-age: 10476
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

cdn.tsyndicate.com/sdk/v1/p.js

45.133.44.70

200 OK

9.6 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/p.js
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
FingerprintD1:BA:EE:F0:8D:8F:47:DF:CC:82:D6:69:8B:C5:E6:32:61:B2:10:52
ValiditySat, 08 Jun 2024 03:00:23 GMT - Fri, 06 Sep 2024 03:00:22 GMT

File type
JavaScript source, ASCII text, with very long lines (9914), with no line terminators
Size
9.6 kB (9579 bytes)
Hash
80d5994a62b95bdb71b48a8cdc49f25d
98b2696b786639404cb785f0269188ddce349e5b
2b4d201b3cf2d8472389f8035a077671117c07c2b799872f3b346b6a227d4045

HTTP Headers

GET /sdk/v1/p.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 15 Mar 2024 12:34:32 GMT
etag: W/"65f44058-256b"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:05 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5335878

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335878
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
e331ba1c6a83acac3ae169ed0c778aae
ac9c4dcffcec6f9b290ce09e5b792e5a5b61a544
91eda1dd412d2c5ea6ee5c42a660705a891556f67df3dd9fea842cd10077185c

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335878 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"4b1178b34700aad1661e75122f7"
expires: Thu, 04 Jul 2024 18:06:23 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39gUAAAwBuUwKAQH38wUAAAwB1GY4EQH3ZAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89669eed3218
x-accel-expires: @1720300000
x-accel-date: 1720289201
x-77-cache: HIT
x-77-age: 1526
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107206
x-cache: HIT
x-age: 1526
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

javhd.icu/wp-content/themes/videotube/assets/css/all.min.css?ver=6.5.5

188.114.97.1

200 OK

59 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/css/all.min.css?ver=6.5.5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
ASCII text, with very long lines (58392)
Size
59 kB (58578 bytes)
Hash
76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

HTTP Headers

GET /wp-content/themes/videotube/assets/css/all.min.css?ver=6.5.5 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/css
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
vary: Accept-Encoding
etag: W/"648ea8f2-e4d2"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45BOq9GOW7ZfN8gF847dL2Kt6mFEC2dw5%2FdoA8WKZe5vsupKMRxCUlHIeXa1EDMZSpGMLKF6ioh88w0jwJjhsOr11TJG0E%2BWf2wvwqTu9qMOOHHZLTRC6TW5T50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7681eb515-OSL
alt-svc: h3=":443"; ma=86400

a.magsrv.com/build-iframe-js-url.js?idzone=5335874

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335874
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
81e3e0fa9b3e05bfea931606f53d0025
c168a63e91a165aeda0e0d2279842628624057f3
4d0761f084c796b5860c7bd6d43eb4963a31a9ff0e03503dab7e64ff9c3c7066

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335874 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript
etag: W/"4d4e2e31f592dfa9db108b96a7d"
expires: Thu, 04 Jul 2024 18:06:19 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39QUAAAwBuUwKCQH3FQYAAAwBnJIhHwH3HwAAAA
x-77-nzt-ray: c0a4cc28915eb261a68d896625224f1e
x-accel-expires: @1720299996
x-accel-date: 1720289201
x-77-cache: HIT
x-77-age: 1525
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107167
x-cache: HIT
x-age: 1525
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189

185.76.9.17

200 OK

275 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with no line terminators
Size
275 B (275 bytes)
Hash
108b8272495baec092e74ca21c00d4dc
9aab79a01b1085832446326df8cbfabcbe397a0e
bf61cb099ab14987aa2509f504f68473d32194851580b1806abf9e7330348b17

HTTP Headers

GET /iframe.php?idzone=5335876&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 06 Jul 2024 18:37:30 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoTAffkJgAADAElE8I0AfcJAgAA
x-77-nzt-ray: c0a4cc28915eb261a78d89667c22910f
x-accel-expires: @1720291050
x-accel-date: 1720280771
x-77-cache: HIT
x-77-age: 10477
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

javhd.icu/wp-content/plugins/wp-easy-review/scripts.js?ver=1.0

188.114.97.1

200 OK

672 B

URL GET HTTP/3
javhd.icu/wp-content/plugins/wp-easy-review/scripts.js?ver=1.0
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (678), with no line terminators
Size
672 B (672 bytes)
Hash
23ab00bd8c89c56025b4e649261aa457
1fd5b015235ac256c01f7a93eb7c8f93be7a9efd
2c8b271442ed2a963ce381165d3a7824180a37446dd9444b1bdcfd4b055439d3

HTTP Headers

GET /wp-content/plugins/wp-easy-review/scripts.js?ver=1.0 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=1029
etag: W/"648ea996-405"
last-modified: Sun, 18 Jun 2023 06:52:06 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMlddrT%2BX9e9YtQw1gb805yT%2Bkwpq6USIh353xkR8RnYFy%2BF6bCtBvaJVe4k57jVG6nZUIrrvf6irE9P5ThPu8SmxugRwAVtifnA19xF%2BbR9C3hq00bAGbf%2FKD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace78883b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/app/domain-checker/get-check

104.18.40.50

200 OK

199 B

URL POST HTTP/3
go.mnaspm.com/app/domain-checker/get-check
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type
ASCII text, with no line terminators
Size
199 B (199 bytes)
Hash
9c214b89a8d76d97918e102f2b03411f
2741cbf3fae854e25f6f059b7c53ba2c667264a5
e32d09e78c991b0ddc32ad02babf5d942a0b79bfb07c5a04a668cbcf6250995b

