shemalez.tube/
188.114.96.1301 Moved Permanently 0 B IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: shemalez.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 05:58:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Feb 2023 06:58:48 GMT
Location: https://shemalez.tube/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwAFBKVrvyc5FzFtddM%2F9t8EnnvNKwirVDNrM3kZUEmOT9%2Fn8V1FRRkdun%2BTN5iIo289M404j0aFEzZVWATpYbbgtNJxuNznSpHZIUzucDJSvp8WBwqtjzGA11PgaP7K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796a60186b491c02-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Thu, 09 Feb 2023 08:33:09 GMT
Date: Thu, 09 Feb 2023 05:58:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2582
Expires: Thu, 09 Feb 2023 06:41:50 GMT
Date: Thu, 09 Feb 2023 05:58:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 05:34:15 GMT
content-type: application/json
age: 1473
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5679
Expires: Thu, 09 Feb 2023 07:33:27 GMT
Date: Thu, 09 Feb 2023 05:58:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0AxfK1ZgchZQp4cvuvDrN3kadyj+KP4dAtkbHTtrDOpwAozR0QckGhfU88+nyXsOKX5eJjamFwVnfMFxJz9O1g==
x-amz-request-id: RY8MZWARHSEDJ2MZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 05:46:16 GMT
age: 752
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 02c53386b81cfb9f8aef6533fee026e6
ac45d01f0381d974da1fbe2a17b5f33ef4b8aa75
933dd6b4ed17152eac61313c33ee32067861844312adcb8f2ef2a2e23863cc23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:48 GMT
Server: ECS (amb/6BAB)
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 02c53386b81cfb9f8aef6533fee026e6
ac45d01f0381d974da1fbe2a17b5f33ef4b8aa75
933dd6b4ed17152eac61313c33ee32067861844312adcb8f2ef2a2e23863cc23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:48 GMT
Last-Modified: Thu, 09 Feb 2023 05:58:48 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 61 kB IP 142.250.74.163:0
Hash 9aee15ff5a08ef045dc885d32f96d5af
0ccf5d95cfe3fbe3c99a0b477b96f86578ea0b92
6b3779dda9ebd0aaa10ca00eb4fad8251bd217bb38be17790c964e401edabc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Comfortaa:wght@300;400;700&display=swap
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Comfortaa:wght@300;400;700&display=swap
IP 142.250.74.106:0
Hash 7109f4124f89a1d2c438981a12abbb2f
a7bf216852fdf05bde50eb6d11da5b6cce1ad92a
782df237601fbf94dec8ba8cf375762c6a83e0b4cfc7b0b4f3919fa39b5e284c
GET /css2?family=Comfortaa:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 05:58:49 GMT
date: Thu, 09 Feb 2023 05:58:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MVMB4DG
216.58.207.200200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MVMB4DG
IP 216.58.207.200:0
File type ASCII text, with very long lines (3532), with no line terminators
Hash 010bc0892fa2375415cbd5c9ad0e87a4
416f7801d73107b0ae1fa2cf8c23ee9526ccb6fc
3ee03e39a03889a4b5c268ee9a332d29afc3399ffbb46f0d8cea0c4e5548dda0
GET /gtm.js?id=GTM-MVMB4DG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 05:58:49 GMT
expires: Thu, 09 Feb 2023 05:58:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KRB4B5V
216.58.207.200200 OK 40 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KRB4B5V
IP 216.58.207.200:0
File type ASCII text, with very long lines (1759)
Hash ddfb67d65d3c18c4016d0169568c923f
73ba126f9467fd57971d2302b57bd52c9f5c18cf
86d7907e50a7b53d03d56b434b41c01d9097ce4e102e89b7062a6eb955e9436e
GET /gtm.js?id=GTM-KRB4B5V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 05:58:49 GMT
expires: Thu, 09 Feb 2023 05:58:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 36 kB IP 142.250.74.163:0
Hash a3ff7b670cfaa89c8faa55ef5dee0cea
2d5a0952c2a71e853b1367984a8900187ada869b
4ac717f25a03299513afe6f97783c8834851186c471d81413016ff71ec3b4925
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 1.9 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
Hash c94296d1622d8979424c0d378f335e70
5ecfee60c533a92c4cb969f3c334e40a5dc10d45
66446743ac297fd0d27bd51118d1b1908112efedd12f09aabe60e7529d575c70
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 05:14:53 GMT
age: 2636
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
216.58.207.227200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28712, version 1.0\012- data
Hash 1520051846f9dcefc38cdb90fc8b3456
057acb7bd46dfcf39244fb3582d560d98425e444
d3295fbcef086eb975b0fdcc4b929f0c59d4daf848dba6982a6aa915eb3011e0
GET /s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:12:07 GMT
expires: Tue, 06 Feb 2024 17:12:07 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Jun 2022 19:20:35 GMT
content-type: font/woff2
age: 218802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a0a6d5adde1cc8cfbf52cd1789b9936
4a06c4e84ffb622a0c402fc0844179eef31950aa
cfab68626c99177dec1a49f95abd671456d9eacd1e503f707ee5c17a9f570cb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFAB68626C99177DEC1A49F95ABD671456D9EACD1E503F707EE5C17A9F570CB1"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12897
Expires: Thu, 09 Feb 2023 09:33:46 GMT
Date: Thu, 09 Feb 2023 05:58:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3927
Expires: Thu, 09 Feb 2023 07:04:16 GMT
Date: Thu, 09 Feb 2023 05:58:49 GMT
Connection: keep-alive
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 12 kB URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 6110f548180b6ce9a8a71b41d734b8b1
1d9e3e7cf909a536c72a68f6caec314fdf78fd6d
f8f9fc93eb321cc0b81719d812846a8d1025f825a45bb307c5fa25e8b473f44c
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Thu, 09 Feb 2023 06:03:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ads.exoclick.com/ads.js
205.185.216.42200 OK 974 B IP 205.185.216.42:0
File type ASCII text, with very long lines (2476), with no line terminators
Hash 92af51b4341a31ff621022c2a648c05e
3761459319128e7349981f338926abcd89ba58e0
6dd1f44f60b3c9584b3d9a54af5348c3fc36c7e13585f593f205ed42a0fa7e9f
GET /ads.js HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:49 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 974
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"8f3c7314efe500b41baba9f571b"
X-HW: 1675922329.dop232.sk1.t,1675922329.cds253.sk1.shn,1675922329.cds253.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 3169ad2b79c63437c3d13339bf7626ca
17f586907cd68cca57670e7d07ddc51afa807054
85e788342fd9b7ae7cbc131f93ff120a974f75b642d326c4e1340827a26e1c0f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:49 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 13 Feb 2023 04:28:23 GMT
ETag: "17f586907cd68cca57670e7d07ddc51afa807054"
Last-Modified: Thu, 09 Feb 2023 04:28:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2310
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796a602009591c16-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 3169ad2b79c63437c3d13339bf7626ca
17f586907cd68cca57670e7d07ddc51afa807054
85e788342fd9b7ae7cbc131f93ff120a974f75b642d326c4e1340827a26e1c0f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:49 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 13 Feb 2023 04:28:23 GMT
ETag: "17f586907cd68cca57670e7d07ddc51afa807054"
Last-Modified: Thu, 09 Feb 2023 04:28:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2310
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796a60201d1bb517-OSL
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Thu, 09 Feb 2023 05:58:49 GMT
access-control-allow-origin: *
etag: "63e36f34-12029"
expires: Thu, 09 Feb 2023 06:58:49 GMT
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
a.exosrv.com/ads.js
185.76.9.26200 OK 4.3 kB IP 185.76.9.26:0
ASN #60068 Datacamp Limited
Hash 1610dc9b16f0742fd09bfdc3bb3a6c60
6bc9a75a9273a6f1eef7d38dc4631f4e846eadeb
f59b8f793f4a797089ec7a6f02d4a97ae1d71b39742f7a10008c590c5c6b479f
GET /ads.js HTTP/1.1
Host: a.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:49 GMT
content-type: application/javascript
etag: W/"b60fdcc211f42a1f246a8c80b56"
expires: Wed, 08 Feb 2023 19:23:05 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675927460
server: CDN77-Turbo
x-77-nzt: AblMCRQmrKj/JRYAAA
x-77-nzt-ray: af585630e1700ea3998be4631ed6a521
x-cache: HIT
x-age: 5669
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc74863bf83b4e2d73801b0b63297366
e3a0f75335c82a244041e9b1c6ba3388b8595157
28a8589f1282504e670ea8e6d1724fcbd09b490cf36821a7426615247fd5979e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28A8589F1282504E670EA8E6D1724FCBD09B490CF36821A7426615247FD5979E"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4145
Expires: Thu, 09 Feb 2023 07:07:54 GMT
Date: Thu, 09 Feb 2023 05:58:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 1.2 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83d350708cc67ef8d71b2061e659e0de
8e2e43aced1f971f64e82066993728deceeb86a9
5cdb0347be88f9f3b0db35958b59cd7d90ae84df8c25bdb3c062230ba254d7c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C12CCA052D9F38C10EAEF4F3C4F66A9CE11731DF0B457BFF32144142D4BC4A4"
Last-Modified: Wed, 08 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10919
Expires: Thu, 09 Feb 2023 09:00:48 GMT
Date: Thu, 09 Feb 2023 05:58:49 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.31.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.31.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: srhLLmH9U/ylvmFp0+wySQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YGI8txNXUDZETfjqqHD3Pg0elfk=
vast.yomeno.xyz/prepare
109.206.191.198204 No Content 152 kB IP 109.206.191.198:0
Size 152 kB (151885 bytes)
Hash b4b5ca211a179e4424de8ef16ca92f4a
615ef01ee4c571d8c707d173cc64926250829f64
e412faf46b4765800e631fe61b710624a0971af9f67e485b462cd8e04c758df4
OPTIONS /prepare HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://shemalez.tube/
Origin: https://shemalez.tube
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:49 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://shemalez.tube
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-type: text/plain; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=827
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=827
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=827 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://shemalez.tube/
Origin: https://shemalez.tube
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 09 Feb 2023 05:58:49 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://shemalez.tube
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
vast.yomeno.xyz/prepare
109.206.191.198204 No Content 0 B IP 109.206.191.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prepare HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 539
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:49 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://shemalez.tube
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
btds.zog.link/in/dl/?spot_id=84717&screen_resolution=1280x1024&dt=1675922387480&ad_sub=0&mo=&ve=&katds_labels=&p=https%3A//shemalez.tube/&utm1=&utm2=&utm3=&utm4=&ad_tags=ShemaleZ.com&title=ShemaleZ.com&katds_rcc=2
109.206.175.85200 OK 48 kB URL HTTP/2 btds.zog.link/in/dl/?spot_id=84717&screen_resolution=1280x1024&dt=1675922387480&ad_sub=0&mo=&ve=&katds_labels=&p=https%3A//shemalez.tube/&utm1=&utm2=&utm3=&utm4=&ad_tags=ShemaleZ.com&title=ShemaleZ.com&katds_rcc=2
IP 109.206.175.85:0
Hash 030f83ba97937b9ff7042272b672eaec
f3cc6dcffb1753e0fced51265edb0c7c3f40c7eb
d0dc62756a26eabfb810b0fcf90003f315dd8a80923bcd07a495dfba2fa2181a
GET /in/dl/?spot_id=84717&screen_resolution=1280x1024&dt=1675922387480&ad_sub=0&mo=&ve=&katds_labels=&p=https%3A//shemalez.tube/&utm1=&utm2=&utm3=&utm4=&ad_tags=ShemaleZ.com&title=ShemaleZ.com&katds_rcc=2 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Origin: https://shemalez.tube
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:49 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 953.73385=1; expires=Fri, 10 Feb 2023 05:58:49 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=827
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=827
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=827 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22285
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 09 Feb 2023 05:58:49 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://shemalez.tube
Set-Cookie: id=15326914023525137969; Expires=Fri, 09 Feb 2024 05:58:49 GMT; Secure; SameSite=None
Vary: Origin
js.wpshsdk.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Thu, 09 Feb 2023 06:03:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/d1j3p0feiI8
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/d1j3p0feiI8
IP 142.250.74.163:0
Hash 0c5a43a7c35d2b9000ad166305e47a57
6c4733b781460a5183724175d5f6881c54ea2f35
ea04634fe907bcd3ff21b4f218f23e0a9978f8e93adf442c479cc58ce15187c4
POST /s/gts1p5/d1j3p0feiI8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb8f29069c767403bdd7bdd0b4761b0b
4e6709a562a97346d5b919ce9f7a3dde53623e3e
2206bd3f16eae5c21aac4b6f653f16299b507c020f81655a1cba06631999e9c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2206BD3F16EAE5C21AAC4B6F653F16299B507C020F81655A1CBA06631999E9C5"
Last-Modified: Wed, 08 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9029
Expires: Thu, 09 Feb 2023 08:29:19 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
448a1ae91c.aaadaadeda.com/in/multy?spot_size=5&spot_id=54&subid=1677570894&label=1&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&cpa=25da1476-9e5e-47c1-976f-7fa86cd80fec&ver=6.14.0&adblock=0&ad_type=native&iw=200&ih=200&iframe=0&mm=0&pr=&user_keywords=ShemaleZ.com&tag_ab=b&user_fp=0&v2=0&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign=
172.64.161.18200 OK 16 kB URL HTTP/2 448a1ae91c.aaadaadeda.com/in/multy?spot_size=5&spot_id=54&subid=1677570894&label=1&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&cpa=25da1476-9e5e-47c1-976f-7fa86cd80fec&ver=6.14.0&adblock=0&ad_type=native&iw=200&ih=200&iframe=0&mm=0&pr=&user_keywords=ShemaleZ.com&tag_ab=b&user_fp=0&v2=0&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign=
IP 172.64.161.18:0
File type JSON data\012- , ASCII text, with very long lines (15576)
Hash 88ace2960a67b9feb553273ef61328d5
f2f6613045cc6e0370c3fb209dcd1c47981051c4
d24b820847a817d34c4c6e805d32377866ca4a14ed7e5b8b35a731832527f1fa
GET /in/multy?spot_size=5&spot_id=54&subid=1677570894&label=1&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&cpa=25da1476-9e5e-47c1-976f-7fa86cd80fec&ver=6.14.0&adblock=0&ad_type=native&iw=200&ih=200&iframe=0&mm=0&pr=&user_keywords=ShemaleZ.com&tag_ab=b&user_fp=0&v2=0&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign= HTTP/1.1
