transfemdom.gigixo.com Open in urlscan Pro
37.1.205.124 Public Scan

URL:
http://transfemdom.gigixo.com/
Submission: On June 17 via manual (June 17th 2020, 6:46:55 am UTC) from JP

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 44 HTTP transactions. The main IP is 37.1.205.124, located in Netherlands and belongs to SCALAXY-AS, NL. The main domain is transfemdom.gigixo.com.

This is the only time transfemdom.gigixo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	37.1.205.124 37.1.205.124	58061 (SCALAXY-AS) (SCALAXY-AS)
5	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:5200:c:dd71:23c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	185.94.236.21 185.94.236.21	42567 (MOJHOST-EU) (MOJHOST-EU)
1	2606:4700::68... 2606:4700::6811:306b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 9	109.206.172.148 109.206.172.148	50245 (SERVEREL-AS) (SERVEREL-AS)
9	2606:4700:20:... 2606:4700:20::681a:d3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.24.92 31.220.24.92	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.85.94.229 88.85.94.229	35415 (WEBZILLA) (WEBZILLA)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:326b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:1aa8:185... 2001:1aa8:185::212:100	24642 (NL-CAVEO) (NL-CAVEO)
1	67.216.90.21 67.216.90.21	35415 (WEBZILLA) (WEBZILLA)
1	2001:1aa8:185... 2001:1aa8:185::212:102	24642 (NL-CAVEO) (NL-CAVEO)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
44	18

9 37.1.205.124 (Netherlands)

ASN58061 (SCALAXY-AS, NL)

transfemdom.gigixo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5200:c:dd71:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.236.21 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:306b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 109.206.172.148 (Netherlands) 9 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 148.172.serverel.net

direct.shemalez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)

shemalez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.24.92 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

videotxxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f0e (United States)

ASN13335 (CLOUDFLARENET, US)

txxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.85.94.229 (Netherlands)

ASN35415 (WEBZILLA, NL)

plified.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:326b (United States)

ASN13335 (CLOUDFLARENET, US)

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:1aa8:185::212:100 (Netherlands)

ASN24642 (NL-CAVEO, NL)

go.eroadvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.216.90.21 (Dallas, United States)

ASN35415 (WEBZILLA, NL)

www.defutohy.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1aa8:185::212:102 (Netherlands)

ASN24642 (NL-CAVEO, NL)

data.eroadvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	shemalez.com 9 redirects direct.shemalez.com shemalez.com	2 KB
9	gigixo.com transfemdom.gigixo.com	973 KB
5	bootstrapcdn.com maxcdn.bootstrapcdn.com	73 KB
4	jads.co 1 redirects poweredby.jads.co	2 KB
3	eroadvertising.com go.eroadvertising.com data.eroadvertising.com	48 KB
2	nr-data.net bam.nr-data.net	334 B
2	google-analytics.com www.google-analytics.com	18 KB
2	tsyndicate.com cdn.tsyndicate.com tsyndicate.com	3 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	defutohy.pro www.defutohy.pro	28 KB
1	plified.pro plified.pro	28 KB
1	txxx.com txxx.com
1	videotxxx.com 1 redirects videotxxx.com	225 B
1	juicyads.com js.juicyads.com	85 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	googleapis.com ajax.googleapis.com	29 KB
44	16

	Domain	Requested by
9	shemalez.com	transfemdom.gigixo.com
9	direct.shemalez.com	9 redirects
9	transfemdom.gigixo.com	transfemdom.gigixo.com
5	maxcdn.bootstrapcdn.com	transfemdom.gigixo.com
4	poweredby.jads.co	1 redirects transfemdom.gigixo.com poweredby.jads.co
2	bam.nr-data.net	js-agent.newrelic.com
2	go.eroadvertising.com	ajax.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com transfemdom.gigixo.com
1	js-agent.newrelic.com	transfemdom.gigixo.com
1	data.eroadvertising.com	transfemdom.gigixo.com
1	www.defutohy.pro	plified.pro
1	tsyndicate.com	cdn.tsyndicate.com
1	plified.pro	transfemdom.gigixo.com
1	txxx.com	transfemdom.gigixo.com
1	videotxxx.com	1 redirects
1	cdn.tsyndicate.com	transfemdom.gigixo.com
1	js.juicyads.com	transfemdom.gigixo.com
1	www.googletagmanager.com	transfemdom.gigixo.com
1	ajax.googleapis.com	transfemdom.gigixo.com
44	19

This site contains no links.

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-20` - `2022-04-23`	2 years	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2019-12-01` - `2020-11-30`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-10` - `2020-10-09`	a year	crt.sh
txxx.com CloudFlare Inc ECC CA-2	`2020-01-18` - `2020-10-09`	9 months	crt.sh
www.defutohy.pro Let's Encrypt Authority X3	`2020-05-18` - `2020-08-16`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-29` - `2021-05-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 16 frames:

Primary Page: http://transfemdom.gigixo.com/
Frame ID: 7F42A32386670D9DF76E0F196CA15352
Requests: 30 HTTP requests in this frame