HTTP Headers

POST /app/domain-checker/get-check HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89f1acf71ab8b509-OSL
alt-svc: h3=":443"; ma=86400

a.magsrv.com/build-iframe-js-url.js?idzone=5335880

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335880
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
ef04e15a4c7763aec07ea95893300cee
3cd14669532cfdf6d55d4c700858095bd711c4f5
078383bd76eed5b931ccdc355950758f7e7ca915e4b323bdb80041db73dc7bd6

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335880 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"f1d8e0e5a5bd07cb0566b85f6e7"
expires: Thu, 04 Jul 2024 18:06:25 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQHX1gUAAAwBuUwKAQH35AUAAAwBisclxAH3mwAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966eeb76a31
x-accel-expires: @1720300002
x-accel-date: 1720289233
x-77-cache: HIT
x-77-age: 1494
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107248
x-cache: HIT
x-age: 1494
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

javhd.icu/wp-content/themes/videotube/assets/js/bootstrap.min.js?ver=1687070962

188.114.97.1

200 OK

60 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/js/bootstrap.min.js?ver=1687070962
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (59729)
Size
60 kB (59968 bytes)
Hash
4cfcd9ef665ac4f7b0a0164943fafc41
8bf0a31c56a8f04247d966cb121643e05f48f7d0
03ace13cf97c2b8a48d4f158222cce6c201ba7c88615c489043ca8c2acc8fdc1

HTTP Headers

GET /wp-content/themes/videotube/assets/js/bootstrap.min.js?ver=1687070962 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
vary: Accept-Encoding
etag: W/"648ea8f2-ea40"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGA7682pY56e4306RPMWg%2BnuASSeoHSFg%2FqvfMHzK4X66179pR0myleeK%2FH1kVrhsZvnaIr6PveSnphK2sOAAjI06jSUKuo7iIyCDSKRZ5OETnJP7cLOwKU69hs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7886eb515-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1

104.18.40.50

200 OK

811 B

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type
HTML document, ASCII text, with very long lines (872), with no line terminators
Size
811 B (811 bytes)
Hash
bfba994423519b255545061ffe1b286e
6ed54eb436dbd78f75550486059e7b341fffc44f
42c9e8f1c9ab740aebcddd23c9704aed0928731bb61a457cb7f6242cdd25221e

HTTP Headers

GET /widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1 HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html
last-modified: Mon, 01 Jul 2024 07:26:52 GMT
expires: Sat, 06 Jul 2024 18:32:10 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age":  1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf218a1b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.magsrv.com/build-iframe-js-url.js?idzone=5335878

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335878
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
e331ba1c6a83acac3ae169ed0c778aae
ac9c4dcffcec6f9b290ce09e5b792e5a5b61a544
91eda1dd412d2c5ea6ee5c42a660705a891556f67df3dd9fea842cd10077185c

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335878 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335878&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"4b1178b34700aad1661e75122f7"
expires: Thu, 04 Jul 2024 18:06:23 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39gUAAAwBuUwKAQH38wUAAAwB1GY4EQH3ZAAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d89662d23d81b
x-accel-expires: @1720300000
x-accel-date: 1720289201
x-77-cache: HIT
x-77-age: 1526
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107206
x-cache: HIT
x-age: 1526
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5335876

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335876
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
b06b6cb17c578ad393ecafbd80098fb9
5bc2222fe6c5e3e64a93ce1d3956f55ce59fbddd
eb8d78439e6e3120647df4b5387e1a373556262948954f89fcf96f42ac25702e

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335876 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"d1c1c9c8e775953bc6458627ba5"
expires: Thu, 04 Jul 2024 18:06:23 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39AUAAAwBuUwKDAH31wUAAAwBJRPCMQH3YwAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966f86f1305
x-accel-expires: @1720300000
x-accel-date: 1720289203
x-77-cache: HIT
x-77-age: 1524
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107177
x-cache: HIT
x-age: 1524
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.load&eid=11&u=AgAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.load&eid=11&u=AgAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtm.load&eid=11&u=AgAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:08 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

javhd.icu/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5

188.114.97.1

200 OK

113 kB

URL GET HTTP/3
javhd.icu/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type

Size
113 kB (113381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.5 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/css
last-modified: Tue, 02 Apr 2024 20:45:37 GMT
vary: Accept-Encoding
etag: W/"660c6e71-1bae5"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmFokUlQGmUxjoymYdp8PzilDUpm%2FlYlI8hH3mZwNGoa%2BTaCAoGnVK5Z6FaPsboSIZturAjx2ZEU3UoAuRHwIRuaMU8Bg%2FmmaB6RMsRXSVmcivHgM84LIU8soc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace76819b515-OSL
alt-svc: h3=":443"; ma=86400

s.magsrv.com/splash.php?idzone=5334148&sub=44189

95.211.229.246

302 Found

6.4 kB

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334148&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
6.4 kB (6356 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334148&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da77ff229.441215892667239154%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334150&sub=44189
X-Robots-Tag: noindex, follow

img.strpst.com/thumbs/1720290630/124968960_webp

104.17.11.106

200 OK

17 kB

URL GET HTTP/2
img.strpst.com/thumbs/1720290630/124968960_webp
IP
104.17.11.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp
Size
17 kB (17036 bytes)
Hash
ddb4e0cde6fdee1b32a140389ea1fb56
cdfd5baac376d805946b25bfbc305b401743a41e
8c43c5d45f9c6e6e88e0162ed4052608cbb56d0dd8c7c3a5e79fb7fa2c238721