Host: 448a1ae91c.aaadaadeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: application/json; charset=utf-8
content-length: 15577
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd02X%2BTM8bUNrlEeOHhS%2BTqdxocRJo1Er%2BtyS2ZpCmstDNrNxvG1ib%2BINFfreHqdVXqNeeUToLaoH7iw3QYgifLMwAET1ChrMuyEk%2F4HfC%2FVf2P%2BRfBHWz4M96H0j5ogUCWnqssuG9tiQsFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796a6022cdcc71b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f10b397aafc2cbb6cab152d32cfcf5a0
ac8fb6d95aac76498e69f82a6997770c7dc84291
58c0fd3d0918e46b20684e5cc382d1fbb7ead91f2d2ad14d8d6bc7de644121a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58C0FD3D0918E46B20684E5CC382D1FBB7EAD91F2D2AD14D8D6BC7DE644121A2"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 09 Feb 2023 08:18:22 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f10b397aafc2cbb6cab152d32cfcf5a0
ac8fb6d95aac76498e69f82a6997770c7dc84291
58c0fd3d0918e46b20684e5cc382d1fbb7ead91f2d2ad14d8d6bc7de644121a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58C0FD3D0918E46B20684E5CC382D1FBB7EAD91F2D2AD14D8D6BC7DE644121A2"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 09 Feb 2023 08:18:22 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f10b397aafc2cbb6cab152d32cfcf5a0
ac8fb6d95aac76498e69f82a6997770c7dc84291
58c0fd3d0918e46b20684e5cc382d1fbb7ead91f2d2ad14d8d6bc7de644121a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58C0FD3D0918E46B20684E5CC382D1FBB7EAD91F2D2AD14D8D6BC7DE644121A2"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 09 Feb 2023 08:18:22 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f10b397aafc2cbb6cab152d32cfcf5a0
ac8fb6d95aac76498e69f82a6997770c7dc84291
58c0fd3d0918e46b20684e5cc382d1fbb7ead91f2d2ad14d8d6bc7de644121a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58C0FD3D0918E46B20684E5CC382D1FBB7EAD91F2D2AD14D8D6BC7DE644121A2"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 09 Feb 2023 08:18:22 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
shztn1.nv7s.com/contents/videos_screenshots/49000/49824/300x200/7.jpg
45.133.44.25200 OK 18 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/49000/49824/300x200/7.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash eb2a0baed259cf84e3eb39b1a7715bab
1ef9ed6cff3c992829bf756390fe83988f9ad3ca
ee34abc5cb3b358bad1eae14f3442bd81ebd5340708d82ebbaccca2951c9637c
GET /contents/videos_screenshots/49000/49824/300x200/7.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 17836
server: nginx/1.16.1
last-modified: Mon, 13 Nov 2017 15:17:59 GMT
etag: "5a09b7a7-45ac"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a41a61973a036685c860fb720c373f75
93f0c120005f2217f3bb5f38d955deaecf6eb1f8
eeddcca8f6bab925fc604ceff2a899c7b171e442f740bd123825907550dd3948
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEDDCCA8F6BAB925FC604CEFF2A899C7B171E442F740BD123825907550DD3948"
Last-Modified: Wed, 08 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12936
Expires: Thu, 09 Feb 2023 09:34:26 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b56611d1b3a0ed7dcc5c549165a0d73
c636aeccf5eed902ace33c937180d52bd5af1d5e
e89de04ab4f7d56455c00481537cd10255ad0e43fd49c6829db3869b29aa3c4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E89DE04AB4F7D56455C00481537CD10255AD0E43FD49C6829DB3869B29AA3C4E"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9354
Expires: Thu, 09 Feb 2023 08:34:44 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6821ec910dfbec718a4fb87ecc93710
44e1e0baea65a37fd26efdbcaf74121eb10a023d
75fe19787998e5ad8d58d9a061bf83f47b41bec80d94adac7c9b1f0ad0d9af25
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FE19787998E5AD8D58D9A061BF83F47B41BEC80D94ADAC7C9B1F0AD0D9AF25"
Last-Modified: Wed, 08 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8938
Expires: Thu, 09 Feb 2023 08:27:48 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
nereserv.com/in/dip?site=native-push&wl=1&event_id=78a0bfd4-7a41-472a-aa44-3f1a46d9bec0&subid=138611283&sid=2704218273&spot_id=490&created_at=2023-02-09&timezone=0&ver=8.25.0&is_native=1
94.130.198.6200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=78a0bfd4-7a41-472a-aa44-3f1a46d9bec0&subid=138611283&sid=2704218273&spot_id=490&created_at=2023-02-09&timezone=0&ver=8.25.0&is_native=1
IP 94.130.198.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=78a0bfd4-7a41-472a-aa44-3f1a46d9bec0&subid=138611283&sid=2704218273&spot_id=490&created_at=2023-02-09&timezone=0&ver=8.25.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/642000/642367/300x200/1.jpg
45.133.44.25200 OK 27 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/642000/642367/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 8af7a7d385f3dfc8e7d9aa50612241ca
976c34fa58b198596199a586a04db519e090e014
aafcb1e0d9ee13ce84637877ac9d67f2a697fe6126a5f22b64f3c6c82490d64e
GET /contents/videos_screenshots/642000/642367/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 26872
server: nginx/1.16.1
last-modified: Mon, 09 Jan 2023 13:41:04 GMT
etag: "63bc1970-68f8"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/647000/647481/300x200/1.jpg
45.133.44.25200 OK 21 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/647000/647481/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 5494e5ac6075a32cbc4a3369cde97306
78c554f3fd6fa9451daa78f6307ba07aaafb3cca
371f0f9848573016eb24cd835c88ddcb70e6771c6c61151f3f8c6c227780da58
GET /contents/videos_screenshots/647000/647481/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 21275
server: nginx/1.16.1
last-modified: Wed, 01 Feb 2023 20:56:05 GMT
etag: "63dad1e5-531b"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
12112336.pix-cdn.org/dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128)
45.133.44.24200 OK 1.1 kB URL HTTP/2 12112336.pix-cdn.org/dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128)
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (652), with CRLF line terminators
Hash 92d4b3c9db72fefd9d6d927ec40be29b
efb550da28d7b18d7e2beb7698577415fde2b24f
7ad9fcb297f4600edf827b026deca9e0ed695be37ab46ac2d9fee35040611130
GET /dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128) HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/svg+xml
content-length: 1064
server: nginx/1.12.2
last-modified: Tue, 16 Jun 2020 16:25:10 GMT
etag: "5ee8f266-428"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
bts.red12flyw2.site/in/tna_shows/?katds_ep=3FGVt7hg4pdwa1o_HlY4ilKoMVKBQIQJjBf2nj-nniEcwKQHCxaz03GqqcgQsTKhXyXWyeI94UXWpU3wXd13QSke6PmuTBLadMzUjX8v99fm5uhs5jswsyYzglXLYa_uUBlUcDJUW5NPiFtgQ_43kkDRcoozG012LSlDfAv1XCu_C1-NdWpUP9iWhcVkhUUew2gPJ-wm8P7eL4XHkikd1eRA0u-ogbse-uALI4-oSL-Ewt4jfLYAz8LyYu3CIrxD0odyrJhqwJ3GTxNsNm-C9mTTo7p4asncEDYSfvuqGFBYEf21x8gHvFrusFnb0ZsKcRGQpjegDv34YpXFCz498QOkS3TRTGk-QENBwDK0mRqlaloLhaN3QsNYbwfxZvHWh8MLC2F_Bfh_FdSbwyDuPA0VGwVN3JGDr7J5wnMZ1leEoMcy73CZ_4xFP88hEa7rcYvBMwvqcN5CnAYUmAbXEX_HP62sAVKAqQhUi_RhD7Xi6-dDo2-8byW3lrWLPfqlImLX3ryOIsXEzFihHeuaTY8rIZ-MzK1JkeJZJjntJ160POojnTT9DYxgHrBuFUoNRLJ2OXzpyut-qi-uVvOWDcsxbzs22sWdQGPCIE6xNK0T9rDoLPi-h-f17uGSZuV7cRNTr7DnRDCaSF2JtfFrtlFmwsB8G9o57lWgkB_eqExT6ns18EKA-EEmqkqCK852rWbcPWvkbNkhzaH0Gf-3w2iVfqXBkwGQXuBiIa73mvCkw0Dadlz2JxSdgFJjNFxD4FDLv7gUwOFxavBuvZvaUvXaW9amJUy7rFkryTFC6CBhHZzv
109.206.181.2201 Created 0 B URL HTTP/2 bts.red12flyw2.site/in/tna_shows/?katds_ep=3FGVt7hg4pdwa1o_HlY4ilKoMVKBQIQJjBf2nj-nniEcwKQHCxaz03GqqcgQsTKhXyXWyeI94UXWpU3wXd13QSke6PmuTBLadMzUjX8v99fm5uhs5jswsyYzglXLYa_uUBlUcDJUW5NPiFtgQ_43kkDRcoozG012LSlDfAv1XCu_C1-NdWpUP9iWhcVkhUUew2gPJ-wm8P7eL4XHkikd1eRA0u-ogbse-uALI4-oSL-Ewt4jfLYAz8LyYu3CIrxD0odyrJhqwJ3GTxNsNm-C9mTTo7p4asncEDYSfvuqGFBYEf21x8gHvFrusFnb0ZsKcRGQpjegDv34YpXFCz498QOkS3TRTGk-QENBwDK0mRqlaloLhaN3QsNYbwfxZvHWh8MLC2F_Bfh_FdSbwyDuPA0VGwVN3JGDr7J5wnMZ1leEoMcy73CZ_4xFP88hEa7rcYvBMwvqcN5CnAYUmAbXEX_HP62sAVKAqQhUi_RhD7Xi6-dDo2-8byW3lrWLPfqlImLX3ryOIsXEzFihHeuaTY8rIZ-MzK1JkeJZJjntJ160POojnTT9DYxgHrBuFUoNRLJ2OXzpyut-qi-uVvOWDcsxbzs22sWdQGPCIE6xNK0T9rDoLPi-h-f17uGSZuV7cRNTr7DnRDCaSF2JtfFrtlFmwsB8G9o57lWgkB_eqExT6ns18EKA-EEmqkqCK852rWbcPWvkbNkhzaH0Gf-3w2iVfqXBkwGQXuBiIa73mvCkw0Dadlz2JxSdgFJjNFxD4FDLv7gUwOFxavBuvZvaUvXaW9amJUy7rFkryTFC6CBhHZzv
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tna_shows/?katds_ep=3FGVt7hg4pdwa1o_HlY4ilKoMVKBQIQJjBf2nj-nniEcwKQHCxaz03GqqcgQsTKhXyXWyeI94UXWpU3wXd13QSke6PmuTBLadMzUjX8v99fm5uhs5jswsyYzglXLYa_uUBlUcDJUW5NPiFtgQ_43kkDRcoozG012LSlDfAv1XCu_C1-NdWpUP9iWhcVkhUUew2gPJ-wm8P7eL4XHkikd1eRA0u-ogbse-uALI4-oSL-Ewt4jfLYAz8LyYu3CIrxD0odyrJhqwJ3GTxNsNm-C9mTTo7p4asncEDYSfvuqGFBYEf21x8gHvFrusFnb0ZsKcRGQpjegDv34YpXFCz498QOkS3TRTGk-QENBwDK0mRqlaloLhaN3QsNYbwfxZvHWh8MLC2F_Bfh_FdSbwyDuPA0VGwVN3JGDr7J5wnMZ1leEoMcy73CZ_4xFP88hEa7rcYvBMwvqcN5CnAYUmAbXEX_HP62sAVKAqQhUi_RhD7Xi6-dDo2-8byW3lrWLPfqlImLX3ryOIsXEzFihHeuaTY8rIZ-MzK1JkeJZJjntJ160POojnTT9DYxgHrBuFUoNRLJ2OXzpyut-qi-uVvOWDcsxbzs22sWdQGPCIE6xNK0T9rDoLPi-h-f17uGSZuV7cRNTr7DnRDCaSF2JtfFrtlFmwsB8G9o57lWgkB_eqExT6ns18EKA-EEmqkqCK852rWbcPWvkbNkhzaH0Gf-3w2iVfqXBkwGQXuBiIa73mvCkw0Dadlz2JxSdgFJjNFxD4FDLv7gUwOFxavBuvZvaUvXaW9amJUy7rFkryTFC6CBhHZzv HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
set-cookie: 2641.0=1; expires=Fri, 10 Feb 2023 05:58:50 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/452000/452867/300x200/1.jpg
45.133.44.25200 OK 31 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/452000/452867/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash c706f328744ff26f38d76d32f32e0754
1521453eeafefb16690bd1e8a214ad36c8afe022
a3e8192d4287f2ba8e973ee8d9c0595cad4847c170b63c18cbd38dfb09d43256
GET /contents/videos_screenshots/452000/452867/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 30693
server: nginx/1.16.1
last-modified: Mon, 03 Aug 2020 16:01:03 GMT
etag: "5f2834bf-77e5"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoyLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkxNTMyLCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.4VwWvnMyX_Z9jPzTpQhl9yMU4I5RHYG-YLrUDUGku2g
172.64.161.18302 Found 0 B URL HTTP/2 448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoyLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkxNTMyLCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.4VwWvnMyX_Z9jPzTpQhl9yMU4I5RHYG-YLrUDUGku2g
IP 172.64.161.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoyLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkxNTMyLCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.4VwWvnMyX_Z9jPzTpQhl9yMU4I5RHYG-YLrUDUGku2g HTTP/1.1
Host: 448a1ae91c.aaadaadeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 09 Feb 2023 05:58:50 GMT
content-length: 0
location: https://bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USnYx4CJtyVQy1jkQfPjqBIEFGFV8Ou%2Fp%2BMg91kzQYFO%2F2S9nK%2Flp7PYtGU%2BZSoZMelIra0kjByEPgab%2B3%2Fi05ZGMiXhgAtHEg8yin%2BrMNV1yh1cLkF2fXW4FSUAJCerrrcB9TkApRqO1hgT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796a60257a82386e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
448a1ae91c.aaadaadeda.com/in/show/?&cid=14054&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDA1NCwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MC4wMDIwNywiY3BtIjowLCJjcmVhdGl2ZV9pZCI6IjQ1OTI2NDUyZDhiYzJmYjM1NTM2MzMyNGQzYjhlZjlhIiwiY3JlYXRpdmVfdGl0bGUiOiJGcmVlIEZldGlzaCBWaWRlbyIsImVjcG0iOjAuMDAyNjc4MDExNDg5Mzc5NzQyNiwiZXh0X2NyZWF0aXZlX2lkIjoiMjI2NzYiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkwMjI1LCJpY29uIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luL3RuYV9zaG93cy8_a2F0ZHNfZXA9M0ZHVnQ3aGc0cGR3YTFvX0hsWTRpbEtvTVZLQlFJUUpqQmYybmotbm5pRWN3S1FIQ3hhejAzR3FxY2dRc1RLaFh5WFd5ZUk5NFVYV3BVM3dYZDEzUVNrZTZQbXVUQkxhZE16VWpYOHY5OWZtNXVoczVqc3dzeVl6Z2xYTFlhX3VVQmxVY0RKVVc1TlBpRnRnUV80M2trRFJjb296RzAxMkxTbERmQXYxWEN1X0MxLU5kV3BVUDlpV2hjVmtoVVVldzJnUEotd204UDdlTDRYSGtpa2QxZVJBMHUtb2dic2UtdUFMSTQtb1NMLUV3dDRqZkxZQXo4THlZdTNDSXJ4RDBvZHlySmhxd0ozR1R4TnNObS1DOW1UVG83cDRhc25jRURZU2Z2dXFHRkJZRWYyMXg4Z0h2RnJ1c0ZuYjBac0tjUkdRcGplZ0R2MzRZcFhGQ3o0OThRT2tTM1RSVEdrLVFFTkJ3REswbVJxbGFsb0xoYU4zUXNOWWJ3ZnhadkhXaDhNTEMyRl9CZmhfRmRTYnd5RHVQQTBWR3dWTjNKR0RyN0o1d25NWjFsZUVvTWN5NzNDWl80eEZQODhoRWE3cmNZdkJNd3ZxY041Q25BWVVtQWJYRVhfSFA2MnNBVktBcVFoVWlfUmhEN1hpNi1kRG8yLThieVczbHJXTFBmcWxJbUxYM3J5T0lzWEV6RmloSGV1YVRZOHJJWi1NeksxSmtlSlpKam50SjE2MFBPb2puVFQ5RFl4Z0hyQnVGVW9OUkxKMk9YenB5dXQtcWktdVZ2T1dEY3N4YnpzMjJzV2RRR1BDSUU2eE5LMFQ5ckRvTFBpLWgtZjE3dUdTWnVWN2NSTlRyN0RuUkRDYVNGMkp0ZkZydGxGbXdzQjhHOW81N2xXZ2tCX2VxRXhUNm5zMThFS0EtRUVtcWtxQ0s4NTJyV2JjUFd2a2JOa2h6YUgwR2YtM3cyaVZmcVhCa3dHUVh1QmlJYTczbXZDa3cwRGFkbHoySnhTZGdGSmpORnhENEZETHY3Z1V3T0Z4YXZCdXZadmFVdlhhVzlhbUpVeTdyRmtyeVRGQzZDQmhIWnp2IiwiaWZyYW1lIjpmYWxzZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6IiIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MCwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.KfMQvQATvQwtEENrSEVBQUKQk4g7KThFCzzUq0O4m6A
172.64.161.18201 Created 0 B URL HTTP/2 448a1ae91c.aaadaadeda.com/in/show/?&cid=14054&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDA1NCwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MC4wMDIwNywiY3BtIjowLCJjcmVhdGl2ZV9pZCI6IjQ1OTI2NDUyZDhiYzJmYjM1NTM2MzMyNGQzYjhlZjlhIiwiY3JlYXRpdmVfdGl0bGUiOiJGcmVlIEZldGlzaCBWaWRlbyIsImVjcG0iOjAuMDAyNjc4MDExNDg5Mzc5NzQyNiwiZXh0X2NyZWF0aXZlX2lkIjoiMjI2NzYiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkwMjI1LCJpY29uIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luL3RuYV9zaG93cy8_a2F0ZHNfZXA9M0ZHVnQ3aGc0cGR3YTFvX0hsWTRpbEtvTVZLQlFJUUpqQmYybmotbm5pRWN3S1FIQ3hhejAzR3FxY2dRc1RLaFh5WFd5ZUk5NFVYV3BVM3dYZDEzUVNrZTZQbXVUQkxhZE16VWpYOHY5OWZtNXVoczVqc3dzeVl6Z2xYTFlhX3VVQmxVY0RKVVc1TlBpRnRnUV80M2trRFJjb296RzAxMkxTbERmQXYxWEN1X0MxLU5kV3BVUDlpV2hjVmtoVVVldzJnUEotd204UDdlTDRYSGtpa2QxZVJBMHUtb2dic2UtdUFMSTQtb1NMLUV3dDRqZkxZQXo4THlZdTNDSXJ4RDBvZHlySmhxd0ozR1R4TnNObS1DOW1UVG83cDRhc25jRURZU2Z2dXFHRkJZRWYyMXg4Z0h2RnJ1c0ZuYjBac0tjUkdRcGplZ0R2MzRZcFhGQ3o0OThRT2tTM1RSVEdrLVFFTkJ3REswbVJxbGFsb0xoYU4zUXNOWWJ3ZnhadkhXaDhNTEMyRl9CZmhfRmRTYnd5RHVQQTBWR3dWTjNKR0RyN0o1d25NWjFsZUVvTWN5NzNDWl80eEZQODhoRWE3cmNZdkJNd3ZxY041Q25BWVVtQWJYRVhfSFA2MnNBVktBcVFoVWlfUmhEN1hpNi1kRG8yLThieVczbHJXTFBmcWxJbUxYM3J5T0lzWEV6RmloSGV1YVRZOHJJWi1NeksxSmtlSlpKam50SjE2MFBPb2puVFQ5RFl4Z0hyQnVGVW9OUkxKMk9YenB5dXQtcWktdVZ2T1dEY3N4YnpzMjJzV2RRR1BDSUU2eE5LMFQ5ckRvTFBpLWgtZjE3dUdTWnVWN2NSTlRyN0RuUkRDYVNGMkp0ZkZydGxGbXdzQjhHOW81N2xXZ2tCX2VxRXhUNm5zMThFS0EtRUVtcWtxQ0s4NTJyV2JjUFd2a2JOa2h6YUgwR2YtM3cyaVZmcVhCa3dHUVh1QmlJYTczbXZDa3cwRGFkbHoySnhTZGdGSmpORnhENEZETHY3Z1V3T0Z4YXZCdXZadmFVdlhhVzlhbUpVeTdyRmtyeVRGQzZDQmhIWnp2IiwiaWZyYW1lIjpmYWxzZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6IiIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MCwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.KfMQvQATvQwtEENrSEVBQUKQk4g7KThFCzzUq0O4m6A