Frame: https://shemalez.com/embed/300633?source=1111384434
Frame ID: C7464663BD59C831300018CF7AA56130
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/451005?source=1111384434
Frame ID: 094E6A4D37DE27D23790E2A5D78A548D
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/451111?source=1111384434
Frame ID: E6CB0D6471636FBBFC5ADDA5B8BB848D
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/451001?source=1111384434
Frame ID: 7A0D6FDA57105406F2AB2B98179902C3
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/450981?source=1111384434
Frame ID: 324D0656D9556627E6F4844EB35387EF
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/450970?source=1111384434
Frame ID: D41303A5E433F5C6DACEFB77AFADCB0A
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/451088?source=1111384434
Frame ID: D4A189B0E6DF5D87805007CA17A35BD2
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/293305?source=1111384434
Frame ID: 9CCE9597D130283462805474FACC96BE
Requests: 1 HTTP requests in this frame

Frame: https://shemalez.com/embed/299968?source=1111384434
Frame ID: 0E41F99759FD98D1D2AA6DE0467CC674
Requests: 1 HTTP requests in this frame

Frame: https://txxx.com/embed/11991715/?source=1111384434
Frame ID: 7E47F0227DEEAD45EAF9ADAEDB649B71
Requests: 1 HTTP requests in this frame

Frame: http://tsyndicate.com/iframes2/9d1e13394347478aa7505e5c4801aade.html?keywords=Shemale,galleries,Shemale,gallery,Free,shemale,galleries,Tranny,galleries,best,porn,photo,ever,adult,girl,toon,porn,wow,porn,cartoons,monster,porn,hentai,viggie,porn,pictures,free,teen,tube,porn,videos,aduts,porn,best,milf,porn,free,mia,lina,porn,sites,male,porn,war,forcd,jaimie,pressley,porn,free,female,masterbating,porn,free,porn,blowjob,orgy,porn,star,mercedez,bio,busn,porn,teeny,toes,porn,free,porn,videos,flash,player,amateur,girl,polo,porn,porn,star,surgeries,feminized,girly,sissy,porn,Tranny,Girl,Videos&adb=0&w=1600&h=1200
Frame ID: A6D8A6F0799832040CF7371A0140ED91
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=829980
Frame ID: 5F05F6FB4301A35ECA42E6E803F61307
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=829980
Frame ID: 3325BE33C65DCE9F9B8E860A804358AD
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=830926
Frame ID: 6A8ACFBB6018FC5A740676778FC32FD2
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=830926
Frame ID: D9A2A0B83FB9C5199B4702D41F392029
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

57 %
HTTPS

58 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

1332 kB
Transfer

1860 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 16

https://direct.shemalez.com/embed/300633?source=1111384434 HTTP 301
https://shemalez.com/embed/300633?source=1111384434

Request Chain 17

https://direct.shemalez.com/embed/451005?source=1111384434 HTTP 301
https://shemalez.com/embed/451005?source=1111384434

Request Chain 18

https://direct.shemalez.com/embed/451111?source=1111384434 HTTP 301
https://shemalez.com/embed/451111?source=1111384434

Request Chain 19

https://direct.shemalez.com/embed/451001?source=1111384434 HTTP 301
https://shemalez.com/embed/451001?source=1111384434

Request Chain 20

https://direct.shemalez.com/embed/450981?source=1111384434 HTTP 301
https://shemalez.com/embed/450981?source=1111384434

Request Chain 21

https://direct.shemalez.com/embed/450970?source=1111384434 HTTP 301
https://shemalez.com/embed/450970?source=1111384434

Request Chain 22

https://direct.shemalez.com/embed/451088?source=1111384434 HTTP 301
https://shemalez.com/embed/451088?source=1111384434

Request Chain 23

https://direct.shemalez.com/embed/293305?source=1111384434 HTTP 301
https://shemalez.com/embed/293305?source=1111384434

Request Chain 24

https://direct.shemalez.com/embed/299968?source=1111384434 HTTP 301
https://shemalez.com/embed/299968?source=1111384434

Request Chain 25

https://videotxxx.com/embed/11991715/?source=1111384434 HTTP 302
https://txxx.com/embed/11991715/?source=1111384434

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
transfemdom.gigixo.com/ 56 KB
56 KB 2948ms
2916ms Document
text/html 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8b853b68a40cd620d060f65b57f982836286f9f920822af59673b24fce09c83f

Request headers

Host: transfemdom.gigixo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Wed, 17 Jun 2020 06:46:41 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: en-US
X-NewRelic-App-Data: PxQGUVBbDQsFR1RaDwIGVVQFBBFORDQHUjZKA1ZLVVFHDFYPbU5gEhZfWQYlDFZHQgsNDlJDa0lOGxYbJSM3SxJOCEwIFAYcB1IOWQhYAE5JBxtDAABZBAVXAloPA1YAVQNTVUBKBQNcEV0/
X-Cache: MISS
X-AdFeed: core3-feed
X-Page-Speed: 1.13.35.2-0
Cache-Control: max-age=0, no-cache
X-Frontend: inf-nl1

GET
H/1.1 200
OK blog-home.css
transfemdom.gigixo.com/css/ 56 KB
56 KB 577ms
558ms Stylesheet
text/html 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://transfemdom.gigixo.com/css/blog-home.css
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6072e7952d00433dea74c463e8c566554a26ab23e43cfc7a770b85e38533ee0b