HTTP Headers

GET /thumbs/1720290630/124968960_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: image/webp
content-length: 17036
etag: "ddb4e0cde6fdee1b32a140389ea1fb56"
last-modified: Sat, 06 Jul 2024 18:29:37 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 75
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf6c8e90b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189

185.76.9.17

200 OK

275 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
HTML document, ASCII text, with no line terminators
Size
275 B (275 bytes)
Hash
108b8272495baec092e74ca21c00d4dc
9aab79a01b1085832446326df8cbfabcbe397a0e
bf61cb099ab14987aa2509f504f68473d32194851580b1806abf9e7330348b17

HTTP Headers

GET /iframe.php?idzone=5335876&size=300x250&sub=44189 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 06 Jul 2024 18:37:30 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBDAG5TAoTAffjJgAADAElE8I0AfcJAgAA
x-77-nzt-ray: c0a4cc28915eb261a68d896682219a38
x-accel-expires: @1720291050
x-accel-date: 1720280771
x-77-cache: HIT
x-77-age: 10476
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

cdn.tsyndicate.com/sdk/v1/video.instant.message.v2.css

45.133.44.70

200 OK

5.5 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/video.instant.message.v2.css
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
FingerprintD1:BA:EE:F0:8D:8F:47:DF:CC:82:D6:69:8B:C5:E6:32:61:B2:10:52
ValiditySat, 08 Jun 2024 03:00:23 GMT - Fri, 06 Sep 2024 03:00:22 GMT

File type
ASCII text, with very long lines (5514), with no line terminators
Size
5.5 kB (5506 bytes)
Hash
ca1e778ea5239541bf061652961ae6a3
f1b8469e336642101fc51aa1684dee3d9af904ef
0e0beba2e7e32eef8c30243ff996c375c0da3703e622d1d3d461cd47b0f0c753

HTTP Headers

GET /sdk/v1/video.instant.message.v2.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8; bfq=APeIECNCx5YZNW7kwJHDRhcWIsYU3BLjoYgyE2PckAFjxo0bMWQ47KMg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/css
server: nginx
last-modified: Fri, 21 Jun 2024 13:30:20 GMT
etag: W/"6675806c-1582"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:07 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334146&sub=44189

95.211.229.246

302 Found

6.4 kB

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334146&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
6.4 kB (6356 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334146&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da76eabb5.741461033150730518%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:07 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334148&sub=44189
X-Robots-Tag: noindex, follow

accompanimentachyjustified.com/fd/1b/f2/fd1bf261a2e6772cb538655c23839785.js

172.240.127.234

200 OK

84 kB

URL GET HTTP/1.1
accompanimentachyjustified.com/fd/1b/f2/fd1bf261a2e6772cb538655c23839785.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectaccompanimentachyjustified.com
Fingerprint0D:4F:F9:C8:33:C1:17:07:5C:6F:DF:E4:C6:AF:A0:F6:C4:A8:5A:F3
ValidityMon, 01 Jul 2024 15:38:04 GMT - Sun, 29 Sep 2024 15:38:03 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84188 bytes)
Hash
0ad1181bce3501612ee4480f626257e9
cf160936dcb6b79a13b308e2573a2dd16607e854
493a24ae15a2e0760c1e8a522f8cd53f084c6d15fa89c4838d2bcab3639b2b54

HTTP Headers

GET /fd/1b/f2/fd1bf261a2e6772cb538655c23839785.js HTTP/1.1
Host: accompanimentachyjustified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 12bee21108ee5e0b6e7acee61c924f8e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

go.mnaspm.com/config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26campaignId%3Dc6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa%26campaignType%3Dsmartpop%26creativeId%3Daaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877%26iterationId%3D888231%26masterSmartpopId%3D1605%26memberId%3DvZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi%26mlView%3D1%26noc%3D1%26p1%3D4305936%26quality%3D240p%26ruleId%3D3%26smartpopId%3D1062%26sourceId%3D594409%26tag%3Dgirls%26usePreroll%3D0%26userId%3Dd100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca%26variationId%3D33630%26webp%3D1

104.18.40.50

200 OK

6.9 kB

URL GET HTTP/3
go.mnaspm.com/config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26campaignId%3Dc6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa%26campaignType%3Dsmartpop%26creativeId%3Daaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877%26iterationId%3D888231%26masterSmartpopId%3D1605%26memberId%3DvZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi%26mlView%3D1%26noc%3D1%26p1%3D4305936%26quality%3D240p%26ruleId%3D3%26smartpopId%3D1062%26sourceId%3D594409%26tag%3Dgirls%26usePreroll%3D0%26userId%3Dd100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca%26variationId%3D33630%26webp%3D1
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type
ASCII text, with very long lines (9096), with no line terminators
Size
6.9 kB (6918 bytes)
Hash
5ddc1991b2e097c759118f0d8836082f
20916a586a25245f9484d0989e82d91a7c53417c
eb2be68483cb2396e27d78d5ce5602cb336dd0912049969b493cd794b7f8987d

