zdf.live.de.com-opinion.info
Open in
urlscan Pro
104.27.169.174
Malicious Activity!
Public Scan
Effective URL: http://zdf.live.de.com-opinion.info/?sxid=bzneysr5z5ak&clickid=OdLfHdlxCZg&bid=0.01&source_subid=424285932&banner=4215555&carrier=Ho...
Submission: On November 25 via manual from DE
Summary
This is the only time zdf.live.de.com-opinion.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online) Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 95.211.189.138 95.211.189.138 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
2 | 52.202.53.245 52.202.53.245 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 174.137.155.139 174.137.155.139 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.) | |
1 1 | 3.120.47.234 3.120.47.234 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
43 | 104.27.169.174 104.27.169.174 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
46 | 4 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-53-245.compute-1.amazonaws.com
usa.lupus-bra.com |
ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
clk.rtpdn11.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-47-234.eu-central-1.compute.amazonaws.com
gototrak.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
zdf.live.de.com-opinion.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
43 |
com-opinion.info
zdf.live.de.com-opinion.info |
2 MB |
2 |
lupus-bra.com
usa.lupus-bra.com |
3 KB |
2 |
operaworld.com
1 redirects
operaworld.com |
1 KB |
1 |
gototrak.com
1 redirects
gototrak.com |
4 KB |
1 |
rtpdn11.com
1 redirects
clk.rtpdn11.com |
332 B |
46 | 5 |
Domain | Requested by | |
---|---|---|
43 | zdf.live.de.com-opinion.info |
usa.lupus-bra.com
zdf.live.de.com-opinion.info |
2 | usa.lupus-bra.com |
operaworld.com
usa.lupus-bra.com |
2 | operaworld.com | 1 redirects |
1 | gototrak.com | 1 redirects |
1 | clk.rtpdn11.com | 1 redirects |
46 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://zdf.live.de.com-opinion.info/?sxid=bzneysr5z5ak&clickid=OdLfHdlxCZg&bid=0.01&source_subid=424285932&banner=4215555&carrier=Host1Plus&search_referrer_domain=operaworld.com&campaign=409148&query=opera%2Centertainment%2Coperaworld%2Coperaworld.com
Frame ID: 8477448732451E37E5C0C237D915D6DA
Requests: 48 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://operaworld.com/ Page URL
-
http://operaworld.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3NDY...
HTTP 302
http://usa.lupus-bra.com/zcvisitor/a2fbf0db-0f72-11ea-803c-0a68ebcaeae7?campaignid=a31e1ed1-0f72-11ea... Page URL
- http://usa.lupus-bra.com/zcredirect?visitid=a2fbf0db-0f72-11ea-803c-0a68ebcaeae7&type=js&browserWidth... Page URL
-
http://clk.rtpdn11.com/click?i=kjRPz-89g9w_0
HTTP 302
https://gototrak.com/path/lp.php?trvid=10086&trvx=74bb1127&clickid=OdLfHdlxCZg&bid=0.01&source_su... HTTP 302
http://zdf.live.de.com-opinion.info/?sxid=bzneysr5z5ak&clickid=OdLfHdlxCZg&bid=0.01&source_subid=424285932&banne... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://operaworld.com/ Page URL
-
http://operaworld.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3NDY4Njc2MiwiaWF0IjoxNTc0Njc5NTYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybmQ2NWUwNGNzcWV1Mm11bDQwMjY4c2MiLCJuYmYiOjE1NzQ2Nzk1NjIsInRzIjoxNTc0Njc5NTYyMjA2NzEyfQ.FaJ0wnzPav6Uzn1PMD5u_Y3Jkmj5aL-7iTWBZ52p3L8&sid=a2e75daa-0f72-11ea-9941-0fc2acc2a14a
HTTP 302
http://usa.lupus-bra.com/zcvisitor/a2fbf0db-0f72-11ea-803c-0a68ebcaeae7?campaignid=a31e1ed1-0f72-11ea-803c-0a68ebcaeae7 Page URL
- http://usa.lupus-bra.com/zcredirect?visitid=a2fbf0db-0f72-11ea-803c-0a68ebcaeae7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
-
http://clk.rtpdn11.com/click?i=kjRPz-89g9w_0
HTTP 302
https://gototrak.com/path/lp.php?trvid=10086&trvx=74bb1127&clickid=OdLfHdlxCZg&bid=0.01&source_subid=424285932&banner=4215555&carrier=Host1Plus&search_referrer_domain=operaworld.com&campaign=409148&query=opera%2Centertainment%2Coperaworld%2Coperaworld.com HTTP 302
http://zdf.live.de.com-opinion.info/?sxid=bzneysr5z5ak&clickid=OdLfHdlxCZg&bid=0.01&source_subid=424285932&banner=4215555&carrier=Host1Plus&search_referrer_domain=operaworld.com&campaign=409148&query=opera%2Centertainment%2Coperaworld%2Coperaworld.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://operaworld.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3NDY4Njc2MiwiaWF0IjoxNTc0Njc5NTYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybmQ2NWUwNGNzcWV1Mm11bDQwMjY4c2MiLCJuYmYiOjE1NzQ2Nzk1NjIsInRzIjoxNTc0Njc5NTYyMjA2NzEyfQ.FaJ0wnzPav6Uzn1PMD5u_Y3Jkmj5aL-7iTWBZ52p3L8&sid=a2e75daa-0f72-11ea-9941-0fc2acc2a14a HTTP 302