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Page-Speed: 1.13.35.2-0
Date: Wed, 17 Jun 2020 06:46:42 GMT
X-Frontend: inf-nl1
X-NewRelic-App-Data: PxQGUVBbDQsFR1RaDwIGVVQFBBFORDQHUjZKA1ZLVVFHDFYPbU5gEhZfWQYlDFZHQgsNDlJDa0lOGxYbJSM3SxJOCEwIFAQcAFULUQBQH09VGhVSUlAIBglRB1NTVA9XUAEFEU4AAg5DB2U=
Server: nginx
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Cache-Control: max-age=0, no-cache
X-AdFeed: core3-feed
Connection: keep-alive
Content-Type: text/html;charset=utf-8

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 958ms
898ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/
Origin: http://transfemdom.gigixo.com

Response headers

date: Wed, 17 Jun 2020 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19747

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootswatch/3.3.7/cerulean/ 125 KB
20 KB 1169ms
1109ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/cerulean/bootstrap.min.css

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ca9b316a4aa635f54f257c0b25d5841cb12f0fc01f1498db99b9b42fbafe34a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/
Origin: http://transfemdom.gigixo.com

Response headers

date: Wed, 17 Jun 2020 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:40 GMT
status: 200
etag: "1544639680"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20689

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 1278ms
1219ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/
Origin: http://transfemdom.gigixo.com

Response headers

date: Wed, 17 Jun 2020 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6241

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/
Origin: http://transfemdom.gigixo.com

Response headers

date: Fri, 12 Jun 2020 20:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383753
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 20:10:41 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 1448ms
1390ms Script
text/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/
Origin: http://transfemdom.gigixo.com

Response headers

date: Wed, 17 Jun 2020 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9764

GET
H/1.1 200
OK 4-col-portfolio.css
transfemdom.gigixo.com/css/ 56 KB
56 KB 802ms
787ms Stylesheet
text/html 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://transfemdom.gigixo.com/css/4-col-portfolio.css
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e23f9dd43552567f6515849d27e1d1a156a6813f8830ca79e350c7c8efc17eb4

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Page-Speed: 1.13.35.2-0
Date: Wed, 17 Jun 2020 06:46:42 GMT
X-Frontend: inf-nl1
X-NewRelic-App-Data: PxQGUVBbDQsFR1RaDwIGVVQFBBFORDQHUjZKA1ZLVVFHDFYPbU5gEhZfWQYlDFZHQgsNDlJDa0lOGxYbJSM3SxJOCEwIFAQcAFAJWAlSH09VGhVQVVUBAAkAU1cHAgBTUAFTEU4AAg5DB2U=
Server: nginx
Transfer-Encoding: chunked
X-Cache: MISS
Content-Language: en-US
Cache-Control: max-age=0, no-cache
X-AdFeed: core3-feed
Connection: keep-alive
Content-Type: text/html;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98275526-8

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eab5daee275272a948e0ea065ef3624af30b924b398f3c92a2911224c3cbcf91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 06:46:35 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33230
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jun 2020 06:46:35 GMT

GET
H2 200 jp.php Show response
js.juicyads.com/ 84 KB
85 KB 141ms
114ms Script
application/javascript 2600:9000:2182:5200:c:dd71:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:5200:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9eaf66e8407dcacda576abb7c306c2becd4edcbd32cffd9ea65f568fd5cc21c8

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Wed, 17 Jun 2020 06:46:34 GMT
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=900
x-amz-cf-id: zQ15hgLwnLq4J6gqv8-4eY48OY6PAq-j6VIsleSYRk20NqLW7RPQDQ==
expires: Wed, 17 Jun 2020 07:01:34 GMT

GET
H/1.1 200
OK banner-12208.gif
transfemdom.gigixo.com/s3/sh-date/ 47 KB
47 KB 16ms
16ms Image
image/gif 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://transfemdom.gigixo.com/s3/sh-date/banner-12208.gif
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 55cfa70613815796c4e58f1817398220f4ba06dca43d558865919d9017d42ab1

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 06:46:43 GMT
X-Frontend: inf-nl1
Last-Modified: Sun, 05 Apr 2020 08:33:17 GMT
Server: nginx
ETag: "5e8997cd-bc9d"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48285

GET
H/1.1 200
OK 5.gif
transfemdom.gigixo.com/s3/sh-game/ 91 KB
91 KB 16ms
16ms Image
image/gif 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://transfemdom.gigixo.com/s3/sh-game/5.gif
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2769dfb8ef652fb1a5bae382dde31f12debedc946763f091be2791f1ab9824fe

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 06:46:43 GMT
X-Frontend: inf-nl1
Last-Modified: Sun, 05 Apr 2020 08:35:08 GMT
Server: nginx
ETag: "5e89983c-16b7e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93054

GET
H/1.1 200
OK banner-15189.jpg
transfemdom.gigixo.com/s3/ga-date/ 63 KB
63 KB 16ms
16ms Image
image/jpeg 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://transfemdom.gigixo.com/s3/ga-date/banner-15189.jpg
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5eaaf7c9945e60d60b3e5427c8617a86adef773e379b02da8f2bb93db666b7a2

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 06:46:43 GMT
X-Frontend: inf-nl1
Last-Modified: Sun, 05 Apr 2020 08:05:23 GMT
Server: nginx
ETag: "5e899143-fb98"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64408