HTTP Headers

GET /config?url=https%3A%2F%2Fcreative.mnaspm.com%2Fwidgets%2Fv4%2FUniversal%3Faction%3DsbSignupWithModel%26campaignId%3Dc6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa%26campaignType%3Dsmartpop%26creativeId%3Daaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877%26iterationId%3D888231%26masterSmartpopId%3D1605%26memberId%3DvZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi%26mlView%3D1%26noc%3D1%26p1%3D4305936%26quality%3D240p%26ruleId%3D3%26smartpopId%3D1062%26sourceId%3D594409%26tag%3Dgirls%26usePreroll%3D0%26userId%3Dd100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca%26variationId%3D33630%26webp%3D1 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/
Origin: https://creative.mnaspm.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-encoding: gzip
last-modified: Sat, 06 Jul 2024 18:32:07 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf50e97b509-OSL
alt-svc: h3=":443"; ma=86400

javhd.icu/fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

188.114.97.1

200 OK

23 kB

URL GET HTTP/3
javhd.icu/fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: font/woff2
content-length: 23040
cf-ray: 89f1ace9ac60b515-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 11095
cache-control: public, max-age=28800
last-modified: Tue, 02 May 2023 15:07:25 GMT
cf-apo-via: proxy
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfB5DmHmiUGgw0OCjBZw217awevmVH9nlS8ppgSR9QoV0kHl8aT%2FKMTIYKZY%2Fa0n9OicnLUjG%2B5l%2BDNqpuIuUi08%2BQDYPTCz%2FQdMknyu%2BX%2BnQTj2lZLyZTsu7j8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

a.magsrv.com/build-iframe-js-url.js?idzone=5335874

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335874
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
81e3e0fa9b3e05bfea931606f53d0025
c168a63e91a165aeda0e0d2279842628624057f3
4d0761f084c796b5860c7bd6d43eb4963a31a9ff0e03503dab7e64ff9c3c7066

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335874 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335874&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript
etag: W/"4d4e2e31f592dfa9db108b96a7d"
expires: Thu, 04 Jul 2024 18:06:19 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39QUAAAwBuUwKCQH3FQYAAAwBnJIhHwH3HwAAAA
x-77-nzt-ray: c0a4cc28915eb261a68d8966ba5e331a
x-accel-expires: @1720299996
x-accel-date: 1720289201
x-77-cache: HIT
x-77-age: 1525
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107167
x-cache: HIT
x-age: 1525
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?

195.201.244.188

200 OK

7.8 kB

URL GET HTTP/2
tsyndicate.com/iframes2/63cea708f975413091091b186a90d4e7.html?
IP
195.201.244.188:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
HTML document, ASCII text, with very long lines (7923), with no line terminators
Size
7.8 kB (7836 bytes)
Hash
770b55537689fc850bd87661d9523e3d
6a61540b9473b4c90a719686df6c62a07e18426d
efc1151b2315eb22b2cdb83830953ab203cd16e03e80f5c6915c6ee0a69862fd

HTTP Headers

GET /iframes2/63cea708f975413091091b186a90d4e7.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://acdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 119140731412c4f3
set-cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8; expires=Mon, 06 Jan 2025 18:32:05 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

javhd.icu/wp-content/themes/videotube/assets/js/jquery.appear.js?ver=1687070962

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/js/jquery.appear.js?ver=1687070962
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1821), with no line terminators
Size
1.8 kB (1812 bytes)
Hash
769119fe6ea9ac453f031845840a373a
8d4d030b55da4a25d5bd0787c6d93d5f9ef8d3a8
aaa7cf81be0175aa2b367c1fdd27aac2b6a3fa03360634a773c5396309c8b517

HTTP Headers

GET /wp-content/themes/videotube/assets/js/jquery.appear.js?ver=1687070962 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=2762
etag: W/"648ea8f2-aca"
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RsKIbV1pOycZLvyS9fVTenYNekODF6ZY%2FJ5tz4IsdF65CdEnbGwMGqD1rNY3Fm017Hg7HYps0cgIGzDdw9WO1ZTZEYXhas%2BtvOVT82l%2FCnnmRwRC6K%2BNrAjGqOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7887bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

javhd.icu/wp-content/themes/videotube/assets/css/solid.min.css?ver=6.5.5

188.114.97.1

200 OK

669 B

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/assets/css/solid.min.css?ver=6.5.5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
ASCII text, with very long lines (687), with no line terminators
Size
669 B (669 bytes)
Hash
3d7bd05952587e42b0bce6234eeced1f
409331d185f650d50cf80886592565fc4070d984
36e0a5dfdb49f3315ff4676956d150f0560b4d1909865b274df20c72a2c2d42f

HTTP Headers

GET /wp-content/themes/videotube/assets/css/solid.min.css?ver=6.5.5 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/css
last-modified: Sun, 18 Jun 2023 06:49:22 GMT
vary: Accept-Encoding
etag: W/"648ea8f2-29d"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rQ5gQWWh3Fxi%2F8dNoVtlIWnWGJrSDIRf4XADMCPFbQEXonCSyYKij3CIK4DXDn%2BTEK%2B9kRgPMPid264m1id5l90JsvFI9KI1iquk4xszcyWGVR9CjG8MACC4Wg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace76825b515-OSL
alt-svc: h3=":443"; ma=86400

creative.mnaspm.com/widgets/v4/Universal/main.1141b83260ebcd99a9da.css

104.18.40.50

200 OK

14 kB

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/main.1141b83260ebcd99a9da.css
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type
ASCII text, with very long lines (13998), with no line terminators
Size
14 kB (13998 bytes)
Hash
b24806715c63d183f154aeaeacf83c61
5dbd3859160547e9677962f31a77003a1dfc3f55
a20aa876b625a1ba3be7a96868cb8fd89340e32418def0489540bfe6713a3c35