IP 172.64.161.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?&cid=14054&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDA1NCwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MC4wMDIwNywiY3BtIjowLCJjcmVhdGl2ZV9pZCI6IjQ1OTI2NDUyZDhiYzJmYjM1NTM2MzMyNGQzYjhlZjlhIiwiY3JlYXRpdmVfdGl0bGUiOiJGcmVlIEZldGlzaCBWaWRlbyIsImVjcG0iOjAuMDAyNjc4MDExNDg5Mzc5NzQyNiwiZXh0X2NyZWF0aXZlX2lkIjoiMjI2NzYiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkwMjI1LCJpY29uIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luL3RuYV9zaG93cy8_a2F0ZHNfZXA9M0ZHVnQ3aGc0cGR3YTFvX0hsWTRpbEtvTVZLQlFJUUpqQmYybmotbm5pRWN3S1FIQ3hhejAzR3FxY2dRc1RLaFh5WFd5ZUk5NFVYV3BVM3dYZDEzUVNrZTZQbXVUQkxhZE16VWpYOHY5OWZtNXVoczVqc3dzeVl6Z2xYTFlhX3VVQmxVY0RKVVc1TlBpRnRnUV80M2trRFJjb296RzAxMkxTbERmQXYxWEN1X0MxLU5kV3BVUDlpV2hjVmtoVVVldzJnUEotd204UDdlTDRYSGtpa2QxZVJBMHUtb2dic2UtdUFMSTQtb1NMLUV3dDRqZkxZQXo4THlZdTNDSXJ4RDBvZHlySmhxd0ozR1R4TnNObS1DOW1UVG83cDRhc25jRURZU2Z2dXFHRkJZRWYyMXg4Z0h2RnJ1c0ZuYjBac0tjUkdRcGplZ0R2MzRZcFhGQ3o0OThRT2tTM1RSVEdrLVFFTkJ3REswbVJxbGFsb0xoYU4zUXNOWWJ3ZnhadkhXaDhNTEMyRl9CZmhfRmRTYnd5RHVQQTBWR3dWTjNKR0RyN0o1d25NWjFsZUVvTWN5NzNDWl80eEZQODhoRWE3cmNZdkJNd3ZxY041Q25BWVVtQWJYRVhfSFA2MnNBVktBcVFoVWlfUmhEN1hpNi1kRG8yLThieVczbHJXTFBmcWxJbUxYM3J5T0lzWEV6RmloSGV1YVRZOHJJWi1NeksxSmtlSlpKam50SjE2MFBPb2puVFQ5RFl4Z0hyQnVGVW9OUkxKMk9YenB5dXQtcWktdVZ2T1dEY3N4YnpzMjJzV2RRR1BDSUU2eE5LMFQ5ckRvTFBpLWgtZjE3dUdTWnVWN2NSTlRyN0RuUkRDYVNGMkp0ZkZydGxGbXdzQjhHOW81N2xXZ2tCX2VxRXhUNm5zMThFS0EtRUVtcWtxQ0s4NTJyV2JjUFd2a2JOa2h6YUgwR2YtM3cyaVZmcVhCa3dHUVh1QmlJYTczbXZDa3cwRGFkbHoySnhTZGdGSmpORnhENEZETHY3Z1V3T0Z4YXZCdXZadmFVdlhhVzlhbUpVeTdyRmtyeVRGQzZDQmhIWnp2IiwiaWZyYW1lIjpmYWxzZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6IiIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MCwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.KfMQvQATvQwtEENrSEVBQUKQk4g7KThFCzzUq0O4m6A HTTP/1.1
Host: 448a1ae91c.aaadaadeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
date: Thu, 09 Feb 2023 05:58:50 GMT
content-length: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgjummumAGm%2Bj8JKUS7bBBT7eYKwriGvYmwxWn%2F37Z5j3SU20qAU%2FrSu4NUJO3pWpdf7f2wnU%2B2tVBov80r7ub7uRbkiWefMDpHQ9q5m%2B1RcSzxr%2FVnFDrzJChmAcWlmR4BQ2OXWej9BmCQD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796a60257a81386e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo0LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTk0NDM4LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.96fScn6kdZ2sks9fYcP-fR0Fc7e41nSYlqefaV9KxPw
172.64.161.18302 Found 0 B URL HTTP/2 448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo0LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTk0NDM4LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.96fScn6kdZ2sks9fYcP-fR0Fc7e41nSYlqefaV9KxPw
IP 172.64.161.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo0LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTk0NDM4LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.96fScn6kdZ2sks9fYcP-fR0Fc7e41nSYlqefaV9KxPw HTTP/1.1
Host: 448a1ae91c.aaadaadeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 05:58:50 GMT
content-length: 0
location: https://bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocFkOfLYJ7UrdNUHEHl3OmJQUJAIePBvLHl1GFWRKESDvaDlcJ8GYT1pTZ5iKKgwt0nyFhqHNRSfXGrgE9Lsc5BFHv1fIlngbvEocvxLh2uPq7yYPqUt5yPoXPzBbL7Uq7nlN3g7bXhBMExs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796a60257a80386e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjozLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkzMDE1LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.f0UhRlVIiZ-U6uYkUvxR2IVd-IplW7PoZ6FXjEc1QuY
172.64.161.18302 Found 0 B URL HTTP/2 448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjozLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkzMDE1LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.f0UhRlVIiZ-U6uYkUvxR2IVd-IplW7PoZ6FXjEc1QuY
IP 172.64.161.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjozLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTkzMDE1LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.f0UhRlVIiZ-U6uYkUvxR2IVd-IplW7PoZ6FXjEc1QuY HTTP/1.1
Host: 448a1ae91c.aaadaadeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 05:58:50 GMT
content-length: 0
location: https://bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbx0UgGEqJYllwAI0EeFhXlnOETeamLHP%2BeMHH2sHlY9t8JLozNUX6kWS8zH%2Fek4VVjEVnHx15NS1PLnZVy13HwAKAFbIP3sYIvunrcA8Y0gYhVi3E6AK4%2FO1UmqQ2N1WgB2ePQsiBxglO%2FA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796a60257a85386e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/628000/628201/300x200/1.jpg
45.133.44.25200 OK 24 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/628000/628201/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 9bbc2e8c2adc6d0a566f347218d44a87
ae0a7e3f6071bc80b0f13f381f9631d1bd082851
ab9532792902666860652880445af3c13de6b0258cd306a44311088c3adaa471
GET /contents/videos_screenshots/628000/628201/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 23726
server: nginx/1.16.1
last-modified: Fri, 09 Dec 2022 14:48:05 GMT
etag: "63934aa5-5cae"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo1LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTk1NzM4LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.lMcK-O5fPS0dMxrrxhbiKR052vOspvXTbiG6LNyxm3s
172.64.161.18302 Found 0 B URL HTTP/2 448a1ae91c.aaadaadeda.com/in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo1LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTk1NzM4LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.lMcK-O5fPS0dMxrrxhbiKR052vOspvXTbiG6LNyxm3s
IP 172.64.161.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?&cid=14402&session_id=db2b8f29-0b2e-4ecd-b498-dc706c5207b6&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo1LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6NTMyNDM5NDgwLCJicm93c2VyX2ZhbWlseSI6IkZpcmVmb3giLCJicm93c2VyX25hbWUiOiJGaXJlZm94IDEwNSIsImNhbXBhaWduX2lkIjoxNDQwMiwiY2FycmllciI6Ii0iLCJjbGlja2FkaWxsYV9pZCI6MCwiY2xpY2thZGlsbGFfc3BhY2VfaWQiOjAsImNvdW50cnkiOiJOTyIsImNwYyI6MCwiY3BtIjowLCJjcmVhdGl2ZV9pZCI6ImQxMjM0NWNyZWF0aXZlaWZyYW1lIiwiY3JlYXRpdmVfdGl0bGUiOiIiLCJlY3BtIjowLCJleHRfY3JlYXRpdmVfaWQiOiIiLCJmcm9tX3N0b3JhZ2UiOjAsImlhdCI6MTY3NTkyMjMzMC4xOTk1NzM4LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9NTRcdTAwMjZzb3VyY2U9MTY3NzU3MDg5NCIsImloIjoyMDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIwMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJ3aW5kb3dzIiwib3NfdHlwZSI6ImNvbXB1dGVyIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiZGIyYjhmMjktMGIyZS00ZWNkLWI0OTgtZGM3MDZjNTIwN2I2Iiwic2l0ZSI6InNoZW1hbGV6LnR1YmUiLCJzb3VyY2VfaWQiOjE2Nzc1NzA4OTQsInNwb3RfaWQiOjU0LCJzcG90X3NpemUiOjUsInN1YiI6ImF1Y3Rpb24tbmF0aXZlLXN0YWdlIiwidGFnX2FiIjoiYiIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtc3RhZ2UiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MjQ4Mjc2OTIzOCwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInZlciI6IjYuMTQuMCIsInZlcnRpY2FsX2lkIjowfQ.lMcK-O5fPS0dMxrrxhbiKR052vOspvXTbiG6LNyxm3s HTTP/1.1
Host: 448a1ae91c.aaadaadeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 05:58:50 GMT
content-length: 0
location: https://bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieSHGyrt%2FLvU%2B7Itb4hF5WLaPyKaSVf5YIxY5Cw8varBy9WxZanHiwUJjJ73xwz8kopdO921zPWuUuij2OVTXauxwOdVVxJoc8DD8ZVZ60wN6jrlnIIDIgYj%2BWvrYb6%2F7RdqKY7Lk4cgQtz7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796a60257a7f386e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/625000/625491/300x200/1.jpg
45.133.44.25200 OK 28 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/625000/625491/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash f322e336c1b73fa559c79800d12912f0
429321f8d6f2ebcaea6eec55e0ff783c6ce87479
c0425468a2c282f48574283e4a357fd191de1f6ced2e573c43e6e206688376d9
GET /contents/videos_screenshots/625000/625491/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 27780
server: nginx/1.16.1
last-modified: Mon, 28 Nov 2022 11:21:05 GMT
etag: "638499a1-6c84"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/638000/638613/300x200/1.jpg
45.133.44.25200 OK 25 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/638000/638613/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 7cc60f04a5f2717dc2b952e2b73e7e24
5bb318e3882d42ad523d5490cbc7911eaca0caa2
ff16bab202176a609e000f80017a67eafb5588950269c45625b0e5babad8b475
GET /contents/videos_screenshots/638000/638613/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 24930
server: nginx/1.16.1
last-modified: Sun, 01 Jan 2023 14:58:05 GMT
etag: "63b19f7d-6162"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
9028b77447.a5acd46254.com/in/multy
157.90.84.246204 No Content 0 B URL HTTP/2 9028b77447.a5acd46254.com/in/multy
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: 9028b77447.a5acd46254.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://shemalez.tube/
Origin: https://shemalez.tube
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/627000/627531/300x200/1.jpg
45.133.44.25200 OK 36 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/627000/627531/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash d446fd485ca281c03cfc2dae5a59e530
0bb4b60262d2f028f944bfa059098503fe787d8c
ef5aaae172d005a41a3b0da00c4dafde58d3a5561ed89d27dacfbcdf266d2ee2
GET /contents/videos_screenshots/627000/627531/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 35808
server: nginx/1.16.1
last-modified: Thu, 08 Dec 2022 09:01:04 GMT
etag: "6391a7d0-8be0"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
12112336.pix-cdn.org/dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128)
45.133.44.24200 OK 1.1 kB URL HTTP/2 12112336.pix-cdn.org/dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128)
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (652), with CRLF line terminators
Hash 92d4b3c9db72fefd9d6d927ec40be29b
efb550da28d7b18d7e2beb7698577415fde2b24f
7ad9fcb297f4600edf827b026deca9e0ed695be37ab46ac2d9fee35040611130
GET /dli/whatshot.svg?fill=rgb(128%2C%20128%2C%20128) HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/svg+xml
content-length: 1064
server: nginx/1.12.2
last-modified: Tue, 16 Jun 2020 16:25:10 GMT
etag: "5ee8f266-428"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/510000/510639/300x200/1.jpg
45.133.44.25200 OK 25 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/510000/510639/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 6aa16763698251255111f9571350597e
3b51c57141416689e05f0b4d0d712ae2648e49d8
c8e867cceea75a4d16dd6cd1a35432a7ecb35f5ddf5591d42fc68526de4f1205
GET /contents/videos_screenshots/510000/510639/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 25317
server: nginx/1.16.1
last-modified: Mon, 11 Oct 2021 04:54:13 GMT
etag: "6163c375-62e5"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
4205286141.2e8c623b67.com/get/
94.130.197.134200 OK 1.4 kB URL HTTP/2 4205286141.2e8c623b67.com/get/
IP 94.130.197.134:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (1393), with no line terminators
Hash 72b9f2c2795761bd659d95ba232ea1ea
c8fa70ecb85d97a2442a615d98060e62cf3dc80c
9a13e1fb303743b7858648b88c70cba8eb656dac9e2fd094d6bec5ecbc1d2af0
POST /get/ HTTP/1.1
Host: 4205286141.2e8c623b67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Content-Type: text/plain;charset=UTF-8
Origin: https://shemalez.tube
Content-Length: 569
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: application/json
content-length: 1393
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 88bd48f3f25b3869edceceffa3969975
4629f945078151e6529d0c0fa17ecc26b240a9a8
b19ad328e38f618f96a5109b4314253d60ba8d0d68cae5fb04a7868334d46751
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B19AD328E38F618F96A5109B4314253D60BA8D0D68CAE5FB04A7868334D46751"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4816
Expires: Thu, 09 Feb 2023 07:19:06 GMT
Date: Thu, 09 Feb 2023 05:58:50 GMT
Connection: keep-alive
shztn1.nv7s.com/contents/videos_screenshots/510000/510757/300x200/1.jpg
45.133.44.25200 OK 22 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/510000/510757/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash de7fb9402956c494be205f6a9086872b
0212eda3f4c4b34320a85de3f0dc30eb45f0718e
4d61f7917a28c15aaa16b916f5192844f60687e667d26ef88ed8541a8f11fb91
GET /contents/videos_screenshots/510000/510757/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 22302
server: nginx/1.16.1
last-modified: Mon, 11 Oct 2021 08:57:37 GMT
etag: "6163fc81-571e"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/367000/367472/300x200/1.jpg
45.133.44.25200 OK 22 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/367000/367472/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 8682d18aae96cb5c876ec55715a06c24
9b058f189a5166240703d74e8b2957a8db1cdf75
e650af9f9ad93bd9b51524d3198981f8a88eca27276b1bf664dd22a9998f635d
GET /contents/videos_screenshots/367000/367472/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 21638
server: nginx/1.16.1
last-modified: Mon, 20 May 2019 20:49:04 GMT
etag: "5ce312c0-5486"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/585000/585439/300x200/1.jpg
45.133.44.25200 OK 22 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/585000/585439/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 408adcdddbbc5950081ae50f34349d67
7b8166f9feb2bf7f8909944dfacb8141a09081a2
6f0db8740b4331729f1d046e5603ee2a8c76dc73726408aacdd29d21015134f5
GET /contents/videos_screenshots/585000/585439/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 22126
server: nginx/1.16.1
last-modified: Sat, 16 Jul 2022 04:25:05 GMT
etag: "62d23da1-566e"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
109.206.181.2302 Found 0 B URL HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/2643/?spot_id=54&source=1677570894 HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Cookie: 2641.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 2643.0=1; expires=Fri, 10 Feb 2023 05:58:50 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/632000/632863/300x200/1.jpg
45.133.44.25200 OK 26 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/632000/632863/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 6c64d6a12c485c1fb62fbbdb04132821
8778e81deff09dba005b6d94e789cecfbb93faad
