indexo.dev

javtiful.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 1369 ms crawled 2026-05-18

US · 172.67.73.74 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Javtiful | JAV Videos - Watch Latest HD Updates, Categories & Actresses
Description
Watch latest JAV videos on Javtiful. Browse HD updates, censored and uncensored collections, popular categories, top actresses, and fresh recommendations.
Language
en
Canonical
https://javtiful.com/main
Translations
  • en
  • id
  • ja
  • kr
  • vn
  • zh

Open Graph

url
https://javtiful.com/main
title
Javtiful | JAV Videos - Watch Latest HD Updates, Categories & Actresses
locale
en
site name
Javtiful
description
Watch latest JAV videos on Javtiful. Browse HD updates, censored and uncensored collections, popular categories, top actresses, and fresh recommendations.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • cdn.tsyndicate.com×1
  • chaseherbalpasty.com×1
  • www.googletagmanager.com×1

Registration

Registrar
Internet Domain Service BS Corp
Created
2019-10-12
Expires
2028-10-12 876 days left
Updated
2025-11-26
Name servers
  • ray.ns.cloudflare.com
  • uma.ns.cloudflare.com

DNS records live

NS
  • ray.ns.cloudflare.com
  • uma.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • yandex-verification: c764a2ac4466b32f

Email authentication weak

SPF
not published
DMARC
v=DMARC1; p=none; rua=mailto:f7265a31c4244277ac5efa72f4e40fcd@dmarc-reports.cloudflare.net
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-05-06 to 2026-08-04
Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://javtiful.com/main

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.plyr.io https:; style-src 'self' 'unsafe-inline' https://cdn.plyr.io; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https:; media-src 'self' https: blob:; frame-src 'self' https:; frame-ancestors 'self'; form-action 'self'

Links to (2)

Linked from (13)