HTTP Headers

GET /widgets/v4/Universal/main.1141b83260ebcd99a9da.css HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: text/css
last-modified: Mon, 01 Jul 2024 07:28:16 GMT
etag: W/"66825a90-36ae"
expires: Sat, 06 Jul 2024 18:32:13 GMT
cache-control: max-age=10
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf3abd6b509-OSL
alt-svc: h3=":443"; ma=86400

creative.mnaspm.com/widgets/v4/Universal/lang/en.json

104.18.40.50

200 OK

172 B

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/lang/en.json
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type
ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
402f4a06b5dcf96d25dd4ff1f840784b
edebb253af01ef1882f424ee6278368485898d62
bd570b38d9d687c593545a7b250570605c601381f3d3d5263346b295e12a55ba

HTTP Headers

GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/json
last-modified: Mon, 01 Jul 2024 07:26:52 GMT
etag: W/"66825a3c-ac"
expires: Sat, 06 Jul 2024 18:32:03 GMT
cache-control: max-age=10
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 9
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf50e92b509-OSL
alt-svc: h3=":443"; ma=86400

go.mnaspm.com/abc.gif?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&thumbSizeKey=big&language=en&thumbFit=cover&stripcashR=0&thumbType=default&kbLimit=0&abTest=widgetv4universal_ab_base_ml_rec_5&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fjavhd.icu%2F&i=0&ib=0&abTestVariant=widgetv4universal_ab_base_ml_rec_5_recommended_1&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A697%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A506%2C%22duration%22%3A53%2C%22transferSize%22%3A5361%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A507%2C%22duration%22%3A80%2C%22transferSize%22%3A100801%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A900%2C%22duration%22%3A0%7D%5D&mh=2046405733

104.18.40.50

200 OK

0 B

URL GET HTTP/3
go.mnaspm.com/abc.gif?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&thumbSizeKey=big&language=en&thumbFit=cover&stripcashR=0&thumbType=default&kbLimit=0&abTest=widgetv4universal_ab_base_ml_rec_5&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fjavhd.icu%2F&i=0&ib=0&abTestVariant=widgetv4universal_ab_base_ml_rec_5_recommended_1&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A697%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A506%2C%22duration%22%3A53%2C%22transferSize%22%3A5361%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A507%2C%22duration%22%3A80%2C%22transferSize%22%3A100801%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A900%2C%22duration%22%3A0%7D%5D&mh=2046405733
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /abc.gif?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&thumbSizeKey=big&language=en&thumbFit=cover&stripcashR=0&thumbType=default&kbLimit=0&abTest=widgetv4universal_ab_base_ml_rec_5&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=2&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fjavhd.icu%2F&i=0&ib=0&abTestVariant=widgetv4universal_ab_base_ml_rec_5_recommended_1&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A697%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A506%2C%22duration%22%3A53%2C%22transferSize%22%3A5361%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A507%2C%22duration%22%3A80%2C%22transferSize%22%3A100801%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A900%2C%22duration%22%3A0%7D%5D&mh=2046405733 HTTP/1.1
Host: go.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: image/gif
content-length: 103
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89f1acf699afb509-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=4&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=4&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintBA:5D:A9:7F:41:46:B0:37:01:9E:05:B0:92:BA:41:C9:31:5B:4B:4A
ValidityThu, 13 Jun 2024 15:27:14 GMT - Thu, 05 Sep 2024 15:27:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-KNM6NMZPS3&v=3&t=t&pid=1866307994&cv=1&rv=4730&tc=14&tag_exp=0&es=1&e=gtag.config&eid=4&u=AAAAAAAAAAAAAIAAAAAAAAE&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

javhd.icu/wp-content/themes/videotube/style.css?ver=1687077852

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
javhd.icu/wp-content/themes/videotube/style.css?ver=1687077852
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type
ASCII text, with very long lines (25467), with no line terminators
Size
26 kB (25467 bytes)
Hash
1863ec9e64485f5baf99d78fa6e0cb0f
3ed3859911b537c906ddc7f5597cdbf72291417b
57dec3102b3cd5d16d4b1be46a62da636b4aaa8018f596404a09c942583e8ceb

HTTP Headers

GET /wp-content/themes/videotube/style.css?ver=1687077852 HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=31723
etag: W/"648ec3dc-7beb"
last-modified: Sun, 18 Jun 2023 08:44:12 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjCGf%2FTGclH6kUtO6Q6Rf4Zyhhsp2lT97zZgxCsAxvgwUiKFqeAjOIy71Hvsv8Or2i6oxmGAdGvdfYA07SNLw4o8YKnep7lO8CP0Mmz89fzux3qJ%2FOyWHNMHqd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89f1ace7682ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.magsrv.com/build-iframe-js-url.js?idzone=5335880

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335880
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
ef04e15a4c7763aec07ea95893300cee
3cd14669532cfdf6d55d4c700858095bd711c4f5
078383bd76eed5b931ccdc355950758f7e7ca915e4b323bdb80041db73dc7bd6

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335880 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335880&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"f1d8e0e5a5bd07cb0566b85f6e7"
expires: Thu, 04 Jul 2024 18:06:25 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQHX1gUAAAwBuUwKAQH35AUAAAwBisclxAH3mwAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966b1d6af2c
x-accel-expires: @1720300002
x-accel-date: 1720289233
x-77-cache: HIT
x-77-age: 1494
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107248
x-cache: HIT
x-age: 1494
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

s.magsrv.com/splash.php?idzone=5334136&sub=44189

95.211.229.246

302 Found

6.4 kB

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=5334136&sub=44189
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42
ValidityMon, 01 Jul 2024 10:24:45 GMT - Sun, 29 Sep 2024 10:24:44 GMT