1cc7d38063f1e57228123ab0a2d9d22d8d0a0e36ed61a29f2d03f4da00beb533
GET /contents/videos_screenshots/632000/632863/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 25997
server: nginx/1.16.1
last-modified: Sat, 24 Dec 2022 02:53:04 GMT
etag: "63a66990-658d"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/615000/615647/300x200/1.jpg
45.133.44.25200 OK 27 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/615000/615647/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 3ad9039cba20cac4399399cdb03bf12d
a9926a58ff20c128be188396ba49b9516ae0f784
d2161c27e456224df61890849a8a403bdf08b736b1ac0f1636acbbaa540eeb23
GET /contents/videos_screenshots/615000/615647/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 27078
server: nginx/1.16.1
last-modified: Wed, 12 Oct 2022 23:15:20 GMT
etag: "63474a88-69c6"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/633000/633215/300x200/1.jpg
45.133.44.25200 OK 24 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/633000/633215/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash fedbfba63e38c8e082af1947ac8970b9
6c44c91fb9a4778aacd54728ce92dc7afafd0bf3
672ab3441298f2bf02a85424c7ce68a8fdbd21a89bae58c9655e6f76fa16c8e8
GET /contents/videos_screenshots/633000/633215/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 23580
server: nginx/1.16.1
last-modified: Sat, 24 Dec 2022 12:22:20 GMT
etag: "63a6eefc-5c1c"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/513000/513071/300x200/1.jpg
45.133.44.25200 OK 25 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/513000/513071/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash b0a53b6010399d76b687149dfb5ef3ca
8efa4d0d53ed0a30fc909dedbdf82da7cbce6215
a78e3d9d523044fd44b63b226e95a3780c9094a85e2ab1c8bd499e3ada56ae30
GET /contents/videos_screenshots/513000/513071/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 25437
server: nginx/1.16.1
last-modified: Wed, 13 Oct 2021 11:52:04 GMT
etag: "6166c864-635d"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/632000/632939/300x200/1.jpg
45.133.44.25200 OK 22 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/632000/632939/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash ef059564d2a32b384b2c35b9504c54a8
3f5e6bd43ddf9414275cab3f97c12cf70a32f584
3fa16af92793180f3cd50983891e790662907b1bbe6227ec4fe41ec6e684adf5
GET /contents/videos_screenshots/632000/632939/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 21949
server: nginx/1.16.1
last-modified: Sat, 24 Dec 2022 05:04:06 GMT
etag: "63a68846-55bd"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/332000/332611/300x200/1.jpg
45.133.44.25200 OK 26 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/332000/332611/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 2b6deb79029f11a74d33e4f613ce5641
9522b1b57ec8a27c47523fe46f658cdc0a1630b1
a1decd18ce37e65b3f4286f233303f835fcc74cffaef7a6c4d39020f5fc29bb2
GET /contents/videos_screenshots/332000/332611/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 25981
server: nginx/1.16.1
last-modified: Fri, 26 Apr 2019 03:01:05 GMT
etag: "5cc27471-657d"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/55000/55982/300x200/10.jpg
45.133.44.25200 OK 20 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/55000/55982/300x200/10.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 389a69c6f229c7cb57a889fb040d17f2
5820d7aa0f79edfe214d94b91d4852eecf6cf632
b94cbdac69df23033e535e897fbcbac00d136780b6e82bb24086fab061c5e323
GET /contents/videos_screenshots/55000/55982/300x200/10.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 20134
server: nginx/1.16.1
last-modified: Thu, 09 Nov 2017 15:35:04 GMT
etag: "5a0475a8-4ea6"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shztn1.nv7s.com/contents/videos_screenshots/591000/591317/300x200/1.jpg
45.133.44.25200 OK 24 kB URL HTTP/2 shztn1.nv7s.com/contents/videos_screenshots/591000/591317/300x200/1.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 338cff0ce6f9e3e06535b58c0df920d3
77011b365e1c028b5e9c8eb92e90376e81a465dc
67c429e4d5abf25f3ba3e95036998647d0684ee874ca1d76b9bcbbc1c4cb104b
GET /contents/videos_screenshots/591000/591317/300x200/1.jpg HTTP/1.1
Host: shztn1.nv7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: image/jpeg
content-length: 23484
server: nginx/1.16.1
last-modified: Sun, 24 Jul 2022 03:05:03 GMT
etag: "62dcb6df-5bbc"
cache-control: max-age=7776000
expires: Wed, 10 May 2023 05:58:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/d1j3p0feiI8
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/d1j3p0feiI8
IP 142.250.74.163:0
Hash 0c5a43a7c35d2b9000ad166305e47a57
6c4733b781460a5183724175d5f6881c54ea2f35
ea04634fe907bcd3ff21b4f218f23e0a9978f8e93adf442c479cc58ce15187c4
POST /s/gts1p5/d1j3p0feiI8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 05:58:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
109.206.181.2302 Found 0 B URL HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/2643/?spot_id=54&source=1677570894 HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Cookie: 2641.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 2643.0=1; expires=Fri, 10 Feb 2023 05:58:50 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
109.206.181.2302 Found 0 B URL HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/2643/?spot_id=54&source=1677570894 HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Cookie: 2641.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
vary: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 2643.0=1; expires=Fri, 10 Feb 2023 05:58:50 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
109.206.181.2302 Found 0 B URL HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=54&source=1677570894
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/2643/?spot_id=54&source=1677570894 HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Cookie: 2641.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 2643.0=1; expires=Fri, 10 Feb 2023 05:58:50 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
btds.zog.link/in/dl_show/?spot_id=84717&out_name=73385|12302|cpm|0.0001|$%200.0001&ad_sub=0&utm1=&utm2=&utm3=&utm4=&spot_id=84717&p=https%3A%2F%2Fshemalez.tube%2F
109.206.175.85200 OK 2 B URL HTTP/2 btds.zog.link/in/dl_show/?spot_id=84717&out_name=73385|12302|cpm|0.0001|$%200.0001&ad_sub=0&utm1=&utm2=&utm3=&utm4=&spot_id=84717&p=https%3A%2F%2Fshemalez.tube%2F
IP 109.206.175.85:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/dl_show/?spot_id=84717&out_name=73385|12302|cpm|0.0001|$%200.0001&ad_sub=0&utm1=&utm2=&utm3=&utm4=&spot_id=84717&p=https%3A%2F%2Fshemalez.tube%2F HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 952.0=1; expires=Fri, 10 Feb 2023 05:58:50 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/config.js
45.133.44.24200 OK 19 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/config.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash f10895f5b8f053b00cd03669d019c54d
43cf505083e403b4b946d45fc65ea0e9c3baafd5
fb2f789a38cd1f070b16f6d8d86d1cea3f60e3ad7ff4217c8e973e3227344852
GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Origin: https://shemalez.tube
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Wed, 08 Feb 2023 14:06:45 GMT
etag: "63e3ac75-13"
expires: Thu, 09 Feb 2023 06:03:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 09 Feb 2023 05:58:50 GMT
access-control-allow-origin: *
etag: "63e36f34-2b"
expires: Thu, 09 Feb 2023 06:58:50 GMT
accept-ranges: bytes
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/47200290?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A37119299767%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A350908894%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/47200290?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A37119299767%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A350908894%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash aee0485528010f8d09ab032d8c0c21b3
e94bb273967d46ae158e10b0fe7ba0fe2b14650a
693cadcdaa92a9c68543179194e73cf8016439a3b070f6e0b09c6973619f4e8f
GET /watch/47200290?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A37119299767%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A350908894%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/47200290/1?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A37119299767%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A350908894%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 09 Feb 2023 05:58:50 GMT
access-control-allow-origin: https://shemalez.tube
set-cookie: yabs-sid=1586800691675922330; Path=/; SameSite=None; Secure
i=dtoIkQ4wrwKdt+DA685IDxmM61LY0iNkK62ymhZ7CK6LuAiWGELva+9ZOeEtw5HhoaJpFN9fZWJiIJFyhrlbjTQVGLo=; Expires=Sun, 06-Feb-2033 05:58:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3076865861675922330; Expires=Fri, 09-Feb-2024 05:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3076865861675922330; Expires=Fri, 09-Feb-2024 05:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1707458330.yc.1675922330#1707458330.yrts.1675922330#1707458330.yrtsi.1675922330; Expires=Fri, 09-Feb-2024 05:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-Feb-2023 05:58:50 GMT
last-modified: Thu, 09-Feb-2023 05:58:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49315045?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1464767283950%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A972690785%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/49315045?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1464767283950%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A972690785%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 4fb11895bf6e90741d16ecdbc876df24
cdf16d9b7e72847d124b6287976b649ff3b93929
794e28e46250ae11324aed591c236e27d3d52677f53b951ccadef591ed87ad1d
GET /watch/49315045?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1464767283950%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A972690785%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A879%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1464767283950%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055947%3Aet%3A1675922388%3Ac%3A1%3Arn%3A972690785%3Arqn%3A1%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C120%2C72%2C0%2C180%2C0%2C%2C419%2C5%2C%2C%2C%2C1011%3Aco%3A0%3Ans%3A1675922386090%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675922388%3At%3AShemaleZ.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 09 Feb 2023 05:58:50 GMT
access-control-allow-origin: https://shemalez.tube
set-cookie: yabs-sid=1526227611675922330; Path=/; SameSite=None; Secure
i=eqcMzQHgZQJz+P+6JbjyBPCnYIJix/ehCKtxt6epDwnfbQMuSvpsDYeWqfL6Z9EiBG26UR8lRsRPg8c2qvpPBBG06Pg=; Expires=Sun, 06-Feb-2033 05:58:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7699566741675922330; Expires=Fri, 09-Feb-2024 05:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7699566741675922330; Expires=Fri, 09-Feb-2024 05:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1707458330.yc.1675922330#1707458330.yrts.1675922330#1707458330.yrtsi.1675922330; Expires=Fri, 09-Feb-2024 05:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-Feb-2023 05:58:50 GMT
last-modified: Thu, 09-Feb-2023 05:58:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/47200290/1?page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&hittoken=1675922330_6d39ac4ee5ee390ca768416c5f54bdeafb605847345aa1e81be6d8f2787f04a9&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A37119299767%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055948%3Aet%3A1675922389%3Ac%3A1%3Arn%3A336853325%3Arqn%3A2%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1692%2C1692%2C0%2C%3Aco%3A0%3Ans%3A1675922386090%3Aadb%3A2%3Ast%3A1675922389&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/47200290/1?page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&hittoken=1675922330_6d39ac4ee5ee390ca768416c5f54bdeafb605847345aa1e81be6d8f2787f04a9&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A37119299767%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055948%3Aet%3A1675922389%3Ac%3A1%3Arn%3A336853325%3Arqn%3A2%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1692%2C1692%2C0%2C%3Aco%3A0%3Ans%3A1675922386090%3Aadb%3A2%3Ast%3A1675922389&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/47200290/1?page-url=https%3A%2F%2Fshemalez.tube%2F&charset=utf-8&hittoken=1675922330_6d39ac4ee5ee390ca768416c5f54bdeafb605847345aa1e81be6d8f2787f04a9&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A37119299767%3Ahid%3A743852674%3Az%3A0%3Ai%3A20230209055948%3Aet%3A1675922389%3Ac%3A1%3Arn%3A336853325%3Arqn%3A2%3Au%3A1675922388209398412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1692%2C1692%2C0%2C%3Aco%3A0%3Ans%3A1675922386090%3Aadb%3A2%3Ast%3A1675922389&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 09 Feb 2023 05:58:50 GMT
access-control-allow-origin: https://shemalez.tube
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-Feb-2023 05:58:50 GMT
last-modified: Thu, 09-Feb-2023 05:58:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12484
Expires: Thu, 09 Feb 2023 09:26:55 GMT
Date: Thu, 09 Feb 2023 05:58:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12484
Expires: Thu, 09 Feb 2023 09:26:55 GMT
Date: Thu, 09 Feb 2023 05:58:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12484
Expires: Thu, 09 Feb 2023 09:26:55 GMT
Date: Thu, 09 Feb 2023 05:58:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9203cfb9f0c1c958dd008eac55a9d3c4
6bdd1047590dd3fb54c15d5d6d38e7c86274b203
09770229be5ff3037708543e3204c66de84253b3a858a83a0e1672a04c0e9cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11760
x-amzn-requestid: b2863a01-4714-4554-a478-5402467b3448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKHc_oAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-1c5a3edf37bc7cc937c800d2;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y-1zzLzVegi0T-SAyTpUuFD6iVVYbuL5u71dc74BY2l7PrxVu-am5w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "6bdd1047590dd3fb54c15d5d6d38e7c86274b203"
content-type: image/jpeg
age: 30254
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 2d81ff60-65c6-4a7d-86d5-8853a961be0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwDm6GoOIAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb2f8-5acf67171c4b3ee87794ea02;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: udtvUr0tqVtI70L8glPQK3ePowPGstiizC9tb6U4kQg0JzsLqViUIg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:54 GMT
age: 29577