GET
H/1.1 200
OK banner-06737.gif
transfemdom.gigixo.com/s3/ga-game/ 582 KB
583 KB 16ms
16ms Image
image/gif 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://transfemdom.gigixo.com/s3/ga-game/banner-06737.gif
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d000e455f4ce9b3e9ad4302906f9adf3647e16485dfcfed64cedfbe38e312a16

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 06:46:43 GMT
X-Frontend: inf-nl1
Last-Modified: Sun, 05 Apr 2020 08:24:56 GMT
Server: nginx
ETag: "5e8995d8-91977"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 596343

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

41ms
14ms

Script
application/x-javascript

185.94.236.21
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.21 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 19:07:38 GMT
Server: nginx
ETag: W/"5e0261fa-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Wed, 17 Jun 2020 06:46:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK bi.js Show response
cdn.tsyndicate.com/sdk/v1/ 6 KB
3 KB 39ms
33ms Script
application/javascript 2606:4700::6811:306b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tsyndicate.com/sdk/v1/bi.js
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 2606:4700::6811:306b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344b123ecfa158d419b9803fb9651b30e35fdfb4162d52de316114fb9b2815ad

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 762
Cf-Polished: origSize=6442
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0362a09eac000096d4483a7200000001
Last-Modified: Tue, 16 Jun 2020 13:11:49 GMT
Server: cloudflare
ETag: W/"5ee8c515-192a"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Wed, 17 Jun 2020 07:46:35 GMT
Cache-Control: public, max-age=3600
CF-RAY: 5a4ad0777cc596d4-FRA
Cf-Bgj: minify

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootswatch/3.3.7/fonts/ 18 KB
18 KB 720ms
720ms Font
font/woff2 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/cerulean/bootstrap.min.css
Origin: http://transfemdom.gigixo.com

Response headers

date: Wed, 17 Jun 2020 06:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 18056

GET
H2

200

300633
shemalez.com/embed/ Frame C746
Redirect Chain

https://direct.shemalez.com/embed/300633?source=1111384434
https://shemalez.com/embed/300633?source=1111384434

0
0

105ms
77ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/300633?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/300633?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=nqbn3ffj9uetr5udq29h7m5qr6; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D300633%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da87200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b2916e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/300633?source=1111384434

GET
H2

200

451005
shemalez.com/embed/ Frame 094E
Redirect Chain

https://direct.shemalez.com/embed/451005?source=1111384434
https://shemalez.com/embed/451005?source=1111384434

0
0

98ms
71ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/451005?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/451005?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=2peu96ri1e35rd48rbt90v2dg3; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D451005%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da88200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b2b16e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/451005?source=1111384434

GET
H2

200

451111
shemalez.com/embed/ Frame E6CB
Redirect Chain

https://direct.shemalez.com/embed/451111?source=1111384434
https://shemalez.com/embed/451111?source=1111384434

0
0

99ms
73ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/451111?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/451111?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=pmqfuenlaeva0hbmimfdq36mi0; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D451111%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da89200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b2e16e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/451111?source=1111384434

GET
H2

200

451001
shemalez.com/embed/ Frame 7A0D
Redirect Chain

https://direct.shemalez.com/embed/451001?source=1111384434
https://shemalez.com/embed/451001?source=1111384434

0
0

104ms
78ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/451001?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/451001?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=5h421f92jjh0l0878ulefrg622; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D451001%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da8a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b3016e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/451001?source=1111384434

GET
H2

200

450981
shemalez.com/embed/ Frame 324D
Redirect Chain

https://direct.shemalez.com/embed/450981?source=1111384434
https://shemalez.com/embed/450981?source=1111384434

0
0

99ms
72ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/450981?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/450981?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=i7e6eepr0d6p24tg3ej6q5a321; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D450981%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da8b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b3116e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/450981?source=1111384434

GET
H2

200

450970
shemalez.com/embed/ Frame D413
Redirect Chain

https://direct.shemalez.com/embed/450970?source=1111384434
https://shemalez.com/embed/450970?source=1111384434

0
0

100ms
74ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/450970?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/450970?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=clfsp8vl21jp9hme6f071lnmv1; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D450970%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09faa000016e61da8f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0791b3516e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/450970?source=1111384434

GET
H2

200

451088
shemalez.com/embed/ Frame D4A1
Redirect Chain

https://direct.shemalez.com/embed/451088?source=1111384434
https://shemalez.com/embed/451088?source=1111384434

0
0

87ms
77ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/451088?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/451088?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=3h7r0h0c7sfgubnt1uoj0qm0n7; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D451088%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da8e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b3416e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/451088?source=1111384434

GET
H2

200

293305
shemalez.com/embed/ Frame 9CCE
Redirect Chain

https://direct.shemalez.com/embed/293305?source=1111384434
https://shemalez.com/embed/293305?source=1111384434

0
0

83ms
73ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/293305?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/293305?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=ov95s34q89vgc5aon1o2j2s4j1; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D293305%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da8d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b3316e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/293305?source=1111384434

GET
H2

200

299968
shemalez.com/embed/ Frame 0E41
Redirect Chain

https://direct.shemalez.com/embed/299968?source=1111384434
https://shemalez.com/embed/299968?source=1111384434

0
0

84ms
74ms

Document
text/html

2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shemalez.com/embed/299968?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash

Request headers

:method: GET
:authority: shemalez.com
:scheme: https
:path: /embed/299968?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d22d96d780e4860457de70c2f7792d4c91592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.shemalez.com; HttpOnly; SameSite=Lax; Secure platform=d; path=/; domain=.shemalez.com PHPSESSID=nqu02fq0uuj8ggq2j26raqaqa4; path=/; domain=.shemalez.com source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=.shemalez.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.shemalez.com kt_rt_source=1111384434; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.shemalez.com kt_referer=http%3A%2F%2Ftransfemdom.gigixo.com%2F; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com kt_qparams=video_id%3D299968%26source%3D1111384434; expires=Thu, 18-Jun-2020 06:46:35 GMT; Max-Age=86400; path=/; domain=.shemalez.com
vary: Accept-Encoding Host,User-Agent
x-powered-by: PHP/5.6.38
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0362a09fa8000016e61da8c200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0790b3216e6-FRA
content-encoding: br

Redirect headers

Server: nginx/1.10.2
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Location: https://shemalez.com/embed/299968?source=1111384434

GET
H2

200

/
txxx.com/embed/11991715/ Frame 7E47
Redirect Chain

https://videotxxx.com/embed/11991715/?source=1111384434
https://txxx.com/embed/11991715/?source=1111384434

0
0

67ms
47ms

Document
text/html

2606:4700:e2::ac40:8f0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://txxx.com/embed/11991715/?source=1111384434
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash

Request headers

:method: GET
:authority: txxx.com
:scheme: https
:path: /embed/11991715/?source=1111384434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://transfemdom.gigixo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3c5491818ba6bad21feab6dc98c3a3541592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.txxx.com; HttpOnly; SameSite=Lax source=1111384434; expires=Thu, 17-Jun-2021 12:35:21 GMT; Max-Age=31556926; path=/; domain=txxx.com tccloak=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=txxx.com kt_lang=en; expires=Sat, 12-Jun-2021 06:46:35 GMT; Max-Age=31104000; path=/; domain=.txxx.com
vary: Accept-Encoding
x-powered-by: PHP/7.2.30
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0362a09f5e000096b0f2166200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4ad0789d3e96b0-FRA
content-encoding: br

Redirect headers

Server: nginx/1.16.1
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://txxx.com/embed/11991715/?source=1111384434

GET
H/1.1 200
OK loadeactrl Show response
transfemdom.gigixo.com/ 36 KB
20 KB 33ms
33ms Script
application/javascript 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://transfemdom.gigixo.com/loadeactrl?pid=41442&siteid=2283158&spaceid=5136944
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 50096101ef30f23f4b170884f1c0c222ff147999a6c8ededc8837272a4ee65b0

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 06:46:43 GMT
Content-Encoding: gzip
X-Frontend: inf-nl1
Last-Modified: Wed, 17 06 2020 06:46:35 GMT
Server: nginx
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Connection: keep-alive
X-Backend-Server: nl1-web213-39
Content-Length: 19861
Expires: Mon, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK NyTEUl3Y Show response
plified.pro/cgD.9Y6lb/2/5ZlNSPW/QF9AM/TFQh2aNXj_Q_whMQSe0FxANbD/Y-2/ 83 KB
28 KB 106ms
74ms Script
application/javascript 88.85.94.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://plified.pro/cgD.9Y6lb/2/5ZlNSPW/QF9AM/TFQh2aNXj_Q_whMQSe0FxANbD/Y-2/NyTEUl3Y

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

HTTP/1.1

Server

88.85.94.229 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

178459c2b1f856af5cc3bf304d685073e7067d955ebcbb8c6b1d33e4231f4014

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 06:46:35 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98275526-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 417
date: Wed, 17 Jun 2020 06:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 17 Jun 2020 08:39:38 GMT

GET
H/1.1 200
OK Cookie set 9d1e13394347478aa7505e5c4801aade.html
tsyndicate.com/iframes2/ Frame A6D8 0
0 1565ms
1558ms Document
text/html 2606:4700::6811:326b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tsyndicate.com/iframes2/9d1e13394347478aa7505e5c4801aade.html?keywords=Shemale,galleries,Shemale,gallery,Free,shemale,galleries,Tranny,galleries,best,porn,photo,ever,adult,girl,toon,porn,wow,porn,cartoons,monster,porn,hentai,viggie,porn,pictures,free,teen,tube,porn,videos,aduts,porn,best,milf,porn,free,mia,lina,porn,sites,male,porn,war,forcd,jaimie,pressley,porn,free,female,masterbating,porn,free,porn,blowjob,orgy,porn,star,mercedez,bio,busn,porn,teeny,toes,porn,free,porn,videos,flash,player,amateur,girl,polo,porn,porn,star,surgeries,feminized,girly,sissy,porn,Tranny,Girl,Videos&adb=0&w=1600&h=1200
Requested by: Host: cdn.tsyndicate.com
URL: http://cdn.tsyndicate.com/sdk/v1/bi.js
Protocol: HTTP/1.1
Server: 2606:4700::6811:326b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: tsyndicate.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://transfemdom.gigixo.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

Date: Wed, 17 Jun 2020 06:46:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6178
Connection: keep-alive
Set-Cookie: __cfduid=d456eaaa8a3695e0d6df6df93721ec4cf1592376395; expires=Fri, 17-Jul-20 06:46:35 GMT; path=/; domain=.tsyndicate.com; HttpOnly; SameSite=Lax ts_uid=66999491-3cd8-4a70-a6a4-36e9771df767; expires=Mon, 17 Jun 2030 06:46:36 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None ts_s=d3ab08f6-8b89-40ab-8ad8-4822ee8ea572; expires=Wed, 17 Jun 2020 06:46:36 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate no-transform
Pragma: no-cache
Expires: 0
Vary: *
Link: <http://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <http://lcdn.tsyndicate.com/images/c/5/e3e5481f0398f707b13621bddf3896b871ff1b.jpg>; rel=preload; as=image
X-Request-Id: 5a4ad0786c5ec2c7-FRA
X-Robots-Tag: none noindex, nofollow
CF-Cache-Status: DYNAMIC
cf-request-id: 0362a09f3c0000c2c7d7904200000001
Server: cloudflare
CF-RAY: 5a4ad0786c5ec2c7-FRA

GET adshow.php
poweredby.jads.co/ Frame 5F05 0
0

GET
H/1.1 200
OK Cookie set adshow.php
poweredby.jads.co/ Frame 3325 0
0 609ms
595ms Document
text/html 185.94.236.21
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/adshow.php?adzone=829980
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads2.js
Protocol: HTTP/1.1
Server: 185.94.236.21 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.4.20
Resource Hash

Request headers

Host: poweredby.jads.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://transfemdom.gigixo.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

Server: nginx
Date: Wed, 17 Jun 2020 06:46:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.4.20
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=5c60b31323288f7f6b1cb2f991446fc5; expires=Thu, 17-Jun-2021 06:46:35 GMT; path=/; domain=.juicyads.com imps96=1; expires=Thu, 18-Jun-2020 06:46:36 GMT; path=/; domain=.juicyads.com imps96=1; expires=Thu, 18-Jun-2020 06:46:36 GMT; path=/; domain=.juicyads.com imps96=1; expires=Thu, 18-Jun-2020 06:46:36 GMT; path=/; domain=.juicyads.com juicy_data_1=YTozOntpOjU1MTU0OTtpOjE1OTI2MzU1OTU7aTo1NTE2MDc7aToxNTkyNjM1NTk1O2k6NTUxNTUzO2k6MTU5MjYzNTU5NTt9; expires=Sat, 20-Jun-2020 06:46:35 GMT; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 20-Jun-2020 06:46:35 GMT; domain=juicyads.com
Content-Encoding: gzip

GET adshow.php
poweredby.jads.co/ Frame 6A8A 0
0

GET
H/1.1 200
OK Cookie set adshow.php
poweredby.jads.co/ Frame D9A2 0
0 803ms
797ms Document
text/html 185.94.236.21
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/adshow.php?adzone=830926
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads2.js
Protocol: HTTP/1.1
Server: 185.94.236.21 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.4.20
Resource Hash

Request headers

Host: poweredby.jads.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://transfemdom.gigixo.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://transfemdom.gigixo.com/

Response headers

Server: nginx
Date: Wed, 17 Jun 2020 06:46:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.4.20
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=5c60b31323288f7f6b1cb2f991446fc5; expires=Thu, 17-Jun-2021 06:46:35 GMT; path=/; domain=.juicyads.com imps1463=1; expires=Thu, 18-Jun-2020 06:46:36 GMT; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjEyMTM1MztpOjE1OTI2MzU1OTU7fQ%3D%3D; expires=Sat, 20-Jun-2020 06:46:35 GMT; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 20-Jun-2020 06:46:35 GMT; domain=juicyads.com
Content-Encoding: gzip

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1619800129&t=pageview&_s=1&dl=http%3A%2F%2Ftransfemdom.gigixo.com%2F&ul=en-us&de=UTF-8&dt=Tranny%20Girl%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2133201766&gjid=854250074&cid=1652108148.1592376396&tid=UA-98275526-8&_gid=574988448.1592376396&_r=1&gtm=2ou640&z=896143619

Requested by

Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 06:46:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK eactrl.go Show response
go.eroadvertising.com/ 11 KB
6 KB 50ms
36ms XHR
application/json 2001:1aa8:185::212:100
NL-CAVEO

General

Check archive.org

Show headers Download Go to

Full URL: http://go.eroadvertising.com/eactrl.go
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: HTTP/1.1
Server: 2001:1aa8:185::212:100 , Netherlands, ASN24642 (NL-CAVEO, NL),
Reverse DNS
Software: nginx /
Resource Hash: 48fe9f790862dae1195657921d2cf4d4324c2c036922bd9276a69b68af6268f7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 06:46:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 06 2020 06:46:35 GMT
Server: nginx
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token,X-CSRFToken, Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://transfemdom.gigixo.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Connection: keep-alive
X-Backend-Server: nl1-web213-54
Content-Length: 5516
Expires: Mon, 03 Jul 2001 06:00:00 GMT

GET
H2 200 jdsyfnsdlurs.js Show response
www.defutohy.pro/aae253/ 84 KB
28 KB 221ms
36ms Script
application/javascript 67.216.90.21
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js
Requested by: Host: plified.pro
URL: http://plified.pro/cgD.9Y6lb/2/5ZlNSPW/QF9AM/TFQh2aNXj_Q_whMQSe0FxANbD/Y-2/NyTEUl3Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.90.21 Dallas, United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.18.0 /
Resource Hash: ec69683c0f49fb77465a3756ac708e6c068a2e88af9c16ff4f0436d4dc5a31e4

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 06:46:35 GMT
content-encoding: br
vary: Accept-Encoding
server: ucdn/1.18.0
x-ureq-id: PYMqMNZBGwvaY0CmuMsf0DgHUARlFXEYh09elgLkf7UsBZEwXw3anVotjgbhfwVf/1bd/HLaktHOFliYBBECZ2XDnqbRf56OwmL8Cw==
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315357205, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 27010.gif
data.eroadvertising.com/datanew/bannerpools/111659/ 41 KB
42 KB 30ms
14ms Image
image/gif 2001:1aa8:185::212:102
NL-CAVEO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://data.eroadvertising.com/datanew/bannerpools/111659/27010.gif
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 2001:1aa8:185::212:102 , Netherlands, ASN24642 (NL-CAVEO, NL),
Reverse DNS
Software: nginx /
Resource Hash: ceb9c9de33fe07ba36435db22a5c295e3dee6b23c227ddc489b593efa671a1c6

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 06:46:35 GMT
Last-Modified: Sun, 29 Sep 2019 03:01:38 GMT
Server: nginx
ETag: "5d901e92-a4d4"
X-Compressor: nl1-static-175
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 42196
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK eactrl.go Show response
go.eroadvertising.com/ 2 B
618 B 21ms
21ms XHR
text/plain 2001:1aa8:185::212:100
NL-CAVEO

General

Check archive.org

Show headers Download Go to

Full URL: http://go.eroadvertising.com/eactrl.go
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: HTTP/1.1
Server: 2001:1aa8:185::212:100 , Netherlands, ASN24642 (NL-CAVEO, NL),
Reverse DNS
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 06:46:35 GMT
Last-Modified: Wed, 17 06 2020 06:46:35 GMT
Server: nginx
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token,X-CSRFToken, Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://transfemdom.gigixo.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Connection: keep-alive
X-Backend-Server: nl1-web213-54
Content-Length: 2
Expires: Mon, 03 Jul 2001 06:00:00 GMT

GET
H2 200 nr-1169.min.js Show response
js-agent.newrelic.com/ 27 KB
10 KB 26ms
25ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1169.min.js
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 06:46:39 GMT
content-encoding: gzip
x-amz-request-id: 34323E3DCD0235EE
x-cache: HIT
status: 200
content-length: 10276
x-amz-id-2: 9jY3iPL7VUwIJzTyN+h7Ca5OmyTHJnV5bajpkoOIyWsew9TsPn8KKSFSp2suxVMh6C06C6O/roM=
x-served-by: cache-fra19151-FRA
last-modified: Wed, 20 May 2020 21:16:15 GMT
server: AmazonS3
x-timer: S1592376399.287089,VS0,VE0
etag: "7e312620a90879b595db1bff9c42ed57"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13863

POST
H/1.1 204
No Content ngx_pagespeed_beacon Show response
transfemdom.gigixo.com/ 0
182 B 44ms
43ms XHR
text/plain 37.1.205.124
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://transfemdom.gigixo.com/ngx_pagespeed_beacon?url=http%3A%2F%2Ftransfemdom.gigixo.com%2F
Requested by: Host: transfemdom.gigixo.com
URL: http://transfemdom.gigixo.com/
Protocol: HTTP/1.1
Server: 37.1.205.124 , Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 17 Jun 2020 06:46:47 GMT
Cache-Control: max-age=0, no-cache
X-AdFeed: core3-feed
Server: nginx
Connection: keep-alive
X-Frontend: inf-nl1

GET
H/1.1 200
OK e91b5c1a02 Show response
bam.nr-data.net/1/ 57 B
146 B 210ms
107ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/e91b5c1a02?a=588313042&v=1169.7b094c0&to=NFwHMUEHDEpQVBZQCQ0WNhVBDwxeclgMTRQMVQkAQUlIExEfJXwySg%3D%3D&rst=8301&ck=1&ref=http://transfemdom.gigixo.com/&ap=2477&be=2973&fe=8268&dc=4545&perf=%7B%22timing%22:%7B%22of%22:1592376391008,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:20,%22c%22:20,%22ce%22:33,%22rq%22:33,%22rp%22:2948,%22rpe%22:2987,%22dl%22:2956,%22di%22:4545,%22ds%22:4545,%22de%22:4546,%22dc%22:8268,%22l%22:8268,%22le%22:8285%7D,%22navigation%22:%7B%7D%7D&fp=4512&fcp=4512&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 200
OK e91b5c1a02 Show response
bam.nr-data.net/events/1/ 24 B
188 B 107ms
106ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/e91b5c1a02?a=588313042&v=1169.7b094c0&to=NFwHMUEHDEpQVBZQCQ0WNhVBDwxeclgMTRQMVQkAQUlIExEfJXwySg%3D%3D&rst=18355&ck=1&ref=http://transfemdom.gigixo.com/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: http://transfemdom.gigixo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: http://transfemdom.gigixo.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=829980

Domain: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=830926

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.realsrv.com/	1970-01-19 10:21:02	Name: impressions Value: x%9C%ABV2635247%D451%B4%B400%B14P%B2%8A6%D414%B542673%B6%B4%D0Q2411P%8A%AD%05%00%C0%BA%09%13
chaturbate.com/	1970-01-20 10:18:09	Name: sbr Value: "sec:sbr2c676e80-c617-492c-8cee-9a92c448d7fb:1jlRqH:xQPWpCWDd0FUa3aPF-83ryrT5uk"
.chaturbate.com/	1970-01-19 11:02:48	Name: affkey Value: "eJyrVipSslJQyigpKSi20tc3NDI0NDI2NtMryKzQTU7J08svStdXqgUA0s8LMQ=="
chaturbate.com/	1970-01-19 11:02:48	Name: stcki Value: "JBzPFz=0"
chaturbate.com/	1970-01-19 19:03:45	Name: csrftoken Value: 5Sf6Ti3WzPBCf4Qtl2M4FrItfzMRIzkSKgMW7747xkTwIbKYZNl2G9YBgOo7uS9u
.realsrv.com/	1970-01-20 03:50:48	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225ee9bc4ed3e139.51054545720307119%22%3B%7D
.txxx.com/	1970-01-19 10:20:48	Name: _ym_isad Value: 2
.shemalez.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5fbk6t31c9a1teevst90bo0kj7
.shemalez.com/	1969-12-31 23:59:59	Name: platform Value: d

120 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://transfemdom.gigixo.com/loadeactrl?pid=41442&siteid=2283158&spaceid=5136944(Line 8) Message: eaCtrl Init from LoadeaCtrl
console-api	log	URL: http://plified.pro/cgD.9Y6lb/2/5ZlNSPW/QF9AM/TFQh2aNXj_Q_whMQSe0FxANbD/Y-2/NyTEUl3Y(Line 51) Message: [object HTMLImageElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3494u203u256s2s2x26463b4&u=http%3A%2F%2Fwww.juicyads.rocks(Line 2) Message: console.clear
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://www.defutohy.pro/aae253/jdsyfnsdlurs.js(Line 1) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.nr-data.net
cdn.tsyndicate.com
data.eroadvertising.com
direct.shemalez.com
go.eroadvertising.com
js-agent.newrelic.com
js.juicyads.com
maxcdn.bootstrapcdn.com
plified.pro
poweredby.jads.co
shemalez.com
transfemdom.gigixo.com
tsyndicate.com
txxx.com
videotxxx.com
www.defutohy.pro
www.google-analytics.com
www.googletagmanager.com
poweredby.jads.co
109.206.172.148
151.101.14.110
162.247.242.19
185.94.236.21
2001:1aa8:185::212:100
2001:1aa8:185::212:102
2001:4de0:ac19::1:b:1b
2600:9000:2182:5200:c:dd71:23c0:93a1
2606:4700:20::681a:d3c
2606:4700::6811:306b
2606:4700::6811:326b
2606:4700:e2::ac40:8f0e
2a00:1450:4001:800::200e
2a00:1450:4001:809::200a
2a00:1450:4001:825::2008
31.220.24.92
37.1.205.124
67.216.90.21
88.85.94.229
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
178459c2b1f856af5cc3bf304d685073e7067d955ebcbb8c6b1d33e4231f4014
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2769dfb8ef652fb1a5bae382dde31f12debedc946763f091be2791f1ab9824fe
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
344b123ecfa158d419b9803fb9651b30e35fdfb4162d52de316114fb9b2815ad
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48fe9f790862dae1195657921d2cf4d4324c2c036922bd9276a69b68af6268f7
50096101ef30f23f4b170884f1c0c222ff147999a6c8ededc8837272a4ee65b0
55cfa70613815796c4e58f1817398220f4ba06dca43d558865919d9017d42ab1
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5eaaf7c9945e60d60b3e5427c8617a86adef773e379b02da8f2bb93db666b7a2
6072e7952d00433dea74c463e8c566554a26ab23e43cfc7a770b85e38533ee0b
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b853b68a40cd620d060f65b57f982836286f9f920822af59673b24fce09c83f
9eaf66e8407dcacda576abb7c306c2becd4edcbd32cffd9ea65f568fd5cc21c8
ca9b316a4aa635f54f257c0b25d5841cb12f0fc01f1498db99b9b42fbafe34a9
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
ceb9c9de33fe07ba36435db22a5c295e3dee6b23c227ddc489b593efa671a1c6
d000e455f4ce9b3e9ad4302906f9adf3647e16485dfcfed64cedfbe38e312a16
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e23f9dd43552567f6515849d27e1d1a156a6813f8830ca79e350c7c8efc17eb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab5daee275272a948e0ea065ef3624af30b924b398f3c92a2911224c3cbcf91
ec69683c0f49fb77465a3756ac708e6c068a2e88af9c16ff4f0436d4dc5a31e4
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

transfemdom.gigixo.com Open in urlscan Pro 37.1.205.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

57 %HTTPS

58 %IPv6

16 Domains

19 Subdomains

18 IPs

3 Countries

1332 kBTransfer

1860 kBSize

9 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

transfemdom.gigixo.com Open in urlscan Pro
37.1.205.124 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

57 %
HTTPS

58 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

1332 kB
Transfer

1860 kB
Size

9
Cookies

44 HTTP transactions
1 data transactions