File type

Size
6.4 kB (6356 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5334136&sub=44189 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 06 Jul 2024 18:32:07 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da6f2ef23.204357021916255807%22%3B%7D; expires=Mon, 06 Jul 2026 18:32:06 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://s.magsrv.com/splash.php?idzone=5334138&sub=44189
X-Robots-Tag: noindex, follow

creative.mnaspm.com/widgets/v4/Universal/main.1141b83260ebcd99a9da.js

104.18.40.50

200 OK

312 kB

URL GET HTTP/3
creative.mnaspm.com/widgets/v4/Universal/main.1141b83260ebcd99a9da.js
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Certificate
IssuerGoogle Trust Services
Subjectmnaspm.com
Fingerprint2A:B0:18:21:52:65:FD:DF:3F:51:E5:57:12:A2:2B:77:6F:77:92:C3
ValidityWed, 12 Jun 2024 21:20:38 GMT - Tue, 10 Sep 2024 21:20:37 GMT

File type

Size
312 kB (311970 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widgets/v4/Universal/main.1141b83260ebcd99a9da.js HTTP/1.1
Host: creative.mnaspm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=aaa037bdc44f9e65b286b511e21216c49497a1ede2b3e4e11af630bfc0439877&iterationId=888231&masterSmartpopId=1605&memberId=vZTfrPJZ_bNG9blp2Cc3ONxReg1s3Wbtx-a7pM8j3pB2Rk_fjl0scJX-dhTuH-7gZBTKpXuGVAelOTyQisExrOazhyb4dISjdTNUk1l1FmUCLAMO_gUIDRUi&mlView=1&noc=1&p1=4305936&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&tag=girls&usePreroll=0&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=33630&webp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 01 Jul 2024 07:28:16 GMT
etag: W/"66825a90-4c2a2"
expires: Sat, 06 Jul 2024 18:32:12 GMT
cache-control: max-age=10
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 3
vary: Accept-Encoding
server: cloudflare
cf-ray: 89f1acf3abebb509-OSL
alt-svc: h3=":443"; ma=86400

u3y8v8u4.aucdn.net/library/802424/a16f2eae440b5e95fa228a77905dacf9bb46cc09.mp4

185.76.9.19

206 Partial Content

131 kB

URL GET HTTP/2
u3y8v8u4.aucdn.net/library/802424/a16f2eae440b5e95fa228a77905dacf9bb46cc09.mp4
IP
185.76.9.19:443
ASN
#60068 Datacamp Limited

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29
ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
131 kB (131072 bytes)
Hash
0e7455d74680b961aeddde9ecdcf7c5a
35c629d4e760b929d3d1aa663bb0560e5cb61461
d39342c34f3cb358447aabdb845b5e2f5b195794984199fb864a2f3877b774fd

HTTP Headers

GET /library/802424/a16f2eae440b5e95fa228a77905dacf9bb46cc09.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: video/mp4
content-length: 6394046
last-modified: Fri, 15 Mar 2024 15:50:23 GMT
etag: "65f46e3f-6190be"
accept-ch: 
expires: Sat, 15 Mar 2025 21:26:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJDQH3PtCUAAwBuUwKAQH3IgAAAAwBJRPCNAH3WAAAAA
x-77-nzt-ray: c0a4cc285f5849a2a78d8966b9c4a43a
x-accel-expires: @1742073967
x-accel-date: 1710538089
x-77-cache: HIT
x-77-age: 9752638
server: CDN77-Turbo
x-accel-date-max: 1710538089
x-cache: HIT
x-age: 9752638
x-77-pop: stockholmSE
content-range: bytes 0-6394045/6394046
X-Firefox-Spdy: h2

javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/

188.114.97.1

200 OK

77 kB

URL User Request GET HTTP/2
javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectjavhd.icu
Fingerprint9C:C3:DA:D2:99:57:F2:43:B3:F8:17:0F:F2:68:75:32:C7:DA:D4:EC
ValiditySun, 02 Jun 2024 02:56:55 GMT - Sat, 31 Aug 2024 02:56:54 GMT

File type

Size
77 kB (76584 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/ HTTP/1.1
Host: javhd.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:04 GMT
content-type: text/html; charset=UTF-8
cf-ray: 89f1accb6bb5b515-OSL
cf-cache-status: HIT
cache-control: max-age=31536000
last-modified: Sat, 06 Jul 2024 18:32:04 GMT
link: <https://javhd.icu/wp-json/>; rel="https://api.w.org/", <https://javhd.icu/?p=1041>; rel=shortlink
vary: Accept-Encoding
cf-apo-via: tcache
cf-edge-cache: cache,platform=wordpress
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnZU6dAcUf4vRCjUkfIzMqChAf5NYay2sLT5f%2F1k0vTmMkcdy%2Bn8S5iBDyGdW5cPjPSDrhrTVEo65mWMtcFz3bzHkKlC%2BjjVcyLeuermmqa%2FM5JbiiDwnqnqzec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png

45.133.44.9

200 OK

145 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC0:36:FD:5D:4E:7E:6F:E0:13:60:82:58:0C:BC:8B:40:A2:6B:2C:22
ValidityTue, 21 May 2024 05:00:31 GMT - Mon, 19 Aug 2024 05:00:30 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
145 kB (145012 bytes)
Hash
620dee7dda3ab0a55fef5e66735e48e1
c03458e7950bed758e4352ec7a78bb434a3164b1
8552142726040854ba6a1d57037aa513e8cb424e3e5b96f017fb742f7c9255c3

HTTP Headers

GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: image/png
content-length: 145012
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Mon, 08 Jul 2024 18:32:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.tsyndicate.com/sdk/v1/video.instant.message.js