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z5r7rFH2nEro98p7U4_Lz8xIrX_bnU7ntAc46ytGzL8498buHzsCcg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:19:22 GMT
age: 27569
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnbG_CYddidhGlygFinwMyN81eHxP_vRzxsm7QBIAJzFqwaKTt-POQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:44 GMT
age: 30247
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0c5e12696e3ee13041d043084828210
c48927fb23f59e0949d388086c197699c8f19d1b
47838e958555ff6799d4d1d3994913943726daba5294cd89afe9036628ef6fdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: fa797448-32c3-4438-a192-5291c48b1d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKFq9oAMFgog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-46ff32923a2763b45a5194f4;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2olwTLHKbCas7GcQiRz22bk_I646VcTxN3Yv_ObBVgeGC0l73GNh8A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "c48927fb23f59e0949d388086c197699c8f19d1b"
content-type: image/jpeg
age: 30254
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa565275-3a2e-4292-b935-18f8fc648689.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa565275-3a2e-4292-b935-18f8fc648689.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebad32ed6e84736b26623ed3d9b6cfe7
f9ddc5333953bafc7de7c971a693771a179e8bab
c8cc0ee6bcc93f226bcf774f1354e094bd6715c86e680be7523c84e457b7922d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa565275-3a2e-4292-b935-18f8fc648689.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 4c5e9f29-7c4f-4cfa-88b1-8600082e85c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswg7GLaoAMFi6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db6138-5a2a4dd242aff1ac3d8b11db;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I2j2a4tlZ-MG2RAk67dXyHFki0WRjBCoUOjrt8vxlFn2RO79Hwv7kA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:45 GMT
age: 30246
etag: "f9ddc5333953bafc7de7c971a693771a179e8bab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d52a3514189d091236692d2e22966d67
efb31cd86a76f4ddca3306266db80aa1a2879d34
d1edc6919681b37e93ceb87190df8bf93710b33c781fd2ef7689145ef2f39ef4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 03:56:19 GMT
Expires: Wed, 15 Feb 2023 03:56:18 GMT
Etag: "efb31cd86a76f4ddca3306266db80aa1a2879d34"
Cache-Control: max-age=510446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796a60298d3a1c02-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d52a3514189d091236692d2e22966d67
efb31cd86a76f4ddca3306266db80aa1a2879d34
d1edc6919681b37e93ceb87190df8bf93710b33c781fd2ef7689145ef2f39ef4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 03:56:19 GMT
Expires: Wed, 15 Feb 2023 03:56:18 GMT
Etag: "efb31cd86a76f4ddca3306266db80aa1a2879d34"
Cache-Control: max-age=510446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796a60298c720b65-OSL
js.wpshsdk.com/npc/sdk/common/core.js
45.133.44.24200 OK 93 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/common/core.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 81ac5110f69fe5de22eb93a45e76b879
bf3484de977240629b1a475db30822c8a2e689ae
91e33a501b488ee504a238797dc46c62b672ea316382660c0178958e83e18d6d
GET /npc/sdk/common/core.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Origin: https://shemalez.tube
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 Feb 2023 14:06:45 GMT
etag: W/"63e3ac75-1c052"
content-encoding: gzip
expires: Thu, 09 Feb 2023 06:03:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d52a3514189d091236692d2e22966d67
efb31cd86a76f4ddca3306266db80aa1a2879d34
d1edc6919681b37e93ceb87190df8bf93710b33c781fd2ef7689145ef2f39ef4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 03:56:19 GMT
Expires: Wed, 15 Feb 2023 03:56:18 GMT
Etag: "efb31cd86a76f4ddca3306266db80aa1a2879d34"
Cache-Control: max-age=510446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796a60298dd71c16-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d52a3514189d091236692d2e22966d67
efb31cd86a76f4ddca3306266db80aa1a2879d34
d1edc6919681b37e93ceb87190df8bf93710b33c781fd2ef7689145ef2f39ef4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 03:56:19 GMT
Expires: Wed, 15 Feb 2023 03:56:18 GMT
Etag: "efb31cd86a76f4ddca3306266db80aa1a2879d34"
Cache-Control: max-age=510446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796a60298f93b527-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d52a3514189d091236692d2e22966d67
efb31cd86a76f4ddca3306266db80aa1a2879d34
d1edc6919681b37e93ceb87190df8bf93710b33c781fd2ef7689145ef2f39ef4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 05:58:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 03:56:19 GMT
Expires: Wed, 15 Feb 2023 03:56:18 GMT
Etag: "efb31cd86a76f4ddca3306266db80aa1a2879d34"
Cache-Control: max-age=510446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796a60298d3c1c02-OSL
tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
46.4.114.55200 OK 6.2 kB URL HTTP/2 tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
IP 46.4.114.55:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4545)
Hash cd5147be2d654ccc79db76aa09f61302
6a5e3950ad7b19dc33fdf5fa070f6f9d6f512b78
4ac2cd1eec08d22cc79dfbaa38e6a316e0d4a61f88ba951554b33fc51dda021f
GET /iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/2/3/ea32f8cb893d5bf295824a48e280180608ed71.gif>; rel=preload; as=image
x-request-id: 3d55801db07b824f
set-cookie: ts_uid=a2c2c885-e576-45b1-9ed7-6e575db04756; expires=Wed, 09 Aug 2023 05:58:50 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMmjYiBGDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2bA6NJH; expires=Fri, 10 Feb 2023 05:58:50 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
46.4.114.55200 OK 36 kB URL HTTP/2 tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
IP 46.4.114.55:0
ASN #24940 Hetzner Online GmbH
Hash c9687922864397236f224313d6dfe9d4
16955e755b287b36abbf08a19c5994607c4e3aaf
cff0d8fb5045ea83cd6a5b768a202b6bd8ce01fb30c109efe1353f8c9eef0374
GET /iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/e/6/f3bb253dbb5674fdca83f5ac6675d1f35fc3c8.gif>; rel=preload; as=image
x-request-id: fb5db0f9525c8713
set-cookie: ts_uid=dae23ae6-6e6c-4d8f-8415-84249a6c5474; expires=Wed, 09 Aug 2023 05:58:50 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg; expires=Fri, 10 Feb 2023 05:58:50 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.254.252.211304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.254.252.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=dae23ae6-6e6c-4d8f-8415-84249a6c5474; bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 09 Feb 2023 05:58:51 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 29188068
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.254.252.211304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.254.252.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=e77204c6-7296-4328-9859-15da3e3b454c; bfq=APeIECNCx5YZMmjYiBGjRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2bA6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 09 Feb 2023 05:58:51 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 29188068
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/images/2/3/ea32f8cb893d5bf295824a48e280180608ed71.gif
8.254.252.211200 OK 42 kB URL HTTP/2 lcdn.tsyndicate.com/images/2/3/ea32f8cb893d5bf295824a48e280180608ed71.gif
IP 8.254.252.211:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash 37e801ae75125593b2473d775e869e20
72eecc4e11b1ba354e67582ed958180ca714285b
70446a82218f92f524f647e3d84e063dbb2c24f7266dff8140f99c277c8949c1
GET /images/2/3/ea32f8cb893d5bf295824a48e280180608ed71.gif HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=a2c2c885-e576-45b1-9ed7-6e575db04756; bfq=APeIECNCx5YZMmjYiBGDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2bA6NJH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: image/gif
content-length: 42187
etag: "63da1c24-a4cb"
last-modified: Wed, 01 Feb 2023 08:00:36 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 683742
accept-ranges: bytes
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.254.252.211304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.254.252.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=41bcf513-ec82-4f19-907e-c000ee330e3d; bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 09 Feb 2023 05:58:51 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 29188068
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHesGGjzIwYZFrUCJNjRgsaMczQaBGmjJgyLcbUMBNGzJgxZGrEuBFGxMM5YtKQUahji4gYNm7cqHEDBo4cNER0eRimzpiMMcbYqNFxxhiRZszAOGlmhpgWOVSaaZEzKw0xL2GUxOETIhk7FG3QkAHjIZw6YijKyHGDKhw4FGPkKPkTzkQde2PIuEGjr4gxbRDr0Emj8wyqZMxQfCjGjZuFM2TQsBEjBo2Hbdxg1DFDLg4bfmPPdt0ax8M6ctigrgED5QzcIurIyIiGDh04c3S8eCEHDhkxctbgcTHmTZsXVdqUeQPFTZI3R6zICHOnjZMqepg0gWIECx4aZorgkEMFz5IxNBAhQxJnxGFHEWnEEQccMdBxRw8vpOHGQXjE4AIcaMDxgxtl4NFDDFzUAQMMMthQBx1tfCEeGWnU0UYPnHnmQmqrtUZDiCOWSIccYYSVxhhfzPEGcGOU0YMcZOy4Bo4kmojiF3SUMQcdQn2oFw5NMVniiSkahN0bayDUAxU8-jjGFHSEkdAXMmjpZJehvSFHG2HQ0UNtMOAhA3FuchnkkHIU-aFiJbmpxxsc9hDZZJW5OQYbP65RpRtC3NBCFFDAYcMZZeCAxgxz4ACHE1msYUR9Q8yhRxhT6JEGFXHgcEcNQM35haRVJFFFEG7AYMYVUkSRQxxJzAAfDnUkcUUWebSBBxEUIpHDoWKQ0UQMaM0gR1J6aLFEG28goQUURfiKhBhvhOEEHkes4QQNODxxBgzkUfHGF2fkSoQUVaRRFxneZTQHQXSyUYYeLtABWBl1jVHnQlt8NJUIcAS6UA0wwYCcGKLpAIMLIzp0GRwpVnyVxyAXB4PIctihmWIPlTEGyQt9HPJvdfirA0QyjNEzDjjU0EIZTNlwUg1iYJtDGWRY2hFTNVxX3FI21JWGZiLkYGEOH-_lQkNRPSTHF1dnpLULXLvgNdh11dHTzk284SobbITxQg0gg4DCFRICfMccIDhBBQgx2LwDCHy7odfheCwOQssMrQxyCiAcIfMab7zAV-EwFB4DCEakIUcZZryBxwuF4w1DwyeL4MQTdcn5xU0ZvV4XG60X4cS_ZdjxxejCMcTUDTgch8OIYp9xmg57YvnQQb5jtxDQz_eu4htkLCTDbRWJQIYcb6D20BtEvUYx-HjksZD5o3c8kHPQSffCwGUUfHDCC79Q1xwtZwR-mnSQUwvq4IY00KEFinEBGZbzvNYd5AsLrAuK8rKUHMhABjOojUXasByGJKUGFsRgbY7XPYP8Tkpw-MLDPFjBC2bQMjV5jPdIVxU2TMQvuKvZQ8YwGxj0QQEBAQ%3D%3D&s=59c5b24a321f2c3ffeeacc5e8ad0beab835dfa157d9835da58db51ee54a435471675922330&w=t&r=1&d=25&priv=false
148.251.120.78200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHesGGjzIwYZFrUCJNjRgsaMczQaBGmjJgyLcbUMBNGzJgxZGrEuBFGxMM5YtKQUahji4gYNm7cqHEDBo4cNER0eRimzpiMMcbYqNFxxhiRZszAOGlmhpgWOVSaaZEzKw0xL2GUxOETIhk7FG3QkAHjIZw6YijKyHGDKhw4FGPkKPkTzkQde2PIuEGjr4gxbRDr0Emj8wyqZMxQfCjGjZuFM2TQsBEjBo2Hbdxg1DFDLg4bfmPPdt0ax8M6ctigrgED5QzcIurIyIiGDh04c3S8eCEHDhkxctbgcTHmTZsXVdqUeQPFTZI3R6zICHOnjZMqepg0gWIECx4aZorgkEMFz5IxNBAhQxJnxGFHEWnEEQccMdBxRw8vpOHGQXjE4AIcaMDxgxtl4NFDDFzUAQMMMthQBx1tfCEeGWnU0UYPnHnmQmqrtUZDiCOWSIccYYSVxhhfzPEGcGOU0YMcZOy4Bo4kmojiF3SUMQcdQn2oFw5NMVniiSkahN0bayDUAxU8-jjGFHSEkdAXMmjpZJehvSFHG2HQ0UNtMOAhA3FuchnkkHIU-aFiJbmpxxsc9hDZZJW5OQYbP65RpRtC3NBCFFDAYcMZZeCAxgxz4ACHE1msYUR9Q8yhRxhT6JEGFXHgcEcNQM35haRVJFFFEG7AYMYVUkSRQxxJzAAfDnUkcUUWebSBBxEUIpHDoWKQ0UQMaM0gR1J6aLFEG28goQUURfiKhBhvhOEEHkes4QQNODxxBgzkUfHGF2fkSoQUVaRRFxneZTQHQXSyUYYeLtABWBl1jVHnQlt8NJUIcAS6UA0wwYCcGKLpAIMLIzp0GRwpVnyVxyAXB4PIctihmWIPlTEGyQt9HPJvdfirA0QyjNEzDjjU0EIZTNlwUg1iYJtDGWRY2hFTNVxX3FI21JWGZiLkYGEOH-_lQkNRPSTHF1dnpLULXLvgNdh11dHTzk284SobbITxQg0gg4DCFRICfMccIDhBBQgx2LwDCHy7odfheCwOQssMrQxyCiAcIfMab7zAV-EwFB4DCEakIUcZZryBxwuF4w1DwyeL4MQTdcn5xU0ZvV4XG60X4cS_ZdjxxejCMcTUDTgch8OIYp9xmg57YvnQQb5jtxDQz_eu4htkLCTDbRWJQIYcb6D20BtEvUYx-HjksZD5o3c8kHPQSffCwGUUfHDCC79Q1xwtZwR-mnSQUwvq4IY00KEFinEBGZbzvNYd5AsLrAuK8rKUHMhABjOojUXasByGJKUGFsRgbY7XPYP8Tkpw-MLDPFjBC2bQMjV5jPdIVxU2TMQvuKvZQ8YwGxj0QQEBAQ%3D%3D&s=59c5b24a321f2c3ffeeacc5e8ad0beab835dfa157d9835da58db51ee54a435471675922330&w=t&r=1&d=25&priv=false
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHesGGjzIwYZFrUCJNjRgsaMczQaBGmjJgyLcbUMBNGzJgxZGrEuBFGxMM5YtKQUahji4gYNm7cqHEDBo4cNER0eRimzpiMMcbYqNFxxhiRZszAOGlmhpgWOVSaaZEzKw0xL2GUxOETIhk7FG3QkAHjIZw6YijKyHGDKhw4FGPkKPkTzkQde2PIuEGjr4gxbRDr0Emj8wyqZMxQfCjGjZuFM2TQsBEjBo2Hbdxg1DFDLg4bfmPPdt0ax8M6ctigrgED5QzcIurIyIiGDh04c3S8eCEHDhkxctbgcTHmTZsXVdqUeQPFTZI3R6zICHOnjZMqepg0gWIECx4aZorgkEMFz5IxNBAhQxJnxGFHEWnEEQccMdBxRw8vpOHGQXjE4AIcaMDxgxtl4NFDDFzUAQMMMthQBx1tfCEeGWnU0UYPnHnmQmqrtUZDiCOWSIccYYSVxhhfzPEGcGOU0YMcZOy4Bo4kmojiF3SUMQcdQn2oFw5NMVniiSkahN0bayDUAxU8-jjGFHSEkdAXMmjpZJehvSFHG2HQ0UNtMOAhA3FuchnkkHIU-aFiJbmpxxsc9hDZZJW5OQYbP65RpRtC3NBCFFDAYcMZZeCAxgxz4ACHE1msYUR9Q8yhRxhT6JEGFXHgcEcNQM35haRVJFFFEG7AYMYVUkSRQxxJzAAfDnUkcUUWebSBBxEUIpHDoWKQ0UQMaM0gR1J6aLFEG28goQUURfiKhBhvhOEEHkes4QQNODxxBgzkUfHGF2fkSoQUVaRRFxneZTQHQXSyUYYeLtABWBl1jVHnQlt8NJUIcAS6UA0wwYCcGKLpAIMLIzp0GRwpVnyVxyAXB4PIctihmWIPlTEGyQt9HPJvdfirA0QyjNEzDjjU0EIZTNlwUg1iYJtDGWRY2hFTNVxX3FI21JWGZiLkYGEOH-_lQkNRPSTHF1dnpLULXLvgNdh11dHTzk284SobbITxQg0gg4DCFRICfMccIDhBBQgx2LwDCHy7odfheCwOQssMrQxyCiAcIfMab7zAV-EwFB4DCEakIUcZZryBxwuF4w1DwyeL4MQTdcn5xU0ZvV4XG60X4cS_ZdjxxejCMcTUDTgch8OIYp9xmg57YvnQQb5jtxDQz_eu4htkLCTDbRWJQIYcb6D20BtEvUYx-HjksZD5o3c8kHPQSffCwGUUfHDCC79Q1xwtZwR-mnSQUwvq4IY00KEFinEBGZbzvNYd5AsLrAuK8rKUHMhABjOojUXasByGJKUGFsRgbY7XPYP8Tkpw-MLDPFjBC2bQMjV5jPdIVxU2TMQvuKvZQ8YwGxj0QQEBAQ%3D%3D&s=59c5b24a321f2c3ffeeacc5e8ad0beab835dfa157d9835da58db51ee54a435471675922330&w=t&r=1&d=25&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=41bcf513-ec82-4f19-907e-c000ee330e3d; bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XcEDNmhpkbMHK0gIGDBo4WNGCYCdMiR5gbN1rgEKOyDA4YZMjYeCni4Rwxacgo1LFFRAwbMGuAxJGDhoguD8PUGZMxTBgcMmKUMXPSI44ZKMXEAIvDjMeWMmTkmMFUTI2GNXpCJGOHog0aMmA8hFNHDEW1N6LCgUMxRo61PuFM1IE3howbKR-OaUNYx1samGdEJWOG4kMxbtwsnCGDho0YDR-2cYNRx4yQOGzsXd06Bg3UOB7WkcNmdA0Yt2cEFlFHRkY0dOjAmaPjxQs5cMiIkbMGj4sxb9q8qNKmzBsobpK8OWJFRpg7bZxU0cOkCRQjWPDQMFMEhxwqeJaMoUFERpIzcdhRRBpxxAFHDHTc0cMLabhxEB4xuAAHGnD84EYZePQQAxd1wACDDDbUQUcbX3RHRhp1tNHDZZm5QJppqNXAoYcg0iFHGGaYkcYYX8zxxm5jlNGDHGTYuMaMH4Y44hd0lDEHHUFpeBcOICEJoogkGjTdG2sg1AMVN-a44xR0hJHQFzJYqWSWnL0hRxth0NHDazDgIcNvamLZ449yBKmhYWupqccbF_bQ2GMpqTkGGzuuESURT4whBg1x5BFDGk3QcMMRWdgwhgx53HDGoKEm0QIaR9zQRBpIwFAHHizpcUURWARoxBh2XAGFHjAgccMVYdiRgw1k3LFEDVI04YYWONyhBRVlaDFHEHXUQagVUkxhhBNzzHFHGkW0kIYUbolBxRR4rIHGGCi2EQUWaMAQhRFlzHAGDF-cUUUSREhRRRpykZFdRnMQBCcbZejhAh19lSHXGHEutMUMMUAlAhx9LlRDGSPJJoIYnekAgwseOiTCGHCQiDFVIpMMHAwmy2FHZYY9VAbKbSw0csm61QGwDiKUAVNeNIxhQws3qHU0DaSdlAMONYjUEBlhzFDvpDUULVcalYmQQ4Q5jIyXCw059ZAcX3Cd0dcuhO3C2GXLVUcYGTXxhh5psMFGGC_UQDIIKFzRoMB3zAGCE1SAEMPOO4AguBt3NY5H5CDIzBDMJKcAwhE3r_HGC3ktDsPiMYBgRBpybPUGHi8s7jcMD7MsghNPyOXmF2PITrtcbMhehBMBl2HHF6n3xpBSN3xlw016iSDHGaLpcCeVDx00_HQL4ZCbCNaX-AYZC8kQW0Xcy_HGaA-9MRQNe5mPRx4Lse_8Vsclt1xzLxRcxsEJL9zwC3KZg8wyYr4y0cFNLaiDG9JAhxZkxQVkME71ZHeQL0RQLiOyyw2ilpYZvMYibTAOQ5DCQRl4kCQ32QzxnASHL0RshBvMQQc_CBExLIZ7W5EKGyayl97pTDKtgUEfFBAQ&s=28ae9d36e877516d867bd3eaf15b741c71932aab3a9c3205f10afcb1ecb6ac8c1675922330&w=t&r=1&d=11&priv=false