- http://usa.lupus-bra.com/zcvisitor/a2fbf0db-0f72-11ea-803c-0a68ebcaeae7?campaignid=a31e1ed1-0f72-11ea-803c-0a68ebcaeae7
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
operaworld.com/ |
470 B 828 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a2fbf0db-0f72-11ea-803c-0a68ebcaeae7
usa.lupus-bra.com/zcvisitor/ Redirect Chain
|
1004 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
usa.lupus-bra.com/ |
270 B 967 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
zdf.live.de.com-opinion.info/ Redirect Chain
|
32 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylehome.css
zdf.live.de.com-opinion.info/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
media.styles.home.css
zdf.live.de.com-opinion.info/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
zdf.live.de.com-opinion.info/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_1.css
zdf.live.de.com-opinion.info/css/ |
498 B 617 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_2.css
zdf.live.de.com-opinion.info/css/ |
2 KB 785 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
zdf.live.de.com-opinion.info/css/ |
889 B 698 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
zdf.live.de.com-opinion.info/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thumbs-up.png
zdf.live.de.com-opinion.info/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
zdf.live.de.com-opinion.info/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.png
zdf.live.de.com-opinion.info/images/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cegrc1o7f3llvodpyray.jpg
zdf.live.de.com-opinion.info/images/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
profile-ezone-teaser940x516.jpg
zdf.live.de.com-opinion.info/images/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
das-problem-ist-immer-wenn-man.jpg
zdf.live.de.com-opinion.info/images/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jwccfgscfkwc894gdtcg.jpg
zdf.live.de.com-opinion.info/images/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1728819847-oliver-welke-heute-show-MmPyjDnsdef.jpg
zdf.live.de.com-opinion.info/images/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bransonmusk.jpg
zdf.live.de.com-opinion.info/images/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ferrari2.jpg
zdf.live.de.com-opinion.info/images/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
howie.jpg
zdf.live.de.com-opinion.info/images/ |
271 KB 271 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klaus11.jpg
zdf.live.de.com-opinion.info/images/ |
72 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cta1b.jpg
zdf.live.de.com-opinion.info/images/ |
121 KB 122 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cta2.png
zdf.live.de.com-opinion.info/images/ |
134 KB 135 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cta3.png
zdf.live.de.com-opinion.info/images/ |
124 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commonright1-b.jpg
zdf.live.de.com-opinion.info/images/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lift2.jpg
zdf.live.de.com-opinion.info/images/ |
103 KB 103 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commonright3-b.jpg
zdf.live.de.com-opinion.info/images/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lift4.jpg
zdf.live.de.com-opinion.info/images/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lift5.jpg
zdf.live.de.com-opinion.info/images/ |
89 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lift6.jpg
zdf.live.de.com-opinion.info/images/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
side7.png
zdf.live.de.com-opinion.info/images/ |
126 KB 127 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s1.jpg
zdf.live.de.com-opinion.info/images/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s2.jpg
zdf.live.de.com-opinion.info/images/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s3.jpg
zdf.live.de.com-opinion.info/images/ |
61 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
zdf.live.de.com-opinion.info/js/ |
1 KB 794 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
zdf.live.de.com-opinion.info/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video.mp4
zdf.live.de.com-opinion.info/ |
74 KB 75 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkmark.png
zdf.live.de.com-opinion.info/images/ |
334 B 746 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
memnYaGs126MiZpBA-UFUKWiUNhrIqY.ttf
zdf.live.de.com-opinion.info/fonts/ |
25 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
zdf.live.de.com-opinion.info/fonts/ |
28 KB 19 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mem6YaGs126MiZpBA-UFUK0Zdcg.ttf
zdf.live.de.com-opinion.info/fonts/ |
25 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tDbI2oqRg1oM3QBjjcaDkOr9rAA.ttf
zdf.live.de.com-opinion.info/fonts/ |
40 KB 27 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mem8YaGs126MiZpBA-UFVZ0e.ttf
zdf.live.de.com-opinion.info/fonts/ |
26 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwQ.ttf
zdf.live.de.com-opinion.info/fonts/ |
45 KB 30 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online) Generic Crypto (Crypto Exchange)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| month object| mydate function| openModal function| closeModal function| fbConfirm function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clk.rtpdn11.com
gototrak.com
operaworld.com
usa.lupus-bra.com
zdf.live.de.com-opinion.info
104.27.169.174
174.137.155.139
3.120.47.234
52.202.53.245
95.211.189.138
0333c03a5ddd15d780c76d613f6fccb2099caa5a60c28224445bd3142c81a588
0baa2625178bc5ebc538f20e295742058efc73cbb6e517717d6bfa4ce6cc820e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
253f4fc45233f9f6bbedce579a158c9316185185e42f8c267a831b0d59d3cc2a
263778658535f818737dd186597985ac715537c02fe2969a5811281e2dc50b5c
2b87de2750ab2e59ba83d5953e29215908c3fd9265896036f634cdcf42563f58
2c6ccb68b34a7b3c823b819a286490bda55e02e398c04ed148c32fbe40c76c3c
3d1b0861afb42dade856ac944cece3c43fa6823a3030ef9cc9b4811252bd5b0a
43650c0f8ea7827f0a064585aa5c6e606233386eb429941e54ce021f20584e92
468aea9e62bd52ee4fc4d480b8a323429278d25dacd57e0723d5a5b914c52c7a
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
58368517cda986133d400ecc92c7830c43ce72991c5647652951ecbaf3cd4599
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
5c3c295be8433cc36713bdfe3abe88546ac4b1dec7ba1fc1f264a0334d8a5265
61fdc9b2d67aa5a5ad07e5bacceb21c22a0c7bffce3f4c41eed75a1e0d84c545
62d4be5f268ffe43df74b642fc198286178d75f04e68f9c87dc6643bb87a6fb1
63627bb0c663b3b228100c22d4b5849bfabef0bee10b5e7cc47fbe6014564048
68f08dace877c00c74285641510eb7c8ef1c08a7eb8a022b50b6b5ce956bbd48
735b4b98829a1b4b120b6d457def62d92cbb1325394a54ff528172d4b4912e5a
80d3ec3bd0c7d32601d0849e8d81bc9331d1ef51eba76017fc1c22eb4c996710
842c78eaa4d0ebb770dd7e9118a93d78437370bac3a13cb620df59399105d209
90749cb8f4816a73722fffe5606882a1107a3a0c55b8d5ed37c801afb8ec3313
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
a7156d50efd34b650ed3427da99635acda666e74b9011915825b7a470648caf3
aa6317a6f5d887fc6f66fa26ab81aa011137a5ad68bedf631500a181bbdb025b
aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c
abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e
b4b90016f930f73b8f35de61bd215ea1907f021a1fe81afff16f0f5c95b7dde2
c5694e9bf3ad36d2cb6aaf343dd478ea6994f2b6efaa06fc17a5fa9a9b1399ce
c6dd59f022e52df8a5dc1eccf3653bfee4e197a081b16b5ef0a7935501b1c96f
cf2a03b86601f419ab5db89ec02a793b0e7df4d7777e8da49f75175da119e8af
d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
dda559c17355b56493b0880d15e219d3aaf411b37d35ce5bab645a1ddc03262d
df610ef617b5fb01d2cfccc47752e96e3b30669a7712b4fa2d2bbb3500a61e0b
e04de062322b8d3c41fcb02bd8944db822981a350ef44847190f53cc943719d6
e230b31ec3248c78bdcf2cd7f49c56a0b131b067deba42c4187eded7737a7d9e
e327f817fab651fd575d94b86e5f8407b95d80d8502c9eca1d8269de9c03f7c4
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e618e0795129a552c2ed42e6d149cb3d7dcc19017f31b5502a695102085ceee7
e7ccde69735e0cab1257a67409d47bc456866bec8752961e8d91f3cd156e7e3e
e7ee707e982e300816406189ff37e04093b622c859b597f36616e698c88e7cb8
e8534f5335522037c03fe544db314033fe5f05d847c5356b8ebe7f3f79beb6f5
f4623730049c816f0eeeea0723b92c16b2803cfa1fca1324efbd4af777af8865
f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9