45.133.44.70

200 OK

18 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/video.instant.message.js
IP
45.133.44.70:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
FingerprintD1:BA:EE:F0:8D:8F:47:DF:CC:82:D6:69:8B:C5:E6:32:61:B2:10:52
ValiditySat, 08 Jun 2024 03:00:23 GMT - Fri, 06 Sep 2024 03:00:22 GMT

File type
JavaScript source, ASCII text, with very long lines (18035)
Size
18 kB (18130 bytes)
Hash
2b867ddbfd75470beb3f6c6ae94da284
cea27812747f31f8cbcc29ce35f6fe4588482379
634df4d833fbd0ebd63714eb73e5a5bad07ab08f189342a26e91d4e7976ed9da

HTTP Headers

GET /sdk/v1/video.instant.message.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 21 Jun 2024 13:30:20 GMT
etag: W/"6675806c-46d2"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 08 Jul 2024 18:32:05 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

accompanimentachyjustified.com/watch.1111033423741.js?key=e94aba79152021f73efaa9cfb59f2f91&kw=%5B%22jav%22%2C%22hd%22%2C%22snis-103%22%2C%22aoba%22%2C%22yui%22%2C%22peeing%22%2C%22of%22%2C%22shyness%22%2C%22hiiragi%22%2C%22noa%22%5D&refer=https%3A%2F%2Fjavhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&tz=0&dev=e&res=14.2071&uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1

172.240.127.234

307 Temporary Redirect

4.0 kB

URL GET HTTP/1.1
accompanimentachyjustified.com/watch.1111033423741.js?key=e94aba79152021f73efaa9cfb59f2f91&kw=%5B%22jav%22%2C%22hd%22%2C%22snis-103%22%2C%22aoba%22%2C%22yui%22%2C%22peeing%22%2C%22of%22%2C%22shyness%22%2C%22hiiragi%22%2C%22noa%22%5D&refer=https%3A%2F%2Fjavhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&tz=0&dev=e&res=14.2071&uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjectaccompanimentachyjustified.com
Fingerprint0D:4F:F9:C8:33:C1:17:07:5C:6F:DF:E4:C6:AF:A0:F6:C4:A8:5A:F3
ValidityMon, 01 Jul 2024 15:38:04 GMT - Sun, 29 Sep 2024 15:38:03 GMT

File type

Size
4.0 kB (4035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1111033423741.js?key=e94aba79152021f73efaa9cfb59f2f91&kw=%5B%22jav%22%2C%22hd%22%2C%22snis-103%22%2C%22aoba%22%2C%22yui%22%2C%22peeing%22%2C%22of%22%2C%22shyness%22%2C%22hiiragi%22%2C%22noa%22%5D&refer=https%3A%2F%2Fjavhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&tz=0&dev=e&res=14.2071&uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1 HTTP/1.1
Host: accompanimentachyjustified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 06 Jul 2024 18:32:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javhd.icu
Access-Control-Allow-Origin: https://javhd.icu
Access-Control-Allow-Credentials: true
Location: https://accompanimentachyjustified.com/watch.1111033423741.js?dev=e&key=e94aba79152021f73efaa9cfb59f2f91&kw=%5B%22jav%22%2C%22hd%22%2C%22snis-103%22%2C%22aoba%22%2C%22yui%22%2C%22peeing%22%2C%22of%22%2C%22shyness%22%2C%22hiiragi%22%2C%22noa%22%5D&pst=1720290786&refer=https%3A%2F%2Fjavhd.icu%2Fvideo%2Fsnis-103-aoba-yui-peeing-of-shyness-hiiragi-noa%2F&res=14.2071&rmtc=t&shu=24938f0195683cf0f7440b9815436181661af1e82adf67878e0ea705165ab77d8197935c976849b1c2978e5b3e82eb7c0429c22ac2701ec32bb84e8144993140013d27c1de90290cc46c8bdfece087d0691f9968a3ec2fb19fdf6f&tz=0&uuid=e4d11f11-00b8-4075-a5fc-20ad2ca48dbd%3A1%3A1
Set-Cookie: u_pl=16420765; expires=Sun, 07 Jul 2024 18:32:06 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyMDc2NSwiayI6ImU5NGFiYTc5MTUyMDIxZjczZWZhYTljZmI1OWYyZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjAxNTQ1LCJwaWQiOjMzNDA2MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ3eWJndnl1ZSIsImNwa3MiOnsiMjgiOiJmZDFiZjI2MWEyZTY3NzJjYjUzODY1NWMyMzgzOTc4NSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qYXZoZC5pY3UvdmlkZW8vc25pcy0xMDMtYW9iYS15dWktcGVlaW5nLW9mLXNoeW5lc3MtaGlpcmFnaS1ub2EvIiwiYXIiOltdfX0.YZ1-7BuLKT3fzKV-7psRUZCEosbobdZ6Qa0kq2NDz5c; expires=Sat, 06 Jul 2024 18:33:06 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6678133de835aa526b305e56f3edf6a0
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

tsyndicate.com/do2/f23e0670f2b643f99d5d3e5497b34935/vast?t=im-slider&param3=video.instant.message.js&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&w=1280&h=1024&tz=0

195.201.244.188

200 OK

4.2 kB

URL GET HTTP/2
tsyndicate.com/do2/f23e0670f2b643f99d5d3e5497b34935/vast?t=im-slider&param3=video.instant.message.js&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&w=1280&h=1024&tz=0
IP
195.201.244.188:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
XML document, ASCII text, with very long lines (4203), with no line terminators
Size
4.2 kB (4188 bytes)
Hash
3af0b4a39eabf70e37042a8afdfdb5ed
7f11932766a9d9b50d5d57b4c1ee1bd5e47611ab
290eda49157b0a9c879e0634db2ff009c14633cecde9ab069efd5f5666a43679