148.251.120.78200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XcEDNmhpkbMHK0gIGDBo4WNGCYCdMiR5gbN1rgEKOyDA4YZMjYeCni4Rwxacgo1LFFRAwbMGuAxJGDhoguD8PUGZMxTBgcMmKUMXPSI44ZKMXEAIvDjMeWMmTkmMFUTI2GNXpCJGOHog0aMmA8hFNHDEW1N6LCgUMxRo61PuFM1IE3howbKR-OaUNYx1samGdEJWOG4kMxbtwsnCGDho0YDR-2cYNRx4yQOGzsXd06Bg3UOB7WkcNmdA0Yt2cEFlFHRkY0dOjAmaPjxQs5cMiIkbMGj4sxb9q8qNKmzBsobpK8OWJFRpg7bZxU0cOkCRQjWPDQMFMEhxwqeJaMoUFERpIzcdhRRBpxxAFHDHTc0cMLabhxEB4xuAAHGnD84EYZePQQAxd1wACDDDbUQUcbX3RHRhp1tNHDZZm5QJppqNXAoYcg0iFHGGaYkcYYX8zxxm5jlNGDHGTYuMaMH4Y44hd0lDEHHUFpeBcOICEJoogkGjTdG2sg1AMVN-a44xR0hJHQFzJYqWSWnL0hRxth0NHDazDgIcNvamLZ449yBKmhYWupqccbF_bQ2GMpqTkGGzuuESURT4whBg1x5BFDGk3QcMMRWdgwhgx53HDGoKEm0QIaR9zQRBpIwFAHHizpcUURWARoxBh2XAGFHjAgccMVYdiRgw1k3LFEDVI04YYWONyhBRVlaDFHEHXUQagVUkxhhBNzzHFHGkW0kIYUbolBxRR4rIHGGCi2EQUWaMAQhRFlzHAGDF-cUUUSREhRRRpykZFdRnMQBCcbZejhAh19lSHXGHEutMUMMUAlAhx9LlRDGSPJJoIYnekAgwseOiTCGHCQiDFVIpMMHAwmy2FHZYY9VAbKbSw0csm61QGwDiKUAVNeNIxhQws3qHU0DaSdlAMONYjUEBlhzFDvpDUULVcalYmQQ4Q5jIyXCw059ZAcX3Cd0dcuhO3C2GXLVUcYGTXxhh5psMFGGC_UQDIIKFzRoMB3zAGCE1SAEMPOO4AguBt3NY5H5CDIzBDMJKcAwhE3r_HGC3ktDsPiMYBgRBpybPUGHi8s7jcMD7MsghNPyOXmF2PITrtcbMhehBMBl2HHF6n3xpBSN3xlw016iSDHGaLpcCeVDx00_HQL4ZCbCNaX-AYZC8kQW0Xcy_HGaA-9MRQNe5mPRx4Lse_8Vsclt1xzLxRcxsEJL9zwC3KZg8wyYr4y0cFNLaiDG9JAhxZkxQVkME71ZHeQL0RQLiOyyw2ilpYZvMYibTAOQ5DCQRl4kCQ32QzxnASHL0RshBvMQQc_CBExLIZ7W5EKGyayl97pTDKtgUEfFBAQ&s=28ae9d36e877516d867bd3eaf15b741c71932aab3a9c3205f10afcb1ecb6ac8c1675922330&w=t&r=1&d=11&priv=false
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XcEDNmhpkbMHK0gIGDBo4WNGCYCdMiR5gbN1rgEKOyDA4YZMjYeCni4Rwxacgo1LFFRAwbMGuAxJGDhoguD8PUGZMxTBgcMmKUMXPSI44ZKMXEAIvDjMeWMmTkmMFUTI2GNXpCJGOHog0aMmA8hFNHDEW1N6LCgUMxRo61PuFM1IE3howbKR-OaUNYx1samGdEJWOG4kMxbtwsnCGDho0YDR-2cYNRx4yQOGzsXd06Bg3UOB7WkcNmdA0Yt2cEFlFHRkY0dOjAmaPjxQs5cMiIkbMGj4sxb9q8qNKmzBsobpK8OWJFRpg7bZxU0cOkCRQjWPDQMFMEhxwqeJaMoUFERpIzcdhRRBpxxAFHDHTc0cMLabhxEB4xuAAHGnD84EYZePQQAxd1wACDDDbUQUcbX3RHRhp1tNHDZZm5QJppqNXAoYcg0iFHGGaYkcYYX8zxxm5jlNGDHGTYuMaMH4Y44hd0lDEHHUFpeBcOICEJoogkGjTdG2sg1AMVN-a44xR0hJHQFzJYqWSWnL0hRxth0NHDazDgIcNvamLZ449yBKmhYWupqccbF_bQ2GMpqTkGGzuuESURT4whBg1x5BFDGk3QcMMRWdgwhgx53HDGoKEm0QIaR9zQRBpIwFAHHizpcUURWARoxBh2XAGFHjAgccMVYdiRgw1k3LFEDVI04YYWONyhBRVlaDFHEHXUQagVUkxhhBNzzHFHGkW0kIYUbolBxRR4rIHGGCi2EQUWaMAQhRFlzHAGDF-cUUUSREhRRRpykZFdRnMQBCcbZejhAh19lSHXGHEutMUMMUAlAhx9LlRDGSPJJoIYnekAgwseOiTCGHCQiDFVIpMMHAwmy2FHZYY9VAbKbSw0csm61QGwDiKUAVNeNIxhQws3qHU0DaSdlAMONYjUEBlhzFDvpDUULVcalYmQQ4Q5jIyXCw059ZAcX3Cd0dcuhO3C2GXLVUcYGTXxhh5psMFGGC_UQDIIKFzRoMB3zAGCE1SAEMPOO4AguBt3NY5H5CDIzBDMJKcAwhE3r_HGC3ktDsPiMYBgRBpybPUGHi8s7jcMD7MsghNPyOXmF2PITrtcbMhehBMBl2HHF6n3xpBSN3xlw016iSDHGaLpcCeVDx00_HQL4ZCbCNaX-AYZC8kQW0Xcy_HGaA-9MRQNe5mPRx4Lse_8Vsclt1xzLxRcxsEJL9zwC3KZg8wyYr4y0cFNLaiDG9JAhxZkxQVkME71ZHeQL0RQLiOyyw2ilpYZvMYibTAOQ5DCQRl4kCQ32QzxnASHL0RshBvMQQc_CBExLIZ7W5EKGyayl97pTDKtgUEfFBAQ&s=28ae9d36e877516d867bd3eaf15b741c71932aab3a9c3205f10afcb1ecb6ac8c1675922330&w=t&r=1&d=11&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=41bcf513-ec82-4f19-907e-c000ee330e3d; bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XYkCFGzA0cNWq0oBEjjIyRNMyUaZEjjBgzLUqasWGGBowaYsjEoCHi4Rwxacgo1LFFRAwbN27UuAEDRw6eXR6GqTMm4wwaNkzWIDOmBY4xOW6MtJHVaxgzOFowLZM1zIwYHsnM6AmRjB2KNmjIgPEQTh0xFGWElQoHDsUYOXLM8Alnog69MWTcsPlwTBvDOmrspEFjcV0zFB-KceNm4QwZWCPzFdHGDUYdM2DkwGGjb-vXO2PEwPGwjhw2pmvAIKm3t4yMaOjQgTNHx4sXcuCQESNnDR4XY960eVGlTZk3UNwkeXPEiowwd9o4qaKHSRMoRrDgSVkEhxwqeJaMoUFERpIzcdhRRBpxxAFHDHTc0cMLabhxEB4xuAAHGnD84EYZePQQAxd1wACDDDbUQUcbX3hHRhp1tNGDZpx15sJpqe3FoYcg0iHHWWakMcYXc7zh2xhl9CAHGTauMeOHIY74BR1lzEFHUBrmhQNTR4IoIokGUffGGgj1QMWNZuQ4xhR0hJHQFzJUmSSWZJjxhhxthEFHD7HBgIcMwql5JY8-ygGkhogppqYeb1zYA2SS2aTmGGzouAaUZywBBw5m1LEGDmwwcUYWeBAhRRBx2IDFEzg4scYbaRxxBA4zhHGFHTYQYYMTZGBxhwxkqEHFF0zoxwYVZmihxBdKKDGEFEPIQMcSMNRRRw3zUREHV2jEwEQV7s3xxB0w5EFQGUjQEcQNT6hhRxXJPdHGFU7EcQMaV7gxhYBzlDTHEF-cUUUSnlaRBl1kaJfRHATFyUYZerhAx19l0DWGnAtt8VZUIsDh50I1rARDbSK8tBAMLnjokAhjwEGixVXpALKHNo0shx2YIfZQGSW38XHIN_VWx786iEBGGGXI0CpbLdjAVlc0kEGpVySJhINeNLRkwxg10DAZXWlgJkIOEeYAsl4uNMTTQ3J8kXVGXLvgtQtgi01XHWFk1MQbeqTBBhthvFBDyCCgcEWDAd8xBwhOUAFCDCvvAMLfbuSlOB6Og_AyQzeFnAIIR9B86gt7IQ4D4jGAYEQacpThJh4vIL43DA6nLIITT9D15hdjuA47XWy4XoQTAJdhxxelA8fQUh_NYAMOHpJ9Rmk64DnlQwf9Tt1COPDms-8lvkHGQjLQVpHPcrxh2kNvDEVDX-HjkcdC54tQOmg9J7dcc88RXIbBCCvM8At0zfFyRuErEx3e1II6uCENdIhJhMhwHOi57iBfYCBdRoQXpeRABkKLjUXacByGIKUGF8ygbIpTF-A1CQ5fgJgHLYjBGWgQImJwzPXMMBU2TKQvuftYZV4Dgz4oICA%3D&s=2f5143a8fd1e10c01a49b49ab13853af28086233d7a6d15573521155f5af99541675922330&w=t&r=1&d=8&priv=false
148.251.120.78200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XYkCFGzA0cNWq0oBEjjIyRNMyUaZEjjBgzLUqasWGGBowaYsjEoCHi4Rwxacgo1LFFRAwbN27UuAEDRw6eXR6GqTMm4wwaNkzWIDOmBY4xOW6MtJHVaxgzOFowLZM1zIwYHsnM6AmRjB2KNmjIgPEQTh0xFGWElQoHDsUYOXLM8Alnog69MWTcsPlwTBvDOmrspEFjcV0zFB-KceNm4QwZWCPzFdHGDUYdM2DkwGGjb-vXO2PEwPGwjhw2pmvAIKm3t4yMaOjQgTNHx4sXcuCQESNnDR4XY960eVGlTZk3UNwkeXPEiowwd9o4qaKHSRMoRrDgSVkEhxwqeJaMoUFERpIzcdhRRBpxxAFHDHTc0cMLabhxEB4xuAAHGnD84EYZePQQAxd1wACDDDbUQUcbX3hHRhp1tNGDZpx15sJpqe3FoYcg0iHHWWakMcYXc7zh2xhl9CAHGTauMeOHIY74BR1lzEFHUBrmhQNTR4IoIokGUffGGgj1QMWNZuQ4xhR0hJHQFzJUmSSWZJjxhhxthEFHD7HBgIcMwql5JY8-ygGkhogppqYeb1zYA2SS2aTmGGzouAaUZywBBw5m1LEGDmwwcUYWeBAhRRBx2IDFEzg4scYbaRxxBA4zhHGFHTYQYYMTZGBxhwxkqEHFF0zoxwYVZmihxBdKKDGEFEPIQMcSMNRRRw3zUREHV2jEwEQV7s3xxB0w5EFQGUjQEcQNT6hhRxXJPdHGFU7EcQMaV7gxhYBzlDTHEF-cUUUSnlaRBl1kaJfRHATFyUYZerhAx19l0DWGnAtt8VZUIsDh50I1rARDbSK8tBAMLnjokAhjwEGixVXpALKHNo0shx2YIfZQGSW38XHIN_VWx786iEBGGGXI0CpbLdjAVlc0kEGpVySJhINeNLRkwxg10DAZXWlgJkIOEeYAsl4uNMTTQ3J8kXVGXLvgtQtgi01XHWFk1MQbeqTBBhthvFBDyCCgcEWDAd8xBwhOUAFCDCvvAMLfbuSlOB6Og_AyQzeFnAIIR9B86gt7IQ4D4jGAYEQacpThJh4vIL43DA6nLIITT9D15hdjuA47XWy4XoQTAJdhxxelA8fQUh_NYAMOHpJ9Rmk64DnlQwf9Tt1COPDms-8lvkHGQjLQVpHPcrxh2kNvDEVDX-HjkcdC54tQOmg9J7dcc88RXIbBCCvM8At0zfFyRuErEx3e1II6uCENdIhJhMhwHOi57iBfYCBdRoQXpeRABkKLjUXacByGIKUGF8ygbIpTF-A1CQ5fgJgHLYjBGWgQImJwzPXMMBU2TKQvuftYZV4Dgz4oICA%3D&s=2f5143a8fd1e10c01a49b49ab13853af28086233d7a6d15573521155f5af99541675922330&w=t&r=1&d=8&priv=false
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XYkCFGzA0cNWq0oBEjjIyRNMyUaZEjjBgzLUqasWGGBowaYsjEoCHi4Rwxacgo1LFFRAwbN27UuAEDRw6eXR6GqTMm4wwaNkzWIDOmBY4xOW6MtJHVaxgzOFowLZM1zIwYHsnM6AmRjB2KNmjIgPEQTh0xFGWElQoHDsUYOXLM8Alnog69MWTcsPlwTBvDOmrspEFjcV0zFB-KceNm4QwZWCPzFdHGDUYdM2DkwGGjb-vXO2PEwPGwjhw2pmvAIKm3t4yMaOjQgTNHx4sXcuCQESNnDR4XY960eVGlTZk3UNwkeXPEiowwd9o4qaKHSRMoRrDgSVkEhxwqeJaMoUFERpIzcdhRRBpxxAFHDHTc0cMLabhxEB4xuAAHGnD84EYZePQQAxd1wACDDDbUQUcbX3hHRhp1tNGDZpx15sJpqe3FoYcg0iHHWWakMcYXc7zh2xhl9CAHGTauMeOHIY74BR1lzEFHUBrmhQNTR4IoIokGUffGGgj1QMWNZuQ4xhR0hJHQFzJUmSSWZJjxhhxthEFHD7HBgIcMwql5JY8-ygGkhogppqYeb1zYA2SS2aTmGGzouAaUZywBBw5m1LEGDmwwcUYWeBAhRRBx2IDFEzg4scYbaRxxBA4zhHGFHTYQYYMTZGBxhwxkqEHFF0zoxwYVZmihxBdKKDGEFEPIQMcSMNRRRw3zUREHV2jEwEQV7s3xxB0w5EFQGUjQEcQNT6hhRxXJPdHGFU7EcQMaV7gxhYBzlDTHEF-cUUUSnlaRBl1kaJfRHATFyUYZerhAx19l0DWGnAtt8VZUIsDh50I1rARDbSK8tBAMLnjokAhjwEGixVXpALKHNo0shx2YIfZQGSW38XHIN_VWx786iEBGGGXI0CpbLdjAVlc0kEGpVySJhINeNLRkwxg10DAZXWlgJkIOEeYAsl4uNMTTQ3J8kXVGXLvgtQtgi01XHWFk1MQbeqTBBhthvFBDyCCgcEWDAd8xBwhOUAFCDCvvAMLfbuSlOB6Og_AyQzeFnAIIR9B86gt7IQ4D4jGAYEQacpThJh4vIL43DA6nLIITT9D15hdjuA47XWy4XoQTAJdhxxelA8fQUh_NYAMOHpJ9Rmk64DnlQwf9Tt1COPDms-8lvkHGQjLQVpHPcrxh2kNvDEVDX-HjkcdC54tQOmg9J7dcc88RXIbBCCvM8At0zfFyRuErEx3e1II6uCENdIhJhMhwHOi57iBfYCBdRoQXpeRABkKLjUXacByGIKUGF8ygbIpTF-A1CQ5fgJgHLYjBGWgQImJwzPXMMBU2TKQvuftYZV4Dgz4oICA%3D&s=2f5143a8fd1e10c01a49b49ab13853af28086233d7a6d15573521155f5af99541675922330&w=t&r=1&d=8&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=41bcf513-ec82-4f19-907e-c000ee330e3d; bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQGGNDRhkyNWq0IDODhowWNMjAsNEih8cxKMnggHFjTI4yN2bYuCHi4Rwxacgo1LFFRIydN2rcgIEjBw0RXR6GqTMm4w0aZmDkuEGGRssxN8qgnCEGRwscZnS2EGMmB4wwOcyEyVrDTE-IZOxQtGESxkM4dcRQlLFVKhw4FGPkyDHDJ5yJOkzGkHHVr4gxbRDrqBGDhufGeO0yfCjGjZuFM2TQsDHZchs3GHXM0IrDxt_XsTvHiIHjYR05bFDXgEGjswzfMjKioUMHzhwdL17IgUNGjJw1eFyMedPmRZU2Zd5AcZPkzRErMsLcaeOkih4mTaAYwYIHaxEccqjgWTKGBhEZSZwRhx1FpBFHHHDEQMcdPbyQhhsH4RGDC3CgAccPbpSBRw8xcFEHDDDIYEMddLTxBXhkpFFHGz1w5hkNM7iQ2mqteQiiiHTIMZcZaYzxxRxv_DZGGT3IQUaOa9gY4oglfkFHGXPQERSHfOGwlJIikmiiQda9sQZCPVChoxk8jjEFHWEk9IUMWDK5JRlmvCFHG2HQ0cNsMOAhw3BtavljkHIMyaFijLWpxxsZ9iAZZTTA0OYYbPS4xpRTjJFGDEOwkQMZLcQAxRc4rDHDGFLIIEQLVYhBhBVZ2LDcG3iw0UIcUGRRBRtMfIGHEDCIAUOQaNhBRRJNrEEHDXYEQcaHU2jxBhpJgGREElrI8QSoSLzhRBpLHNHGFGUEoUcbdKCRBRRP3FHGF3fMIQMMRZiBBg5ZDHFHGkzYUQccb9RgxxdnVJEEEVJUkcZdZHCX0RwE0clGGXq4QEdgZdw1Rp0LbTFDDFGJAEegC9Ug1kqkiQaDCyA6dBkcJn5clQ4ng9ioynLYoZliD5UxBssLxQyDynXUcbAOGsUgxhhmcDZDCzrjcBJWirVEk1hjgAhDGWXMMFvWZNyVhmYi5DChWy6Y5EJDTz0kxxdfZyS2C2SbjfZddYSRURNv6JEGG2yE8UINKIOAwhUPJtwuCE5QAUIMMe8AAuFu8OU4HpKDUDNDP6OcAghH6LzGGy-8yzgMjMcAghFpyFFGnHi8wDjgMFj8sghOPHGXnF-MMXvtd7ExexFOIFzGv6oHx5BSN-Cg00yWyXHGaTrsaeVDB_1r3UI49CZC9Se-0XX0tVW0vRxvoPbQG0PR8Bf5eOSxkPoiqC7aQMw5B90LDJfhMMQSU_zCXXOoWUbIhyY6yKkFdXBDGujQKRm4gAzJod7sDvIFCN6lRHtJiktkoDXLlCg5DNlJDTbYwRzUAH4G-YLq5gCHL2AshBqUAQdnIxUxQGZ7q5sKGybyF9_17CFjiA0M-qCAgAA%3D&s=3068eee3c60c04de429e68768addfa51b91a9acd82e82a9293079ff38e24a03d1675922330&w=t&r=1&d=4&priv=false
148.251.120.78200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQGGNDRhkyNWq0IDODhowWNMjAsNEih8cxKMnggHFjTI4yN2bYuCHi4Rwxacgo1LFFRIydN2rcgIEjBw0RXR6GqTMm4w0aZmDkuEGGRssxN8qgnCEGRwscZnS2EGMmB4wwOcyEyVrDTE-IZOxQtGESxkM4dcRQlLFVKhw4FGPkyDHDJ5yJOkzGkHHVr4gxbRDrqBGDhufGeO0yfCjGjZuFM2TQsDHZchs3GHXM0IrDxt_XsTvHiIHjYR05bFDXgEGjswzfMjKioUMHzhwdL17IgUNGjJw1eFyMedPmRZU2Zd5AcZPkzRErMsLcaeOkih4mTaAYwYIHaxEccqjgWTKGBhEZSZwRhx1FpBFHHHDEQMcdPbyQhhsH4RGDC3CgAccPbpSBRw8xcFEHDDDIYEMddLTxBXhkpFFHGz1w5hkNM7iQ2mqteQiiiHTIMZcZaYzxxRxv_DZGGT3IQUaOa9gY4oglfkFHGXPQERSHfOGwlJIikmiiQda9sQZCPVChoxk8jjEFHWEk9IUMWDK5JRlmvCFHG2HQ0cNsMOAhw3BtavljkHIMyaFijLWpxxsZ9iAZZTTA0OYYbPS4xpRTjJFGDEOwkQMZLcQAxRc4rDHDGFLIIEQLVYhBhBVZ2LDcG3iw0UIcUGRRBRtMfIGHEDCIAUOQaNhBRRJNrEEHDXYEQcaHU2jxBhpJgGREElrI8QSoSLzhRBpLHNHGFGUEoUcbdKCRBRRP3FHGF3fMIQMMRZiBBg5ZDHFHGkzYUQccb9RgxxdnVJEEEVJUkcZdZHCX0RwE0clGGXq4QEdgZdw1Rp0LbTFDDFGJAEegC9Ug1kqkiQaDCyA6dBkcJn5clQ4ng9ioynLYoZliD5UxBssLxQyDynXUcbAOGsUgxhhmcDZDCzrjcBJWirVEk1hjgAhDGWXMMFvWZNyVhmYi5DChWy6Y5EJDTz0kxxdfZyS2C2SbjfZddYSRURNv6JEGG2yE8UINKIOAwhUPJtwuCE5QAUIMMe8AAuFu8OU4HpKDUDNDP6OcAghH6LzGGy-8yzgMjMcAghFpyFFGnHi8wDjgMFj8sghOPHGXnF-MMXvtd7ExexFOIFzGv6oHx5BSN-Cg00yWyXHGaTrsaeVDB_1r3UI49CZC9Se-0XX0tVW0vRxvoPbQG0PR8Bf5eOSxkPoiqC7aQMw5B90LDJfhMMQSU_zCXXOoWUbIhyY6yKkFdXBDGujQKRm4gAzJod7sDvIFCN6lRHtJiktkoDXLlCg5DNlJDTbYwRzUAH4G-YLq5gCHL2AshBqUAQdnIxUxQGZ7q5sKGybyF9_17CFjiA0M-qCAgAA%3D&s=3068eee3c60c04de429e68768addfa51b91a9acd82e82a9293079ff38e24a03d1675922330&w=t&r=1&d=4&priv=false
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQGGNDRhkyNWq0IDODhowWNMjAsNEih8cxKMnggHFjTI4yN2bYuCHi4Rwxacgo1LFFRIydN2rcgIEjBw0RXR6GqTMm4w0aZmDkuEGGRssxN8qgnCEGRwscZnS2EGMmB4wwOcyEyVrDTE-IZOxQtGESxkM4dcRQlLFVKhw4FGPkyDHDJ5yJOkzGkHHVr4gxbRDrqBGDhufGeO0yfCjGjZuFM2TQsDHZchs3GHXM0IrDxt_XsTvHiIHjYR05bFDXgEGjswzfMjKioUMHzhwdL17IgUNGjJw1eFyMedPmRZU2Zd5AcZPkzRErMsLcaeOkih4mTaAYwYIHaxEccqjgWTKGBhEZSZwRhx1FpBFHHHDEQMcdPbyQhhsH4RGDC3CgAccPbpSBRw8xcFEHDDDIYEMddLTxBXhkpFFHGz1w5hkNM7iQ2mqteQiiiHTIMZcZaYzxxRxv_DZGGT3IQUaOa9gY4oglfkFHGXPQERSHfOGwlJIikmiiQda9sQZCPVChoxk8jjEFHWEk9IUMWDK5JRlmvCFHG2HQ0cNsMOAhw3BtavljkHIMyaFijLWpxxsZ9iAZZTTA0OYYbPS4xpRTjJFGDEOwkQMZLcQAxRc4rDHDGFLIIEQLVYhBhBVZ2LDcG3iw0UIcUGRRBRtMfIGHEDCIAUOQaNhBRRJNrEEHDXYEQcaHU2jxBhpJgGREElrI8QSoSLzhRBpLHNHGFGUEoUcbdKCRBRRP3FHGF3fMIQMMRZiBBg5ZDHFHGkzYUQccb9RgxxdnVJEEEVJUkcZdZHCX0RwE0clGGXq4QEdgZdw1Rp0LbTFDDFGJAEegC9Ug1kqkiQaDCyA6dBkcJn5clQ4ng9ioynLYoZliD5UxBssLxQyDynXUcbAOGsUgxhhmcDZDCzrjcBJWirVEk1hjgAhDGWXMMFvWZNyVhmYi5DChWy6Y5EJDTz0kxxdfZyS2C2SbjfZddYSRURNv6JEGG2yE8UINKIOAwhUPJtwuCE5QAUIMMe8AAuFu8OU4HpKDUDNDP6OcAghH6LzGGy-8yzgMjMcAghFpyFFGnHi8wDjgMFj8sghOPHGXnF-MMXvtd7ExexFOIFzGv6oHx5BSN-Cg00yWyXHGaTrsaeVDB_1r3UI49CZC9Se-0XX0tVW0vRxvoPbQG0PR8Bf5eOSxkPoiqC7aQMw5B90LDJfhMMQSU_zCXXOoWUbIhyY6yKkFdXBDGujQKRm4gAzJod7sDvIFCN6lRHtJiktkoDXLlCg5DNlJDTbYwRzUAH4G-YLq5gCHL2AshBqUAQdnIxUxQGZ7q5sKGybyF9_17CFjiA0M-qCAgAA%3D&s=3068eee3c60c04de429e68768addfa51b91a9acd82e82a9293079ff38e24a03d1675922330&w=t&r=1&d=4&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=41bcf513-ec82-4f19-907e-c000ee330e3d; bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
9028b77447.a5acd46254.com/in/multy
157.90.84.246200 OK 18 kB URL HTTP/2 9028b77447.a5acd46254.com/in/multy
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (18406), with no line terminators
Hash a77f96d869070b9f9d113a8d1e6b971f
0b41a8371e20317612bfcab3803e72cc8dd27fd9
32f0ebb4b9a809fbb4ebcbdaeed825e7a48104f4add7ffdbc1f8a1d3e46e24e4
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: 9028b77447.a5acd46254.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1203
Origin: https://shemalez.tube
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: application/json
content-length: 18409
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
9028b77447.a5acd46254.com/in/show/?mid=4312668318917353027&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=138611283&sid=2704218273&cid=10289&price=0&is_cpm=1&cpm=1.341&ecpm=1.3068045&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.25.0&ver_c=&refdom=shemalez.tube&hostname=auc-inpage-hz-5-a&site_id=31490&spot_id=490&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-09&is_native=3&auction_queue=0&burl=noQWtCTbaqI4EuqbqldwaVJhX2AptPqhl2NecdEecJoV_X1vip3KrQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=31490&adblock=0&auction_host=apply&mm=0&yc=0&render_type=hq&campaign_type=lq-pop-ext&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.01322957226147174&placement_type_id=7&skin_test=0&verify_hash=f5adcfe268758b2d708d88b02b0e879d&score=67.0063466579106&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D138611283%26spot_id%3D490%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26idzone%3D4438158%26sid%3D1886&ml=&tag_ab=b&original_bid=1.341&user_fp=14631201315374251416&v2=0&pop_type=1&space_id=1886&verify_hash=f5adcfe268758b2d708d88b02b0e879d&real_bid=1.3068045&skin_id=4&vertical_id=0&stratagem=&accel=&gyr=&iabcat=IAB25-3&ip_mismatch=false&ssp=&rc=&v2_track=0&otype=&mn=&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=DEwP44r5Y79_CynRAypFu1OaNIdaBf_E7du5xpL0Cju263t2HixRw0c2tZLDXIuevIQdyea1g2ykmKqPeuuzpjATY4uj5QyJl01ONqnGgwwwQaYCQRbuI7k91sY4C5w1Owg2-QhPGbUKxmxSM3tK1K_g_NPj9QlfPfeMnpULwYRZV3W-sg&pop_price=0.0013068045&pop_real_bid=0.0013068045&pop_ecpm=0.030965306685436483&auc_type=1&pr=&user_keywords=&device_theme=light&label_ids=123,4,0&conditions=all,dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=1a701806-d981-4b32-a143-7030d9586907&mlc=1&format=social-scale-b_r-body
157.90.84.246200 OK 0 B URL HTTP/2 9028b77447.a5acd46254.com/in/show/?mid=4312668318917353027&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=138611283&sid=2704218273&cid=10289&price=0&is_cpm=1&cpm=1.341&ecpm=1.3068045&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.25.0&ver_c=&refdom=shemalez.tube&hostname=auc-inpage-hz-5-a&site_id=31490&spot_id=490&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-09&is_native=3&auction_queue=0&burl=noQWtCTbaqI4EuqbqldwaVJhX2AptPqhl2NecdEecJoV_X1vip3KrQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=31490&adblock=0&auction_host=apply&mm=0&yc=0&render_type=hq&campaign_type=lq-pop-ext&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.01322957226147174&placement_type_id=7&skin_test=0&verify_hash=f5adcfe268758b2d708d88b02b0e879d&score=67.0063466579106&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D138611283%26spot_id%3D490%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26idzone%3D4438158%26sid%3D1886&ml=&tag_ab=b&original_bid=1.341&user_fp=14631201315374251416&v2=0&pop_type=1&space_id=1886&verify_hash=f5adcfe268758b2d708d88b02b0e879d&real_bid=1.3068045&skin_id=4&vertical_id=0&stratagem=&accel=&gyr=&iabcat=IAB25-3&ip_mismatch=false&ssp=&rc=&v2_track=0&otype=&mn=&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=DEwP44r5Y79_CynRAypFu1OaNIdaBf_E7du5xpL0Cju263t2HixRw0c2tZLDXIuevIQdyea1g2ykmKqPeuuzpjATY4uj5QyJl01ONqnGgwwwQaYCQRbuI7k91sY4C5w1Owg2-QhPGbUKxmxSM3tK1K_g_NPj9QlfPfeMnpULwYRZV3W-sg&pop_price=0.0013068045&pop_real_bid=0.0013068045&pop_ecpm=0.030965306685436483&auc_type=1&pr=&user_keywords=&device_theme=light&label_ids=123,4,0&conditions=all,dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=1a701806-d981-4b32-a143-7030d9586907&mlc=1&format=social-scale-b_r-body
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=4312668318917353027&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=138611283&sid=2704218273&cid=10289&price=0&is_cpm=1&cpm=1.341&ecpm=1.3068045&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.25.0&ver_c=&refdom=shemalez.tube&hostname=auc-inpage-hz-5-a&site_id=31490&spot_id=490&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-02-09&is_native=3&auction_queue=0&burl=noQWtCTbaqI4EuqbqldwaVJhX2AptPqhl2NecdEecJoV_X1vip3KrQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=31490&adblock=0&auction_host=apply&mm=0&yc=0&render_type=hq&campaign_type=lq-pop-ext&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.01322957226147174&placement_type_id=7&skin_test=0&verify_hash=f5adcfe268758b2d708d88b02b0e879d&score=67.0063466579106&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D138611283%26spot_id%3D490%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26idzone%3D4438158%26sid%3D1886&ml=&tag_ab=b&original_bid=1.341&user_fp=14631201315374251416&v2=0&pop_type=1&space_id=1886&verify_hash=f5adcfe268758b2d708d88b02b0e879d&real_bid=1.3068045&skin_id=4&vertical_id=0&stratagem=&accel=&gyr=&iabcat=IAB25-3&ip_mismatch=false&ssp=&rc=&v2_track=0&otype=&mn=&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=DEwP44r5Y79_CynRAypFu1OaNIdaBf_E7du5xpL0Cju263t2HixRw0c2tZLDXIuevIQdyea1g2ykmKqPeuuzpjATY4uj5QyJl01ONqnGgwwwQaYCQRbuI7k91sY4C5w1Owg2-QhPGbUKxmxSM3tK1K_g_NPj9QlfPfeMnpULwYRZV3W-sg&pop_price=0.0013068045&pop_real_bid=0.0013068045&pop_ecpm=0.030965306685436483&auc_type=1&pr=&user_keywords=&device_theme=light&label_ids=123,4,0&conditions=all,dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=1a701806-d981-4b32-a143-7030d9586907&mlc=1&format=social-scale-b_r-body HTTP/1.1
Host: 9028b77447.a5acd46254.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
9028b77447.a5acd46254.com/in/show/?mid=4312668318917353027&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=138611283&sid=2704218273&cid=2703&price=0.014&is_cpm=0&cpm=0&ecpm=0.08921423333011676&crid=49675&crtid=c749e815f15eae14d8075c784a574be8&tcid=0&out_id=0&ver=8.25.0&ver_c=&refdom=shemalez.tube&hostname=auc-inpage-hz-5-a&site_id=31490&spot_id=490&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675979930&created_at=2023-02-09&is_native=1&auction_queue=0&burl=RoQ-zzFcU0AJoHkgUwQmZ2g5zuDYOYdsR9g87_9gkWn45W45m800Mw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=73490&adblock=0&auction_host=apply&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0038858082538840107&placement_type_id=&skin_test=0&verify_hash=9be011ee1c74e39104086aea262574a1&score=67.0063466579106&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D138611283%26spot_id%3D490%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26idzone%3D4438158%26sid%3D1886&ml=&tag_ab=b&original_bid=0.014&user_fp=14631201315374251416&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=O8j95jpECkfoJIygCp3JALDq5XVJTbQBViVjRiPYaSOM7mpGwN6l27KljInO5SN1RTH_p0njVIu90BWMpG4YOVsfmCxUjhSOPGmzc3xQC5XpbzzH6E0nvpFHv_ZLvRNYP5vQerV1YJkZPXMj9QybKIOn_0ml2gtvtziVUuLGeuTOR8wkxem_tCd2KNIxRPOMf6AOOktqWN-j2OuinkOh-SEE5KUzFH6Vl31Mst72L2UWQK5-DKStDxyoS3jDfDThPABKaW--cPB5Q8tyai71awWO5QhQc0Pbj9Dhil-8cJy-JxfUlGE5MOO3EE1ewmORlB2KluLN1mZhrbICGgf-PFZ7x3V_qfrx2i_fciUCV0Y0PjgGa5nLpIHrx_GfU0_eIn7ye3Qdq9M4vgI04YDPDUtrblJgEc1iVGPeDYP5fcRgXh-EJIAzi5zFafE_yXbD9iCtzIfOfT4ioyRJcUSHPolYHOG6Q-gGP74sz-3we14ZNKjpcdzu5EN7Pn4Mcuo5qBPJJGdkjoR_T3aHXubqh2mRmxxblHn5InbMXZ-XAmRtkq52IEaqlUDAarS4lu5PeoHcQMGcN94RNYuSsf4al7RjPXecDZ3MHKt7_Yn9R7q-BLJoVDYjFk2yi33g7RMwNKG3jTM0UOBB0m0dm5ep1-FJlq7g2F9UJPWFnJ_l&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3DquvVESRbr21QJgJl_WJamGbkmHI0725Bzjkoe4mi3rQ4becuTDbpuBCormOOfPu2WmFFgJnHX3OOc0fRDKPgXlM_z3DeEea9lUynVCY3bMMvElMikH4j2it7_JUXe-VTUCSAFssYbgyhikkBNqKIx52wa4Fz0_gZg_m0MqUWg9hcmjJcXkc1disKC7XHqRudG7OmQGlQ3xMqOSUYYGa4sxDwXu9ou_6b6sVGuhvTgf92sbVhb39FZXSGpgdeHoAguQXDxXzAcTHbmY5XepVc2s8ZYNSJf9QoRDk9F8WBG8S8xlkkZzaR3jr50hnnBUCMToSyS3B-EIiUMenH2v5ifToyXG_-3K298tijes3l_ntGbas8YHjxBLTWrvMizr7AWCWT9L38Pal9PndQuoCKFzSAW7xhIxdD1pqB1L4Y8A%3D%3D&skin_id=4&vertical_id=5&real_bid=0.0128184&pr=&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=Shemale&label_ids=4,90,5&conditions=all,dch_ip,tz_offset&need_redirect_show=0&cpa=56f311ca-fbc0-499e-91ff-6b529ad6fc49&format=social-scale-b_r-body
157.90.84.246200 OK 0 B URL HTTP/2 9028b77447.a5acd46254.com/in/show/?mid=4312668318917353027&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=138611283&sid=2704218273&cid=2703&price=0.014&is_cpm=0&cpm=0&ecpm=0.08921423333011676&crid=49675&crtid=c749e815f15eae14d8075c784a574be8&tcid=0&out_id=0&ver=8.25.0&ver_c=&refdom=shemalez.tube&hostname=auc-inpage-hz-5-a&site_id=31490&spot_id=490&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675979930&created_at=2023-02-09&is_native=1&auction_queue=0&burl=RoQ-zzFcU0AJoHkgUwQmZ2g5zuDYOYdsR9g87_9gkWn45W45m800Mw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=73490&adblock=0&auction_host=apply&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0038858082538840107&placement_type_id=&skin_test=0&verify_hash=9be011ee1c74e39104086aea262574a1&score=67.0063466579106&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D138611283%26spot_id%3D490%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26idzone%3D4438158%26sid%3D1886&ml=&tag_ab=b&original_bid=0.014&user_fp=14631201315374251416&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=O8j95jpECkfoJIygCp3JALDq5XVJTbQBViVjRiPYaSOM7mpGwN6l27KljInO5SN1RTH_p0njVIu90BWMpG4YOVsfmCxUjhSOPGmzc3xQC5XpbzzH6E0nvpFHv_ZLvRNYP5vQerV1YJkZPXMj9QybKIOn_0ml2gtvtziVUuLGeuTOR8wkxem_tCd2KNIxRPOMf6AOOktqWN-j2OuinkOh-SEE5KUzFH6Vl31Mst72L2UWQK5-DKStDxyoS3jDfDThPABKaW--cPB5Q8tyai71awWO5QhQc0Pbj9Dhil-8cJy-JxfUlGE5MOO3EE1ewmORlB2KluLN1mZhrbICGgf-PFZ7x3V_qfrx2i_fciUCV0Y0PjgGa5nLpIHrx_GfU0_eIn7ye3Qdq9M4vgI04YDPDUtrblJgEc1iVGPeDYP5fcRgXh-EJIAzi5zFafE_yXbD9iCtzIfOfT4ioyRJcUSHPolYHOG6Q-gGP74sz-3we14ZNKjpcdzu5EN7Pn4Mcuo5qBPJJGdkjoR_T3aHXubqh2mRmxxblHn5InbMXZ-XAmRtkq52IEaqlUDAarS4lu5PeoHcQMGcN94RNYuSsf4al7RjPXecDZ3MHKt7_Yn9R7q-BLJoVDYjFk2yi33g7RMwNKG3jTM0UOBB0m0dm5ep1-FJlq7g2F9UJPWFnJ_l&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3DquvVESRbr21QJgJl_WJamGbkmHI0725Bzjkoe4mi3rQ4becuTDbpuBCormOOfPu2WmFFgJnHX3OOc0fRDKPgXlM_z3DeEea9lUynVCY3bMMvElMikH4j2it7_JUXe-VTUCSAFssYbgyhikkBNqKIx52wa4Fz0_gZg_m0MqUWg9hcmjJcXkc1disKC7XHqRudG7OmQGlQ3xMqOSUYYGa4sxDwXu9ou_6b6sVGuhvTgf92sbVhb39FZXSGpgdeHoAguQXDxXzAcTHbmY5XepVc2s8ZYNSJf9QoRDk9F8WBG8S8xlkkZzaR3jr50hnnBUCMToSyS3B-EIiUMenH2v5ifToyXG_-3K298tijes3l_ntGbas8YHjxBLTWrvMizr7AWCWT9L38Pal9PndQuoCKFzSAW7xhIxdD1pqB1L4Y8A%3D%3D&skin_id=4&vertical_id=5&real_bid=0.0128184&pr=&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=Shemale&label_ids=4,90,5&conditions=all,dch_ip,tz_offset&need_redirect_show=0&cpa=56f311ca-fbc0-499e-91ff-6b529ad6fc49&format=social-scale-b_r-body
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=4312668318917353027&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=138611283&sid=2704218273&cid=2703&price=0.014&is_cpm=0&cpm=0&ecpm=0.08921423333011676&crid=49675&crtid=c749e815f15eae14d8075c784a574be8&tcid=0&out_id=0&ver=8.25.0&ver_c=&refdom=shemalez.tube&hostname=auc-inpage-hz-5-a&site_id=31490&spot_id=490&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675979930&created_at=2023-02-09&is_native=1&auction_queue=0&burl=RoQ-zzFcU0AJoHkgUwQmZ2g5zuDYOYdsR9g87_9gkWn45W45m800Mw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=73490&adblock=0&auction_host=apply&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0038858082538840107&placement_type_id=&skin_test=0&verify_hash=9be011ee1c74e39104086aea262574a1&score=67.0063466579106&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D138611283%26spot_id%3D490%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26idzone%3D4438158%26sid%3D1886&ml=&tag_ab=b&original_bid=0.014&user_fp=14631201315374251416&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=O8j95jpECkfoJIygCp3JALDq5XVJTbQBViVjRiPYaSOM7mpGwN6l27KljInO5SN1RTH_p0njVIu90BWMpG4YOVsfmCxUjhSOPGmzc3xQC5XpbzzH6E0nvpFHv_ZLvRNYP5vQerV1YJkZPXMj9QybKIOn_0ml2gtvtziVUuLGeuTOR8wkxem_tCd2KNIxRPOMf6AOOktqWN-j2OuinkOh-SEE5KUzFH6Vl31Mst72L2UWQK5-DKStDxyoS3jDfDThPABKaW--cPB5Q8tyai71awWO5QhQc0Pbj9Dhil-8cJy-JxfUlGE5MOO3EE1ewmORlB2KluLN1mZhrbICGgf-PFZ7x3V_qfrx2i_fciUCV0Y0PjgGa5nLpIHrx_GfU0_eIn7ye3Qdq9M4vgI04YDPDUtrblJgEc1iVGPeDYP5fcRgXh-EJIAzi5zFafE_yXbD9iCtzIfOfT4ioyRJcUSHPolYHOG6Q-gGP74sz-3we14ZNKjpcdzu5EN7Pn4Mcuo5qBPJJGdkjoR_T3aHXubqh2mRmxxblHn5InbMXZ-XAmRtkq52IEaqlUDAarS4lu5PeoHcQMGcN94RNYuSsf4al7RjPXecDZ3MHKt7_Yn9R7q-BLJoVDYjFk2yi33g7RMwNKG3jTM0UOBB0m0dm5ep1-FJlq7g2F9UJPWFnJ_l&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3DquvVESRbr21QJgJl_WJamGbkmHI0725Bzjkoe4mi3rQ4becuTDbpuBCormOOfPu2WmFFgJnHX3OOc0fRDKPgXlM_z3DeEea9lUynVCY3bMMvElMikH4j2it7_JUXe-VTUCSAFssYbgyhikkBNqKIx52wa4Fz0_gZg_m0MqUWg9hcmjJcXkc1disKC7XHqRudG7OmQGlQ3xMqOSUYYGa4sxDwXu9ou_6b6sVGuhvTgf92sbVhb39FZXSGpgdeHoAguQXDxXzAcTHbmY5XepVc2s8ZYNSJf9QoRDk9F8WBG8S8xlkkZzaR3jr50hnnBUCMToSyS3B-EIiUMenH2v5ifToyXG_-3K298tijes3l_ntGbas8YHjxBLTWrvMizr7AWCWT9L38Pal9PndQuoCKFzSAW7xhIxdD1pqB1L4Y8A%3D%3D&skin_id=4&vertical_id=5&real_bid=0.0128184&pr=&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=Shemale&label_ids=4,90,5&conditions=all,dch_ip,tz_offset&need_redirect_show=0&cpa=56f311ca-fbc0-499e-91ff-6b529ad6fc49&format=social-scale-b_r-body HTTP/1.1
Host: 9028b77447.a5acd46254.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 88bd48f3f25b3869edceceffa3969975
4629f945078151e6529d0c0fa17ecc26b240a9a8
b19ad328e38f618f96a5109b4314253d60ba8d0d68cae5fb04a7868334d46751
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B19AD328E38F618F96A5109B4314253D60BA8D0D68CAE5FB04A7868334D46751"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4815
Expires: Thu, 09 Feb 2023 07:19:06 GMT
Date: Thu, 09 Feb 2023 05:58:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e3135bf87090d9907e103d90120211e0
01c774cd4658826679c32a2dd8ba127b6167f6da
e1c9b284aca25c7f2ab715c1586b34972945ae8419b3c099cf0ded8ee2830916
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1C9B284ACA25C7F2AB715C1586B34972945AE8419B3C099CF0DED8EE2830916"
Last-Modified: Tue, 07 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8273
Expires: Thu, 09 Feb 2023 08:16:44 GMT
Date: Thu, 09 Feb 2023 05:58:51 GMT
Connection: keep-alive
imgdelnw.com/ie?v=4&c=quvVESRbr21QJgJl_WJamGbkmHI0725Bzjkoe4mi3rQ4becuTDbpuBCormOOfPu2WmFFgJnHX3OOc0fRDKPgXlM_z3DeEea9lUynVCY3bMMvElMikH4j2it7_JUXe-VTUCSAFssYbgyhikkBNqKIx52wa4Fz0_gZg_m0MqUWg9hcmjJcXkc1disKC7XHqRudG7OmQGlQ3xMqOSUYYGa4sxDwXu9ou_6b6sVGuhvTgf92sbVhb39FZXSGpgdeHoAguQXDxXzAcTHbmY5XepVc2s8ZYNSJf9QoRDk9F8WBG8S8xlkkZzaR3jr50hnnBUCMToSyS3B-EIiUMenH2v5ifToyXG_-3K298tijes3l_ntGbas8YHjxBLTWrvMizr7AWCWT9L38Pal9PndQuoCKFzSAW7xhIxdD1pqB1L4Y8A==
138.201.194.90301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=quvVESRbr21QJgJl_WJamGbkmHI0725Bzjkoe4mi3rQ4becuTDbpuBCormOOfPu2WmFFgJnHX3OOc0fRDKPgXlM_z3DeEea9lUynVCY3bMMvElMikH4j2it7_JUXe-VTUCSAFssYbgyhikkBNqKIx52wa4Fz0_gZg_m0MqUWg9hcmjJcXkc1disKC7XHqRudG7OmQGlQ3xMqOSUYYGa4sxDwXu9ou_6b6sVGuhvTgf92sbVhb39FZXSGpgdeHoAguQXDxXzAcTHbmY5XepVc2s8ZYNSJf9QoRDk9F8WBG8S8xlkkZzaR3jr50hnnBUCMToSyS3B-EIiUMenH2v5ifToyXG_-3K298tijes3l_ntGbas8YHjxBLTWrvMizr7AWCWT9L38Pal9PndQuoCKFzSAW7xhIxdD1pqB1L4Y8A==
IP 138.201.194.90:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=quvVESRbr21QJgJl_WJamGbkmHI0725Bzjkoe4mi3rQ4becuTDbpuBCormOOfPu2WmFFgJnHX3OOc0fRDKPgXlM_z3DeEea9lUynVCY3bMMvElMikH4j2it7_JUXe-VTUCSAFssYbgyhikkBNqKIx52wa4Fz0_gZg_m0MqUWg9hcmjJcXkc1disKC7XHqRudG7OmQGlQ3xMqOSUYYGa4sxDwXu9ou_6b6sVGuhvTgf92sbVhb39FZXSGpgdeHoAguQXDxXzAcTHbmY5XepVc2s8ZYNSJf9QoRDk9F8WBG8S8xlkkZzaR3jr50hnnBUCMToSyS3B-EIiUMenH2v5ifToyXG_-3K298tijes3l_ntGbas8YHjxBLTWrvMizr7AWCWT9L38Pal9PndQuoCKFzSAW7xhIxdD1pqB1L4Y8A== HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Thu, 09 Feb 2023 05:58:51 GMT
content-length: 0
location: https://img.vmmcdn.com/get/37693351/71046_image.jpg
x-app-id: 14
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?mlf=1&cpa=b4e5ac83-1148-4eaa-ab7c-a413b2037ec8&mlc=1&format=social-scale-b_r-body
94.130.197.142200 OK 590 B URL HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?mlf=1&cpa=b4e5ac83-1148-4eaa-ab7c-a413b2037ec8&mlc=1&format=social-scale-b_r-body
IP 94.130.197.142:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?mlf=1&cpa=b4e5ac83-1148-4eaa-ab7c-a413b2037ec8&mlc=1&format=social-scale-b_r-body HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
94.130.197.142200 OK 590 B URL HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP 94.130.197.142:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
imgdelnw.com/ie?v=4&c=0Z154M_bom1VhYoawq9-y5FZOF7MDZq-wEwgHyO5bN3pQcZvn8iqGYKOWX6GpL4hxKR0t7yBaYSmYp9PLOaBkX99WDPQACumpY6RpCjD5tOljcUKK0yeOQsDUjo7fDabpCH22_U96Ht2p6G1DzNp7E2LqguzQW8C7fGhbzPmS-86uXZfintnso6YVTVXl_EAp8Y4dc2riEKtbtuI45UlU0jDPJC78ghUgiZ_fHvZ_YoikL33GCXw0eceKZ0KnMngxdz__PpODwB2hcCjxGPWZx5y8XjcxNb6nHc8SFN46petpbGe-Zk2OP6lO7tt_Abiz9zBpvADsCATruaq9wE21Web41eiEJBkSDILThnuZ0N7fqx4LYHmHy0p_n320swYq0ZRaPTQCHWXqIuP7oMayaWTWoN-xd_IwH-irh9q&v1=457&v2=49675&cpa=af8b2b96-9c81-4a16-9869-acdc4619a302&format=social-scale-b_r-body
138.201.194.90301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=0Z154M_bom1VhYoawq9-y5FZOF7MDZq-wEwgHyO5bN3pQcZvn8iqGYKOWX6GpL4hxKR0t7yBaYSmYp9PLOaBkX99WDPQACumpY6RpCjD5tOljcUKK0yeOQsDUjo7fDabpCH22_U96Ht2p6G1DzNp7E2LqguzQW8C7fGhbzPmS-86uXZfintnso6YVTVXl_EAp8Y4dc2riEKtbtuI45UlU0jDPJC78ghUgiZ_fHvZ_YoikL33GCXw0eceKZ0KnMngxdz__PpODwB2hcCjxGPWZx5y8XjcxNb6nHc8SFN46petpbGe-Zk2OP6lO7tt_Abiz9zBpvADsCATruaq9wE21Web41eiEJBkSDILThnuZ0N7fqx4LYHmHy0p_n320swYq0ZRaPTQCHWXqIuP7oMayaWTWoN-xd_IwH-irh9q&v1=457&v2=49675&cpa=af8b2b96-9c81-4a16-9869-acdc4619a302&format=social-scale-b_r-body
IP 138.201.194.90:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=0Z154M_bom1VhYoawq9-y5FZOF7MDZq-wEwgHyO5bN3pQcZvn8iqGYKOWX6GpL4hxKR0t7yBaYSmYp9PLOaBkX99WDPQACumpY6RpCjD5tOljcUKK0yeOQsDUjo7fDabpCH22_U96Ht2p6G1DzNp7E2LqguzQW8C7fGhbzPmS-86uXZfintnso6YVTVXl_EAp8Y4dc2riEKtbtuI45UlU0jDPJC78ghUgiZ_fHvZ_YoikL33GCXw0eceKZ0KnMngxdz__PpODwB2hcCjxGPWZx5y8XjcxNb6nHc8SFN46petpbGe-Zk2OP6lO7tt_Abiz9zBpvADsCATruaq9wE21Web41eiEJBkSDILThnuZ0N7fqx4LYHmHy0p_n320swYq0ZRaPTQCHWXqIuP7oMayaWTWoN-xd_IwH-irh9q&v1=457&v2=49675&cpa=af8b2b96-9c81-4a16-9869-acdc4619a302&format=social-scale-b_r-body HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Thu, 09 Feb 2023 05:58:51 GMT
content-length: 0
location: https://img.vmmcdn.com/get/99966263/71046_icon.png
x-app-id: 14
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 88d804c93bf58a622484c1a7b70cc136
c2784925f090cdb36f8c893d602ca6dbbdb2dc0d
2b2d127e5fe846eb1c9739a41c35c6ff2613b771cfa67f426dca307eb007d0e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B2D127E5FE846EB1C9739A41C35C6FF2613B771CFA67F426DCA307EB007D0E3"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11494
Expires: Thu, 09 Feb 2023 09:10:25 GMT
Date: Thu, 09 Feb 2023 05:58:51 GMT
Connection: keep-alive
notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fshemalez.tube%2F&tcid=0&spot_id=1027&site=shemalez&source_id=0
168.119.25.66200 OK 0 B URL HTTP/2 notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fshemalez.tube%2F&tcid=0&spot_id=1027&site=shemalez&source_id=0
IP 168.119.25.66:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/subscription-offers?href=https%3A%2F%2Fshemalez.tube%2F&tcid=0&spot_id=1027&site=shemalez&source_id=0 HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 Feb 2023 05:58:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
img.vmmcdn.com/get/37693351/71046_image.jpg
138.201.51.142200 OK 28 kB URL HTTP/1.1 img.vmmcdn.com/get/37693351/71046_image.jpg
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3\012- data
Hash a004bf3188a7ccef2e10a7668688bb66
153b663e551f89a1c63f8f7f130d0bd94e7c6644
eab0c053e028263b899b57bfd48b9fc38ebaeb3ad1c69837add876c64a069380
GET /get/37693351/71046_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 09 Feb 2023 05:58:51 GMT
Content-Type: image/jpeg
Content-Length: 27908
Connection: keep-alive
Last-Modified: Sat, 27 Nov 2021 11:12:16 GMT
Cache-Control: public, max-age=604800
ETag: "61a21290-6d04"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
img.vmmcdn.com/get/99966263/71046_icon.png
138.201.51.142200 OK 65 kB URL HTTP/1.1 img.vmmcdn.com/get/99966263/71046_icon.png
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash fa28820bcc0c365a2cc55fd313efe719
409db3e7e6d44723c22826ea6c58d88d95fa5907
b4274f07ae50b72eb24f7e9ea62788cfd5556ca3d3811ac7e868c123e5fb490e
GET /get/99966263/71046_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 09 Feb 2023 05:58:51 GMT
Content-Type: image/png
Content-Length: 65293
Connection: keep-alive
Last-Modified: Sat, 27 Nov 2021 11:12:16 GMT
Cache-Control: public, max-age=604800
ETag: "61a21290-ff0d"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92818cb682d372e3f3120a72fd86a86f
a9bd37b790c312ceab8a2c59dc750e49638d8578
6a459b05f0ccaa27ecd4fedecaa1cfcfdbac3f7296c2be580e00e8acd612234a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A459B05F0CCAA27ECD4FEDECAA1CFCFDBAC3F7296C2BE580E00E8ACD612234A"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6486
Expires: Thu, 09 Feb 2023 07:46:58 GMT
Date: Thu, 09 Feb 2023 05:58:52 GMT
Connection: keep-alive
rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MjQzNjYsInR5cGUiOiJwb3AiLCJpZHpvbmUiOjEsImFkX3RhZ3MiOiJTaGVtYWxlLCIsImxhYmVscyI6IiIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjAiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyNDM2NiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjI0MzY2IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL3NoZW1hbGV6LnR1YmUvIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4IiwiZnAiOm51bGx9LCJleHQiOnsiZHQiOjE2NzU5MjIzOTA1NTF9fQ==
159.69.163.6302 Found 0 B URL HTTP/2 rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MjQzNjYsInR5cGUiOiJwb3AiLCJpZHpvbmUiOjEsImFkX3RhZ3MiOiJTaGVtYWxlLCIsImxhYmVscyI6IiIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjAiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyNDM2NiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjI0MzY2IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL3NoZW1hbGV6LnR1YmUvIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4IiwiZnAiOm51bGx9LCJleHQiOnsiZHQiOjE2NzU5MjIzOTA1NTF9fQ==
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MjQzNjYsInR5cGUiOiJwb3AiLCJpZHpvbmUiOjEsImFkX3RhZ3MiOiJTaGVtYWxlLCIsImxhYmVscyI6IiIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjAiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyNDM2NiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjI0MzY2IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL3NoZW1hbGV6LnR1YmUvIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4IiwiZnAiOm51bGx9LCJleHQiOnsiZHQiOjE2NzU5MjIzOTA1NTF9fQ== HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 09 Feb 2023 05:58:52 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=5515869787315280126&pid=0&site=24366&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=shemalez.tube&hostname=auc-banner-hz-10&site_id=0&spot_id=24366&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=37.07280711723521&ml=&tag_ab=b&v2=0&ttl=&space_id=24366&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24366%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24366%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DShemale%2C%26spot_id%3D24366%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26katds_labels%3D%26btype%3D0%26score%3D37.07280711723521%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Shemale,&stratagem=nlabel-b&ssp=3972&refresh=1
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=5515869787315280126&pid=0&site=24366&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=shemalez.tube&hostname=auc-banner-hz-10&site_id=0&spot_id=24366&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=37.07280711723521&ml=&tag_ab=b&v2=0&ttl=&space_id=24366&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24366%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24366%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DShemale%2C%26spot_id%3D24366%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26katds_labels%3D%26btype%3D0%26score%3D37.07280711723521%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Shemale,&stratagem=nlabel-b&ssp=3972&refresh=1
159.69.163.6302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=5515869787315280126&pid=0&site=24366&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=shemalez.tube&hostname=auc-banner-hz-10&site_id=0&spot_id=24366&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=37.07280711723521&ml=&tag_ab=b&v2=0&ttl=&space_id=24366&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24366%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24366%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DShemale%2C%26spot_id%3D24366%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26katds_labels%3D%26btype%3D0%26score%3D37.07280711723521%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Shemale,&stratagem=nlabel-b&ssp=3972&refresh=1
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=5515869787315280126&pid=0&site=24366&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=shemalez.tube&hostname=auc-banner-hz-10&site_id=0&spot_id=24366&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=37.07280711723521&ml=&tag_ab=b&v2=0&ttl=&space_id=24366&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24366%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24366%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DShemale%2C%26spot_id%3D24366%26p%3Dhttps%253A%252F%252Fshemalez.tube%252F%26katds_labels%3D%26btype%3D0%26score%3D37.07280711723521%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Shemale,&stratagem=nlabel-b&ssp=3972&refresh=1 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 09 Feb 2023 05:58:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=24366&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24366&utm1=&utm2=&utm3=&utm4=&ad_tags=Shemale,&spot_id=24366&p=https%3A%2F%2Fshemalez.tube%2F&katds_labels=&btype=0&score=37.07280711723521&bf=0.0001
X-Firefox-Spdy: h2
btds.zog.link/in/912/?sid=24366&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24366&utm1=&utm2=&utm3=&utm4=&ad_tags=Shemale,&spot_id=24366&p=https%3A%2F%2Fshemalez.tube%2F&katds_labels=&btype=0&score=37.07280711723521&bf=0.0001
109.206.175.85302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=24366&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24366&utm1=&utm2=&utm3=&utm4=&ad_tags=Shemale,&spot_id=24366&p=https%3A%2F%2Fshemalez.tube%2F&katds_labels=&btype=0&score=37.07280711723521&bf=0.0001
IP 109.206.175.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=24366&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24366&utm1=&utm2=&utm3=&utm4=&ad_tags=Shemale,&spot_id=24366&p=https%3A%2F%2Fshemalez.tube%2F&katds_labels=&btype=0&score=37.07280711723521&bf=0.0001 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Cookie: 952.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Thu, 09 Feb 2023 05:58:53 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Fri, 10 Feb 2023 05:58:52 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ef7c4e1abc07c6731f5994bc6f883e0
043bd49906b84c808477a04c526cfcb689698e98
65ff0759178fc728c8a46fd29caa5ad312630c48533b5a4a693cadf837e4b306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65FF0759178FC728C8A46FD29CAA5AD312630C48533B5A4A693CADF837E4B306"
Last-Modified: Wed, 08 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9211
Expires: Thu, 09 Feb 2023 08:32:24 GMT
Date: Thu, 09 Feb 2023 05:58:53 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:53 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: e0cea73041c202c45e6ab3a8b14597f5
expires: Thu, 09 Feb 2023 06:58:53 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
shemalez.tube/
188.114.96.1200 OK 0 B IP 188.114.96.1:0
GET / HTTP/1.1
Host: shemalez.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.32
access-control-allow-origin: *
set-cookie: tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=shemalez.tube
kt_lang=en; expires=Sun, 04-Feb-2024 05:58:49 GMT; Max-Age=31104000; path=/; domain=.shemalez.tube
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUI%2B1QEqBMo9hu1yCIx%2FUS%2FqYhZuW3Urz6r12EUiyQzdzSX0jpETMHXURm3mD4nOrhfgSEknJy4o2U%2FPcqpE3Nn3uM4FxSR7qeFmYlf%2BY6enrDcv9K%2B2aXIRJKo%2FHcCb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796a601a8980b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sw.wpu.sh/npc/sdk/common/service-worker.js
45.133.44.25200 OK 0 B URL HTTP/2 sw.wpu.sh/npc/sdk/common/service-worker.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/common/service-worker.js HTTP/1.1
Host: sw.wpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 Feb 2023 14:06:45 GMT
etag: W/"63e3ac75-158c"
content-encoding: gzip
expires: Thu, 09 Feb 2023 06:03:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
46.4.114.55200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894
IP 46.4.114.55:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1677570894 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shemalez.tube/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/e/6/f3bb253dbb5674fdca83f5ac6675d1f35fc3c8.gif>; rel=preload; as=image
x-request-id: 2ea7e7cebcbac2dd
set-cookie: ts_uid=41bcf513-ec82-4f19-907e-c000ee330e3d; expires=Wed, 09 Aug 2023 05:58:50 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMmjYiCEDRhcWIsYU3BLjoYgyE2PYuGEDBgwcN2Y47KMg; expires=Fri, 10 Feb 2023 05:58:50 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push/styles.css
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/push/styles.css
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/push/styles.css HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:51 GMT
content-type: text/css
server: nginx/1.18.0
last-modified: Tue, 30 Aug 2022 09:15:33 GMT
etag: W/"630dd535-10f4"
content-encoding: gzip
expires: Thu, 09 Feb 2023 06:03:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
77.88.21.119200 OK 0 B URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 77.88.21.119:0
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Thu, 09 Feb 2023 05:58:49 GMT
access-control-allow-origin: *
etag: "63e36f34-e31c"
expires: Thu, 09 Feb 2023 06:58:49 GMT
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sw.wpu.sh/npc/sdk/common/service-worker.js
45.133.44.24200 OK 0 B URL HTTP/2 sw.wpu.sh/npc/sdk/common/service-worker.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/common/service-worker.js HTTP/1.1
Host: sw.wpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shemalez.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Feb 2023 05:58:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 Feb 2023 14:06:45 GMT
etag: W/"63e3ac75-158c"
content-encoding: gzip
expires: Thu, 09 Feb 2023 06:03:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2