urlscan.io logo urlscan.io
SecurityTrails logo

newshemalesvideos.com Open in urlscan Pro
2606:4700:30::681c:1bfd  Public Scan

Go To Rescan Add Verdict Report
URL: https://newshemalesvideos.com/
Submission: On March 21 via automatic, source alexatop100k
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 38 HTTP transactions. The main IP is 2606:4700:30::681c:1bfd, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is newshemalesvideos.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 3rd 2019. Valid for: a year.
This is the only time newshemalesvideos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2606:2800:234... 15133 (EDGECAST)
1 1 93.93.53.189 34655 (DOCLER-AS)
2 93.93.51.191 34655 (DOCLER-AS)
7 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 95.211.229.245 60781 (LEASEWEB-...)
2 88.85.94.240 35415 (WEBZILLA)
2 2a00:1450:400... 15169 (GOOGLE)
2 95.211.229.247 60781 (LEASEWEB-...)
1 78.140.178.144 35415 (WEBZILLA)
38 13
1    2606:4700:30::681c:1bfd (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
newshemalesvideos.com
1    2606:4700:10::6814:bf75 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
k2s.cc
4    2606:2800:234:1f1f:1754:1fef:718:1223 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ads.exosrv.com
ads.exoclick.com
static.exoclick.com
1    93.93.53.189 (Luxembourg)

ASN34655 (DOCLER-AS, HU)
pto.awecr.com
2    93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, HU)
awempt.com
pt.protoawe.com
7    2606:4700:30::681f:4574 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
pornovideoshub.com
3    2606:4700:30::681f:4474 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
pornovideoshub.com
1    2606:4700:20::6819:f6d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.keep2share.cc
3    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exoclick.com
syndication.exosrv.com
2    88.85.94.240 (Netherlands)

ASN35415 (WEBZILLA, NL)
psonstrentie.info
2    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exoclick.com
1    78.140.178.144 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: v-5-315-d5539-144.webazilla.com
www.thdragate.info
Domain Requested by
10 pornovideoshub.com newshemalesvideos.com
4 syndication.exoclick.com newshemalesvideos.com
ads.exoclick.com
2 static.exoclick.com newshemalesvideos.com
2 www.google-analytics.com newshemalesvideos.com
2 psonstrentie.info newshemalesvideos.com
psonstrentie.info
1 pt.protoawe.com awempt.com
1 www.thdragate.info psonstrentie.info
1 syndication.exosrv.com ads.exosrv.com
1 ads.exoclick.com newshemalesvideos.com
1 static.keep2share.cc newshemalesvideos.com
1 awempt.com newshemalesvideos.com
1 pto.awecr.com 1 redirects
1 ads.exosrv.com newshemalesvideos.com
1 k2s.cc newshemalesvideos.com
1 newshemalesvideos.com newshemalesvideos.com
38 15

This site contains links to these domains. Also see Links.

Domain
www.18-teenporn.com
watchmygf.mobi
keep2share.cc
theporndude.com
wordpress.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-03-03 -
2020-03-03		 a year crt.sh
*.k2s.cc
COMODO RSA Domain Validation Secure Server CA		 2018-08-29 -
2019-09-11		 a year crt.sh
*.exoclick.com
DigiCert SHA2 Secure Server CA		 2017-12-12 -
2020-12-16		 3 years crt.sh
awempt.com
Let's Encrypt Authority X3		 2019-02-27 -
2019-05-28		 3 months crt.sh
psonstrentie.info
COMODO RSA Domain Validation Secure Server CA		 2018-10-12 -
2019-10-12		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
exosrv.com
Let's Encrypt Authority X3		 2019-02-10 -
2019-05-11		 3 months crt.sh
thdragate.info
Sectigo RSA Domain Validation Secure Server CA		 2019-01-21 -
2020-01-21		 a year crt.sh
pt.aweproto.com
Let's Encrypt Authority X3		 2019-02-10 -
2019-05-11		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://newshemalesvideos.com/
Frame ID: 4E49BDF7EAFCBF5309AD857902AD7070
Requests: 33 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=2604249&type=300x250&p=https%3A//newshemalesvideos.com/&dt=1553183048459&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: 9B25C81AFDC2605AEC2647E907566263
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=2604251&type=300x250&p=https%3A//newshemalesvideos.com/&dt=1553183048471&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: 091C3C021103EF8770C5C2D54090EB5B
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=2604257&type=300x250&p=https%3A//newshemalesvideos.com/&dt=1553183048484&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: FD8A90A11DDE8B1DA7E3000ECFD023A7
Requests: 1 HTTP requests in this frame

Frame: https://static.exoclick.com/library/322388/0fcff70ed448a54a31c2caeefb073f672c915d58.jpg
Frame ID: E210515C90105C0FB4A3C61A0513EACD
Requests: 1 HTTP requests in this frame

Frame: https://pt.protoawe.com/live-feed/?width=640&height=480&site=myt&cobrandId=&muted=0&subAffId=%7BSUBAFFID%7D&hideConsole=1&categoryName=transgender&psid=zipper&psprogram=revs&pstool=202_1&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=1&vp%5BchatAutoHide%5D=0
Frame ID: BE20778B6260138F2AC1608965F76F0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i

Page Statistics

38
Requests

47 %
HTTPS

54 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

482 kB
Transfer

669 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://pto.awecr.com/live_feeds/script_basic_livefeed.php?performerId=&performerList=&forcedPerformer=0&width=640&height=480&chatMode=always&bgColor=&site=myt&cobrandId=&psId=zipper&psTool=202_1&psProgram=revs&campaignId=&category=transgender&muted=0&subAffId={SUBAFFID} HTTP 302
  • https://awempt.com/embed/lf?performerId=&performerList=&forcedPerformer=0&width=640&height=480&chatMode=always&bgColor=&site=myt&cobrandId=&psId=zipper&psTool=202_1&psProgram=revs&campaignId=&category=transgender&muted=0&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newshemalesvideos.com/ 		40 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1bfd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.32
Resource Hash
7c3a9f341af762df6d8ca778ec4c23011f0d1a9ff0e6c8d7365e5ba0d2702bee

Request headers

:method
GET
:authority
newshemalesvideos.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 21 Mar 2019 15:44:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d42de47bc0a686c28a0f208535988e8d91553183048; expires=Fri, 20-Mar-20 15:44:08 GMT; path=/; domain=.newshemalesvideos.com; HttpOnly
x-powered-by
PHP/7.0.32
link
<http://newshemalesvideos.com/wp-json/>; rel="https://api.w.org/"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4bb10ba27eb497b6-FRA
content-encoding
br
links-to-preview.js
k2s.cc/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k2s.cc/js/links-to-preview.js
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:bf75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8535f4476a276ec476ce13f3bdb4e0268a36f24374045a4279a5a0a87cde772e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 15:44:08 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=2522
status
200
strict-transport-security
max-age=15768000
last-modified
Wed, 20 Mar 2019 09:18:08 GMT
server
cloudflare
etag
W/"5c920550-9da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
4bb10ba39953c2ec-FRA
expires
Fri, 20 Mar 2020 15:44:08 GMT
popunder1000.js
ads.exosrv.com/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.exosrv.com/popunder1000.js
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B0) /
Resource Hash
280b7d92b32d2596f1108d1f7c220ffd046c59806a41d9c3f52fc0f053e83e2b

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 15:44:08 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 13:29:03 GMT
server
ECS (fcn/40B0)
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-length
31616
expires
Thu, 21 Mar 2019 18:44:08 GMT
lf
awempt.com/embed/
Redirect Chain
  • https://pto.awecr.com/live_feeds/script_basic_livefeed.php?performerId=&performerList=&forcedPerformer=0&width=640&height=480&chatMode=always&bgColor=&site=myt&cobrandId=&psId=zipper&psTool=202_1&p...
  • https://awempt.com/embed/lf?performerId=&performerList=&forcedPerformer=0&width=640&height=480&chatMode=always&bgColor=&site=myt&cobrandId=&psId=zipper&psTool=202_1&psProgram=revs&campaignId=&categ...
7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awempt.com/embed/lf?performerId=&performerList=&forcedPerformer=0&width=640&height=480&chatMode=always&bgColor=&site=myt&cobrandId=&psId=zipper&psTool=202_1&psProgram=revs&campaignId=&category=transgender&muted=0&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, HU),
Reverse DNS
Software
unknown /
Resource Hash
358991567b55d5624db6de8d30f68f157a32727b4daa487cd21710095bf58e28

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 21 Mar 2019 15:44:08 GMT
cache-control
no-cache
server
unknown
x-real-source
-
content-type
application/javascript

Redirect headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
Content-Encoding
gzip
Server
unknown
Vary
Accept-Encoding
Content-Type
text/html
Location
//awempt.com/embed/lf?performerId=&performerList=&forcedPerformer=0&width=640&height=480&chatMode=always&bgColor=&site=myt&cobrandId=&psId=zipper&psTool=202_1&psProgram=revs&campaignId=&category=transgender&muted=0&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1
Connection
close
Content-Length
20
ManyVids_presents_AnastasiaPenny_in_We_Came_Inside_Her_Pussy__Premium_user_request_.mp4.00005.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/ManyVids_presents_AnastasiaPenny_in_We_Came_Inside_Her_Pussy__Premium_user_request_.mp4.00005.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba63d6e4b5151f9ed3328fc450cfec60430431a56195e756d5086dcde2c3c46b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 21 Mar 2019 10:01:49 GMT
Server
cloudflare
ETag
"5c93610d-6daf"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba33c5097ce-FRA
Content-Length
28079
Expires
Thu, 21 Mar 2019 19:44:08 GMT
ManyVids_presents_kimberhaven_in_Bye_Bye_Bang_Kristen__Premium_user_request_.mp4.00005.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/ManyVids_presents_kimberhaven_in_Bye_Bye_Bang_Kristen__Premium_user_request_.mp4.00005.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35192cbf9b0c5d0c837087e944f30f4cfe53da81fe9ecd3c1983ee8a3006468

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 21 Mar 2019 09:55:20 GMT
Server
cloudflare
ETag
"5c935f88-a2af"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba339d3977a-FRA
Content-Length
41647
Expires
Thu, 21 Mar 2019 19:44:08 GMT
ManyVids_presents_AnastasiaPenny_in_Mistress_Anastasia__Premium_user_request_.mp4.00013.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/ManyVids_presents_AnastasiaPenny_in_Mistress_Anastasia__Premium_user_request_.mp4.00013.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad7ddce5c6f32f5c99eec289aeaa0dc232eaa964d3d86ae5dc2b13ca9342988

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 21 Mar 2019 09:54:00 GMT
Server
cloudflare
ETag
"5c935f38-5d17"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba3ca79977a-FRA
Content-Length
23831
Expires
Thu, 21 Mar 2019 19:44:08 GMT
Transgression.mp4.00008.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/Transgression.mp4.00008.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19d61a0718017630c0819d86cdf69bbbe5029b6677427b28d8cf1d5d1dab414

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Mar 2019 19:41:02 GMT
Server
cloudflare
ETag
"5c92974e-748b"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba3ed3297ce-FRA
Content-Length
29835
Expires
Thu, 21 Mar 2019 19:44:08 GMT
Transgression_-_1.mp4.00013.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/Transgression_-_1.mp4.00013.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de6efc5412af50d3eae9876525a56008bf6ec967a24e983e375d5f88d64fd5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Mar 2019 19:43:05 GMT
Server
cloudflare
ETag
"5c9297c9-517f"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba3facd977a-FRA
Content-Length
20863
Expires
Thu, 21 Mar 2019 19:44:08 GMT
Tgirlpost-op_presents_Patty_s_Bathroom_Pussy_Play____20.03.2019.mp4.00004.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/Tgirlpost-op_presents_Patty_s_Bathroom_Pussy_Play____20.03.2019.mp4.00004.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4474 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f8531b43cee8471cbd6974523480c4f4c88643cbd34fb4f7e9a2a7b59b2ea07

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Mar 2019 19:43:04 GMT
Server
cloudflare
ETag
"5c9297c8-8c60"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba3ef69bf2a-FRA
Content-Length
35936
Expires
Thu, 21 Mar 2019 19:44:08 GMT
Transgression_-_4.mp4.00002.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/Transgression_-_4.mp4.00002.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4474 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3afd859dcfb95a7aacd84be843693890267ab167ff0b9497a8e7ff2f58294fc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Mar 2019 19:39:37 GMT
Server
cloudflare
ETag
"5c9296f9-6ddd"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba3edd5bf02-FRA
Content-Length
28125
Expires
Thu, 21 Mar 2019 19:44:08 GMT
style.css
newshemalesvideos.com/wp-content/themes/twentyten/ 		0
0
wp-emoji-release.min.js
newshemalesvideos.com/wp-includes/js/ 		0
0
style.min.css
newshemalesvideos.com/wp-includes/css/dist/block-library/ 		0
0
jquery.js
newshemalesvideos.com/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
newshemalesvideos.com/wp-includes/js/jquery/ 		0
0
Transgression_-_3.mp4.00000.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/Transgression_-_3.mp4.00000.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4474 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f643a5a924de9b80b8fe371f646f13de1e8e24ddadcea9152f1645d94355d902

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Mar 2019 19:39:17 GMT
Server
cloudflare
ETag
"5c9296e5-73e2"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba3ec9abee4-FRA
Content-Length
29666
Expires
Thu, 21 Mar 2019 19:44:08 GMT
LadyboyVice_presents_Angel_Cuffed_Bareback___20.03.2019.mp4.00009.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/LadyboyVice_presents_Angel_Cuffed_Bareback___20.03.2019.mp4.00009.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e58915ae9f007dbac76ca309d47258fcf687ba3225d6d5017adb6cae2752c4d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Mar 2019 19:38:09 GMT
Server
cloudflare
ETag
"5c9296a1-71ba"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba3fac2977a-FRA
Content-Length
29114
Expires
Thu, 21 Mar 2019 19:44:08 GMT
Pure-Ts_presents_JoJo_Havana_Acrobatic_Anal_Sex_-_20.03.2019.mp4.00000.jpg
pornovideoshub.com/wp-content/uploads/2019/03/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pornovideoshub.com/wp-content/uploads/2019/03/Pure-Ts_presents_JoJo_Havana_Acrobatic_Anal_Sex_-_20.03.2019.mp4.00000.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
494fcff04efff42cc3bf70848d145c1b9ce49a0779e327d32806f3cb84924367

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Mar 2019 19:37:43 GMT
Server
cloudflare
ETag
"5c929687-cd51"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba40d5c97ce-FRA
Content-Length
52561
Expires
Thu, 21 Mar 2019 19:44:08 GMT
00250x00250-02.gif
static.keep2share.cc/images/i/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.keep2share.cc/images/i/00250x00250-02.gif
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Server
2606:4700:20::6819:f6d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef5c34b5f1158e59f4304d2ed7fedf76b9eb85bb2651b20fa2d4b16bcc97247

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
Last-Modified
Tue, 13 Jun 2017 06:56:08 GMT
Server
cloudflare
ETag
"593f8c88-72fe"
Access-Control-Allow-Methods
GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4bb10ba41c62c288-FRA
Content-Length
29438
ads.js
ads.exoclick.com/ 		2 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.exoclick.com/ads.js
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
59ddae45b03564f67a3341d574c10c172bd2b76cc882016f6f7c25a130b72ee1

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 15:44:08 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 13:28:26 GMT
server
ECS (fcn/40E2)
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-length
825
expires
Thu, 21 Mar 2019 18:44:08 GMT
splash.php
syndication.exoclick.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/splash.php?idzone=2604245
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
fa677f271942331ba20aae6d4aabfe1cbea7329a553d576bc79a55f2c9d87e23

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
vertical.css
newshemalesvideos.com/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/ 		0
0
jscripts.php
newshemalesvideos.com/wp-content/plugins/wp-spamshield/js/ 		0
0
AJyYNUToIS1N
psonstrentie.info/cADY9C6hbq2F5_lkSgWUQz9/MUjqgRwvM_jVMK0TN/C_0nyoOiD/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psonstrentie.info/cADY9C6hbq2F5_lkSgWUQz9/MUjqgRwvM_jVMK0TN/C_0nyoOiD/AJyYNUToIS1N
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.85.94.240 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
52a9301aececa0d8ca9d4620647b556f6e08d8d8ec6273edb0cf4d7173463f25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Mar 2019 15:44:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Mar 2019 15:44:06 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
HTA-User
<unauthorized>
Connection
keep-alive
Expires
Mon, 26 Jul 2011 05:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
7032
date
Thu, 21 Mar 2019 13:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Thu, 21 Mar 2019 15:46:56 GMT
ads-priv.php
syndication.exosrv.com/ 		0
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-priv.php?i=0
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/popunder1000.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 15:44:08 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1699281973&t=pageview&_s=1&dl=https%3A%2F%2Fnewshemalesvideos.com%2F&ul=en-us&de=UTF-8&dt=NewShemalesVideos.com%20%7C%20New%20Videos%20Only!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1120911096&gjid=358912614&cid=740161435.1553183048&tid=UA-73161342-1&_gid=1402895078.1553183048&_r=1&z=493973068
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2019 15:44:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame 9B25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=2604249&type=300x250&p=https%3A//newshemalesvideos.com/&dt=1553183048459&sub=&tags=&screen_resolution=1600x1200&el=
Requested by
Host: ads.exoclick.com
URL: https://ads.exoclick.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://newshemalesvideos.com/
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c93b14850b2c9.54969320881683671%22%3B%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://newshemalesvideos.com/

Response headers

Server
nginx
Date
Thu, 21 Mar 2019 15:44:08 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c93b14850b2c9.54969320881683671%22%3B%7D; expires=Sat, 20-Mar-2021 15:44:08 GMT; Max-Age=63072000; domain=exoclick.com impressions=x%9CK%B42%B4%AA%CE%B422667%B4%B0%B0N%B42%06q%0D%AC3%AD%0Ca%D8%D4%D4%D8%D0%C2%D8%C0%C4%02%C81%B2.%B62%B1R2411P%B2%AE%AD%05%00%F9%DC%0F%D0; expires=Fri, 22-Mar-2019 15:44:08 GMT; Max-Age=86400; path=/; domain=.exoclick.com
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame 091C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=2604251&type=300x250&p=https%3A//newshemalesvideos.com/&dt=1553183048471&sub=&tags=&screen_resolution=1600x1200&el=
Requested by
Host: ads.exoclick.com
URL: https://ads.exoclick.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://newshemalesvideos.com/
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c93b14850b2c9.54969320881683671%22%3B%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://newshemalesvideos.com/

Response headers

Server
nginx
Date
Thu, 21 Mar 2019 15:44:08 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c93b14850b2c9.54969320881683671%22%3B%7D; expires=Sat, 20-Mar-2021 15:44:08 GMT; Max-Age=63072000; domain=exoclick.com impressions=x%9CK%B42%B4%AA%CE%B422667%B4%B0%B0N%B42%06q%0D%AC3%AD%0Ca%D8%D4%D4%D8%D0%C2%D8%C0%C4%02%C81%B2.%B62%B1R2411P%B2%AE%AD%05%00%F9%DC%0F%D0; expires=Fri, 22-Mar-2019 15:44:08 GMT; Max-Age=86400; path=/; domain=.exoclick.com
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame FD8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=2604257&type=300x250&p=https%3A//newshemalesvideos.com/&dt=1553183048484&sub=&tags=&screen_resolution=1600x1200&el=
Requested by
Host: ads.exoclick.com
URL: https://ads.exoclick.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://newshemalesvideos.com/
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c93b14850b2c9.54969320881683671%22%3B%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://newshemalesvideos.com/

Response headers

Server
nginx
Date
Thu, 21 Mar 2019 15:44:08 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c93b14850b2c9.54969320881683671%22%3B%7D; expires=Sat, 20-Mar-2021 15:44:08 GMT; Max-Age=63072000; domain=exoclick.com
Content-Encoding
gzip
jscripts-ftr-min.js
newshemalesvideos.com/wp-content/plugins/wp-spamshield/js/ 		0
0
wp-embed.min.js
newshemalesvideos.com/wp-includes/js/ 		0
0
prndcwkqldir.js
www.thdragate.info/dac458/ 		58 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thdragate.info/dac458/prndcwkqldir.js
Requested by
Host: psonstrentie.info
URL: https://psonstrentie.info/cADY9C6hbq2F5_lkSgWUQz9/MUjqgRwvM_jVMK0TN/C_0nyoOiD/AJyYNUToIS1N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.140.178.144 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
v-5-315-d5539-144.webazilla.com
Software
nginx/1.10.3 /
Resource Hash
7dc25ed9fc9fa1c74097562ed1f4ada83ed9ba2c1bcb0e337ea7e892f875aae5

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 15:44:08 GMT
content-encoding
gzip
server
nginx/1.10.3
access-control-allow-origin
*
x-ureq-id
PYMqMNZBGwvaY0CmuMof0pf7tyCEcqPvDG6+VCAKKaFJkAQCf25Z8FudoX7CxLoHQgU8YQgh7Dg2mhKK1KWSEKt/jEu9KD5phzSB
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
status
200
cache-control
max-age=315357411, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
ZUn.A_
psonstrentie.info/ 		0
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://psonstrentie.info/ZUn.A_?fp=7b8dd8868d4675b71ae10477fb163ae2
Requested by
Host: psonstrentie.info
URL: https://psonstrentie.info/cADY9C6hbq2F5_lkSgWUQz9/MUjqgRwvM_jVMK0TN/C_0nyoOiD/AJyYNUToIS1N
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.85.94.240 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Mar 2019 15:44:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
HTA-User
<unauthorized>
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
close-icon-circle.png
static.exoclick.com/images/ 		405 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.exoclick.com/images/close-icon-circle.png
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B2) /
Resource Hash
94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 15:44:08 GMT
last-modified
Tue, 27 Mar 2018 10:41:02 GMT
server
ECS (fcn/40B2)
etag
"5aba1fbe-195"
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
405
expires
Fri, 20 Mar 2020 15:44:08 GMT
0fcff70ed448a54a31c2caeefb073f672c915d58.jpg
static.exoclick.com/library/322388/ Frame E210 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.exoclick.com/library/322388/0fcff70ed448a54a31c2caeefb073f672c915d58.jpg
Requested by
Host: newshemalesvideos.com
URL: https://newshemalesvideos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/419F) /
Resource Hash
5dcee6b81ea245797bf7eb7205d89dfab5063facf3e9802807d41d63fd49aa13

Request headers

Referer
https://newshemalesvideos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 15:44:08 GMT
last-modified
Fri, 06 May 2016 12:26:26 GMT
server
ECS (fcn/419F)
etag
"572c8d72-3d4c"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15692
expires
Fri, 20 Mar 2020 15:44:08 GMT
/
pt.protoawe.com/live-feed/ Frame BE20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pt.protoawe.com/live-feed/?width=640&height=480&site=myt&cobrandId=&muted=0&subAffId=%7BSUBAFFID%7D&hideConsole=1&categoryName=transgender&psid=zipper&psprogram=revs&pstool=202_1&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=1&vp%5BchatAutoHide%5D=0
Requested by
Host: awempt.com
URL: https://awempt.com/embed/lf?performerId=&performerList=&forcedPerformer=0&width=640&height=480&chatMode=always&bgColor=&site=myt&cobrandId=&psId=zipper&psTool=202_1&psProgram=revs&campaignId=&category=transgender&muted=0&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, HU),
Reverse DNS
Software
unknown /
Resource Hash

Request headers

:method
GET
:authority
pt.protoawe.com
:scheme
https
:path
/live-feed/?width=640&height=480&site=myt&cobrandId=&muted=0&subAffId=%7BSUBAFFID%7D&hideConsole=1&categoryName=transgender&psid=zipper&psprogram=revs&pstool=202_1&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=1&vp%5BchatAutoHide%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://newshemalesvideos.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://newshemalesvideos.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
date
Thu, 21 Mar 2019 15:44:09 GMT
server
unknown
x-real-source
-
content-encoding
gzip

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-content/themes/twentyten/style.css
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/vertical.css?version=3.6.1
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-content/plugins/wp-spamshield/js/jscripts.php
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-content/plugins/wp-spamshield/js/jscripts-ftr-min.js
Domain
newshemalesvideos.com
URL
http://newshemalesvideos.com/wp-includes/js/wp-embed.min.js?ver=5.1.1

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings string| _wp_rp_static_base_url string| _wp_rp_wp_ajax_url string| _wp_rp_plugin_version string| _wp_rp_post_id string| _wp_rp_num_rel_posts boolean| _wp_rp_thumbnails string| _wp_rp_post_title object| _wp_rp_post_tags boolean| _wp_rp_promoted_content object| __htapop string| ujeehgzszqs object| thisScript string| GoogleAnalyticsObject function| ga string| ad_idzone number| ad_frequency_period number| ad_frequency_count number| ad_trigger_method string| ads_priv string| c_name string| expires object| date string| browser function| V4ss function| E9nn string| value function| isIE function| isSafari function| isChrome function| isFirefox function| getBrowser function| checkIncognito function| isIEIncognito function| isSafariIncognito function| isChromeIncognito function| isFirefoxIncognito string| browser_key string| ua string| popns object| exoJsPop101 string| ad_sub string| ad_sub2 string| ad_sub3 string| ad_cat string| ad_trigger_class string| ad_tags string| ad_el boolean| ad_popup_fallback boolean| ad_popup_force boolean| ad_new_tab object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ptFocusTool function| ptInitPromoPlayer string| ad_width string| ad_height function| getParameterFromUrl string| p number| dt string| exoDocumentProtocol string| ad_notify string| ad_type string| ad_screen_resolution string| r3f5x9JS string| hf4N string| hf4V function| _storage string| dac458 function| Fingerprint2 function| n4bb object| btkqwi

9 Cookies

Domain/Path Name / Value
tracking.pacharge.com/ Name: cp
Value: %7B%224140%22%3A1%7D
.exoclick.com/ Name: impressions
Value: x%9CK%B42%B4%AA%CE%B422667%B4%B0%B0N%B42%06q%0D%AC3%AD%0Ca%D8%D4%D4%D8%D0%C2%D8%C0%C4%02%C81%B2.%B62%B1R2411P%B2%AE%AD%05%00%F9%DC%0F%D0
.newshemalesvideos.com/ Name: _gat
Value: 1
.exoclick.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c93b14850b2c9.54969320881683671%22%3B%7D
.newshemalesvideos.com/ Name: _gid
Value: GA1.2.1402895078.1553183048
tracking.pacharge.com/ Name: cr
Value: %7B%2272432%22%3A1%7D
.newshemalesvideos.com/ Name: _ga
Value: GA1.2.740161435.1553183048
newshemalesvideos.com/ Name: splash_i
Value: false
.newshemalesvideos.com/ Name: __cfduid
Value: d42de47bc0a686c28a0f208535988e8d91553183048

48 Console Messages

Source Level URL
Text
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://www.thdragate.info/dac458/prndcwkqldir.js(Line 1)
Message:
console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.exoclick.com
ads.exosrv.com
awempt.com
k2s.cc
newshemalesvideos.com
pornovideoshub.com
psonstrentie.info
pt.protoawe.com
pto.awecr.com
static.exoclick.com
static.keep2share.cc
syndication.exoclick.com
syndication.exosrv.com
www.google-analytics.com
www.thdragate.info
newshemalesvideos.com
2606:2800:234:1f1f:1754:1fef:718:1223
2606:4700:10::6814:bf75
2606:4700:20::6819:f6d
2606:4700:30::681c:1bfd
2606:4700:30::681f:4474
2606:4700:30::681f:4574
2a00:1450:4001:816::200e
78.140.178.144
88.85.94.240
93.93.51.191
93.93.53.189
95.211.229.245
95.211.229.247
0e58915ae9f007dbac76ca309d47258fcf687ba3225d6d5017adb6cae2752c4d
280b7d92b32d2596f1108d1f7c220ffd046c59806a41d9c3f52fc0f053e83e2b
358991567b55d5624db6de8d30f68f157a32727b4daa487cd21710095bf58e28
3ad7ddce5c6f32f5c99eec289aeaa0dc232eaa964d3d86ae5dc2b13ca9342988
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
494fcff04efff42cc3bf70848d145c1b9ce49a0779e327d32806f3cb84924367
52a9301aececa0d8ca9d4620647b556f6e08d8d8ec6273edb0cf4d7173463f25
59ddae45b03564f67a3341d574c10c172bd2b76cc882016f6f7c25a130b72ee1
5dcee6b81ea245797bf7eb7205d89dfab5063facf3e9802807d41d63fd49aa13
6f8531b43cee8471cbd6974523480c4f4c88643cbd34fb4f7e9a2a7b59b2ea07
7c3a9f341af762df6d8ca778ec4c23011f0d1a9ff0e6c8d7365e5ba0d2702bee
7dc25ed9fc9fa1c74097562ed1f4ada83ed9ba2c1bcb0e337ea7e892f875aae5
7ef5c34b5f1158e59f4304d2ed7fedf76b9eb85bb2651b20fa2d4b16bcc97247
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8535f4476a276ec476ce13f3bdb4e0268a36f24374045a4279a5a0a87cde772e
94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
9de6efc5412af50d3eae9876525a56008bf6ec967a24e983e375d5f88d64fd5e
b35192cbf9b0c5d0c837087e944f30f4cfe53da81fe9ecd3c1983ee8a3006468
b3afd859dcfb95a7aacd84be843693890267ab167ff0b9497a8e7ff2f58294fc
ba63d6e4b5151f9ed3328fc450cfec60430431a56195e756d5086dcde2c3c46b
e19d61a0718017630c0819d86cdf69bbbe5029b6677427b28d8cf1d5d1dab414
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f643a5a924de9b80b8fe371f646f13de1e8e24ddadcea9152f1645d94355d902
fa677f271942331ba20aae6d4aabfe1cbea7329a553d576bc79a55f2c9d87e23