HTTP Headers

GET /do2/f23e0670f2b643f99d5d3e5497b34935/vast?t=im-slider&param3=video.instant.message.js&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://javhd.icu
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 6cafa88618a9d8ad
set-cookie: ts_uid=468da3a3-5299-4386-b28c-21d243f570c3; expires=Mon, 06 Jan 2025 18:32:06 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

3pkf5m0gd.com/aas/r45d/vki/2009932/105dadc5.js

212.117.190.201

200 OK

122 kB

URL GET HTTP/2
3pkf5m0gd.com/aas/r45d/vki/2009932/105dadc5.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint70:73:69:43:4D:B1:BF:B0:38:3A:37:4F:FE:52:FC:49:36:88:AD:7E
ValidityFri, 10 May 2024 15:27:38 GMT - Tue, 05 Nov 2024 22:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65077)
Size
122 kB (121795 bytes)
Hash
0bdf7b64c057082c59534d2f5a243b3f
7694ebdd47808ef6e8ad667290b9784d3e852690
23c9110f25db23444397d3f197348c820279ddae497af911224bd177e1f0932c

HTTP Headers

GET /aas/r45d/vki/2009932/105dadc5.js HTTP/1.1
Host: 3pkf5m0gd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/javascript
last-modified: Thu, 04 Jul 2024 15:05:39 GMT
vary: Accept-Encoding
etag: W/"6686ba43-1dc83"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5335876

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335876
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
b06b6cb17c578ad393ecafbd80098fb9
5bc2222fe6c5e3e64a93ce1d3956f55ce59fbddd
eb8d78439e6e3120647df4b5387e1a373556262948954f89fcf96f42ac25702e

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335876 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"d1c1c9c8e775953bc6458627ba5"
expires: Thu, 04 Jul 2024 18:06:23 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39AUAAAwBuUwKDAH31wUAAAwBJRPCMQH3YwAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966b4701d18
x-accel-expires: @1720300000
x-accel-date: 1720289203
x-77-cache: HIT
x-77-age: 1524
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107177
x-cache: HIT
x-age: 1524
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

tsyndicate.com/do2/J4DrNEDsNb9EEasU2KHhQuS242vzxvP7/master?w=1280&h=1024&tz=0&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&count=2

195.201.244.188

200 OK

18 kB

URL GET HTTP/2
tsyndicate.com/do2/J4DrNEDsNb9EEasU2KHhQuS242vzxvP7/master?w=1280&h=1024&tz=0&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&count=2
IP
195.201.244.188:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://javhd.icu/video/snis-103-aoba-yui-peeing-of-shyness-hiiragi-noa/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint21:44:73:D5:80:22:FF:67:C5:62:ED:C0:AA:50:45:16:EB:B3:BC:00
ValidityWed, 12 Jun 2024 09:06:28 GMT - Tue, 10 Sep 2024 09:06:27 GMT

File type
JSON text data
Size
18 kB (18011 bytes)
Hash
e90dd5e6ba13cb6e1ef5f7d587a1d1ff
b33914ed534a7e057892ce83066b78a492d88b34
3ed2b46a61f6c43adaa9fa5cfed9e4785131d45148e1032528c981b7124ca775

HTTP Headers

GET /do2/J4DrNEDsNb9EEasU2KHhQuS242vzxvP7/master?w=1280&h=1024&tz=0&keywords=JAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness%20~%20Genre(s)%3A%20Solowork%2CHumiliation%2CBeautiful%20Girl%2CSquirting%2CSlender%2CUrination%2C...%20Maker%3A%20S1%20NO.1%20STYLE%2CJAV%20HD%20SNIS-103%20Aoba%20Yui%20Peeing%20Of%20Shyness!%20Hiiragi%20Noa&count=2 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javhd.icu
DNT: 1
Connection: keep-alive
Referer: https://javhd.icu/
Cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 06 Jul 2024 18:32:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://javhd.icu
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://acdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://acdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 4a785bde1ab4f8e6
set-cookie: ts_uid=094a67b6-9ed5-4093-843e-db8f46555ee8; expires=Mon, 06 Jan 2025 18:32:06 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZNW7kwJHDRhcWIsYU3BLjoYgyE2PckAFjxo0bMWQ47KMg; expires=Sun, 07 Jul 2024 18:32:06 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5335876

185.76.9.17

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5335876
IP
185.76.9.17:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
b06b6cb17c578ad393ecafbd80098fb9
5bc2222fe6c5e3e64a93ce1d3956f55ce59fbddd
eb8d78439e6e3120647df4b5387e1a373556262948954f89fcf96f42ac25702e

HTTP Headers

GET /build-iframe-js-url.js?idzone=5335876 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5335876&size=300x250&sub=44189
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266898da62cb213.284974591653681815%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 06 Jul 2024 18:32:07 GMT
content-type: application/javascript
etag: W/"d1c1c9c8e775953bc6458627ba5"
expires: Thu, 04 Jul 2024 18:06:23 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH39AUAAAwBuUwKDAH31wUAAAwBJRPCMQH3YwAAAA
x-77-nzt-ray: c0a4cc28915eb261a78d8966a0c30300
x-accel-expires: @1720300000
x-accel-date: 1720289203
x-77-cache: HIT
x-77-age: 1524
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-accel-date-max: 1720107177
x-cache: HIT
x-age: 1524
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (65)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN