![](/screenshots/5254a2ec-9277-4f5c-ba5e-c8e5b4e85033.png)
gamadsnews.com
Open in
urlscan Pro
2606:4700:3033::6815:1516
Public Scan
Effective URL: https://gamadsnews.com/bTqRDc1J36jAnxFq7WJlnlPc0DV9n8XbYQ8y301f61M/?cid=170667087210000TUSTV62602Rffc8R2R104RR136V93ae0...
Submission: On January 31 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.
This is the only time gamadsnews.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.117.182.74 104.117.182.74 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 17 | 172.64.135.6 172.64.135.6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
1 | 139.45.195.253 139.45.195.253 | 9002 (RETN-AS) (RETN-AS) | |
2 3 | 2606:4700:303... 2606:4700:3036::6815:2d10 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3033::6815:1516 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.21.73.203 104.21.73.203 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:20:... 2606:4700:20::681a:6e4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3037::ac43:84bf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:20:... 2606:4700:20::ac43:4809 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 11 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-74.deploy.static.akamaitechnologies.com
ak.kocairdo.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
totalnicenewz.com
1 redirects
totalnicenewz.com |
75 KB |
4 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663 Failed |
2 KB |
3 |
ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 35342 t.ocmhood.com — Cisco Umbrella Rank: 11670 |
13 KB |
3 |
directdexchange.com
2 redirects
directdexchange.com |
5 KB |
2 |
cn-rtb.com
feed.cn-rtb.com — Cisco Umbrella Rank: 73319 t.cn-rtb.com — Cisco Umbrella Rank: 82695 |
843 B |
2 |
gamadsnews.com
gamadsnews.com |
21 KB |
1 |
ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 37123 |
762 B |
1 |
datatechone.com
datatechone.com — Cisco Umbrella Rank: 49226 |
470 B |
1 |
kocairdo.net
ak.kocairdo.net — Cisco Umbrella Rank: 303883 |
2 KB |
32 | 9 |
Domain | Requested by | |
---|---|---|
17 | totalnicenewz.com |
1 redirects
ak.kocairdo.net
totalnicenewz.com |
4 | my.rtmark.net |
ak.kocairdo.net
totalnicenewz.com |
3 | directdexchange.com | 2 redirects |
2 | t.ocmhood.com |
sdk.ocmhood.com
|
2 | gamadsnews.com |
directdexchange.com
gamadsnews.com |
1 | t.cn-rtb.com |
gamadsnews.com
|
1 | cdn.ocmtag.com |
sdk.ocmhood.com
|
1 | sdk.ocmhood.com |
gamadsnews.com
|
1 | feed.cn-rtb.com |
gamadsnews.com
|
1 | datatechone.com |
totalnicenewz.com
|
1 | ak.kocairdo.net | |
32 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
totalnicenewz.com GTS CA 1P5 |
2024-01-19 - 2024-04-18 |
3 months | crt.sh |
rtmark.net R3 |
2023-12-23 - 2024-03-22 |
3 months | crt.sh |
datatechone.com Sectigo RSA Domain Validation Secure Server CA |
2023-12-10 - 2024-12-23 |
a year | crt.sh |
directdexchange.com E1 |
2023-12-28 - 2024-03-27 |
3 months | crt.sh |
gamadsnews.com GTS CA 1P5 |
2023-12-21 - 2024-03-20 |
3 months | crt.sh |
cn-rtb.com GTS CA 1P5 |
2023-12-14 - 2024-03-13 |
3 months | crt.sh |
ocmhood.com Cloudflare Inc ECC CA-3 |
2023-04-04 - 2024-04-03 |
a year | crt.sh |
ocmtag.com Cloudflare Inc ECC CA-3 |
2023-12-25 - 2024-12-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gamadsnews.com/bTqRDc1J36jAnxFq7WJlnlPc0DV9n8XbYQ8y301f61M/?cid=170667087210000TUSTV62602Rffc8R2R104RR136V93ae0&pubid=3744083-1308338603-0
Frame ID: FD303E0F4DBFE8F71B95996A931A5E35
Requests: 36 HTTP requests in this frame
Screenshot
![](/screenshots/5254a2ec-9277-4f5c-ba5e-c8e5b4e85033.png)
Page Title
Click AllowPage URL History Show full URLs
- http://ak.kocairdo.net/4/6304661/0.23527352890479736 Page URL
- https://totalnicenewz.com/?s=776396504624799927&ssk=b18902da3f57cfd8ed002f5590dfe595&svar=1706670870&z... Page URL
- https://totalnicenewz.com/?s=776396504624799927&ssk=b18902da3f57cfd8ed002f5590dfe595&svar=1706670870&z... Page URL
- https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6304661&var3=776396504624799927&oaid=ad89fe25647b... Page URL
-
https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true
HTTP 302
https://directdexchange.com/jump/next.php?r=8016698&pub_clickid=776396513948741752&sub1={zoneid)&sub2=0 Page URL
-
https://directdexchange.com/jump/next.php?stamat=m%257C%252Coo2Y_diNqB1dAN0dEdHP3xP.046%252C7H0PozvLiGV-...
HTTP 302
https://directdexchange.com/script/i.php?t=1&c=23770534&stamat=m%257C%252C%252Cg2M24ianoGU3BJ-GH0dEdHP3x... HTTP 302
https://gamadsnews.com/bTqRDc1J36jAnxFq7WJlnlPc0DV9n8XbYQ8y301f61M/?cid=170667087210000TUSTV62602Rf... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://ak.kocairdo.net/4/6304661/0.23527352890479736 Page URL
- https://totalnicenewz.com/?s=776396504624799927&ssk=b18902da3f57cfd8ed002f5590dfe595&svar=1706670870&z=6304661&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
- https://totalnicenewz.com/?s=776396504624799927&ssk=b18902da3f57cfd8ed002f5590dfe595&svar=1706670870&z=6304661&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
- https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6304661&var3=776396504624799927&oaid=ad89fe25647bc54c531047568948cfe1 Page URL
-
https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true
HTTP 302
https://directdexchange.com/jump/next.php?r=8016698&pub_clickid=776396513948741752&sub1={zoneid)&sub2=0 Page URL
-
https://directdexchange.com/jump/next.php?stamat=m%257C%252Coo2Y_diNqB1dAN0dEdHP3xP.046%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRoXLgzXBzj2I_lbh5Z8pf-iuzMmBYHKhFpzqthgI0NW-kWZZaWtJKO57-MkAAidVo0%252C&cbpage=https://directdexchange.com/jump/next.php?r=8016698&pub_clickid=776396513948741752&sub1={zoneid)&sub2=0&cbur=0.8225504136523001&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
HTTP 302
https://directdexchange.com/script/i.php?t=1&c=23770534&stamat=m%257C%252C%252Cg2M24ianoGU3BJ-GH0dEdHP3xP.d56%252CM4ZrMHSaHtKDrVg0_EZ80hr152D1aWzB2BqV2FoJQJWBd_PYaIGENY3nCYSpLr5zf6KzLjJx7VMr3701K8pDQrqRv4t2RIpTXH_blc1wLdorS5fPeVSwSJlksmUWMGke1x7D1t7VNL9MsAHFKk0KFZAMdbtFan7VR9iPdDRan2Vud7zDP6VC6FVH8FzkZUWsj6QupADaZn0LK4dYzxmIr4PaY5ja1PulS39LfmQ3umq-7Mcc2L5L1_RffRFhRE8eFn4eq6dWwMEVDIwD0Vb8xFITz3aG5KJZGOq-trLrickpEjlPuXdglBlS-Hm_TAUCT-zzrdvyQLatlvSLJFgq_aAd3VWi5LoqgTfkMCgnXJ9d_m_n8nJ8LCp9lE_mNy9zEPUnYkbkUy4QCpfJ4h1PveGTE6brX7-wkk5CurFXqF1mVDc1wSwcklC5U_c-blSTnS5cFY8_41zI9hvsI5gZ3oJmCTteZvGEmv5vWfRf2AvaCk5ND6CQRtK3S87ftSqKL7ShfA0Kv3Svyva9TpV1_ImuUJV8U38dDXKR-JnqrSg7ois1uwo5tzySH3mqBJjeDbfQzsi72mvu6EajFz1WHhCzR5GFBlJp-twMU0uYAG6wAy-E34EuexBBrK-7MEOMl4zyWD5hG5QNOVgLLJkvtw%252C%252C HTTP 302
https://gamadsnews.com/bTqRDc1J36jAnxFq7WJlnlPc0DV9n8XbYQ8y301f61M/?cid=170667087210000TUSTV62602Rffc8R2R104RR136V93ae0&pubid=3744083-1308338603-0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
- https://directdexchange.com/jump/next.php?r=8016698&pub_clickid=776396513948741752&sub1={zoneid)&sub2=0
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
0.23527352890479736
ak.kocairdo.net/4/6304661/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
img.gif
my.rtmark.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
totalnicenewz.com/ |
40 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 545 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
totalnicenewz.com/pfe/current/ |
28 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
327 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
totalnicenewz.com/19/4662728/ |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
totalnicenewz.com/ |
2 B 362 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4662709
totalnicenewz.com/sw-check-permissions/ |
0 953 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
zone
totalnicenewz.com/ |
0 530 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 545 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zone
totalnicenewz.com/ |
794 B 984 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
totalnicenewz.com/ |
40 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
micro.tag.min.js
totalnicenewz.com/pfe/current/ |
28 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
327 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
totalnicenewz.com/19/4662728/ |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
totalnicenewz.com/ |
2 B 535 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4662709
totalnicenewz.com/sw-check-permissions/ |
0 957 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
zone
totalnicenewz.com/ |
0 497 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 545 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zone
totalnicenewz.com/ |
794 B 981 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
totalnicenewz.com/submenu/4662728/ |
32 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
sftouch
totalnicenewz.com/ |
2 B 769 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
add
datatechone.com/log/ |
2 B 470 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
img.gif
my.rtmark.net/ |
43 B 508 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
next.php
directdexchange.com/jump/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
gamadsnews.com/bTqRDc1J36jAnxFq7WJlnlPc0DV9n8XbYQ8y301f61M/ Redirect Chain
|
32 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AFU1kAAPatM
feed.cn-rtb.com/v1/native/ |
659 B 843 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conf.json
gamadsnews.com/hood/Z2FtYWRzbmV3cy5jb20=/ |
49 B 431 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ht.js
sdk.ocmhood.com/sdk/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NjY4ZwSkNAFfmDQ2D8QxNDY4MjE0NuZk.js
cdn.ocmtag.com/tag/ |
279 B 762 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
activity
t.ocmhood.com/v2/ |
0 266 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
activity
t.ocmhood.com/v2/ |
0 440 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imp
t.cn-rtb.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- my.rtmark.net
- URL
- https://my.rtmark.net/img.gif?f=merge&userId=1a4a94c1c9ae43bfa79fb15401e1c344
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| qs string| lwp function| snippetGetEngineDomain function| snippetGetAllLocations object| campaign_domains function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block object| sParams string| cc function| toggleFullScreen function| Hood function| NjY4ZwSkNAFfmDQ2D8QxNDY4MjE0NuZk10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ak.kocairdo.net/ | Name: OAID Value: 1a4a94c1c9ae43bfa79fb15401e1c344 |
|
ak.kocairdo.net/ | Name: oaidts Value: 1706670870 |
|
totalnicenewz.com/ | Name: OAID Value: ad89fe25647bc54c531047568948cfe1 |
|
my.rtmark.net/ | Name: ID Value: ad89fe25647bc54c531047568948cfe1 |
|
totalnicenewz.com/ | Name: syncedCookie Value: true |
|
totalnicenewz.com/ | Name: reverse Value: JWCJrI8BMBdYJrZTUN3KloNDEzc4cyNVb-5Us_bli3Q |
|
totalnicenewz.com/ | Name: oaidts Value: 1706670871 |
|
gamadsnews.com/ | Name: session Value: hyuXxBQlf2BVXdisv13ISndtq0HFf_cS |
|
.gamadsnews.com/ | Name: _ht_v Value: 1706670873.4181757281 |
|
.gamadsnews.com/ | Name: _ht_s Value: 1706670873.2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ak.kocairdo.net
cdn.ocmtag.com
datatechone.com
directdexchange.com
feed.cn-rtb.com
gamadsnews.com
my.rtmark.net
sdk.ocmhood.com
t.cn-rtb.com
t.ocmhood.com
totalnicenewz.com
my.rtmark.net
104.117.182.74
104.21.73.203
139.45.195.253
139.45.195.8
172.64.135.6
2606:4700:20::681a:6e4
2606:4700:20::ac43:4809
2606:4700:3033::6815:1516
2606:4700:3036::6815:2d10
2606:4700:3037::ac43:84bf
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c01bb5e17feb55e7e268a9132369eef26b964f6a28a5139ccfefab2474734e1
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
615e20ff1bce632e97354c4a220820cea855622d87f8a8a60ea577b445259b93
76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e
78e6329c029f6b58a724f7181331ea738ef8e6ae9cefd99f3639af900664f3ff
7d271769e322a22054d177df35586f9ff3d1e49eaed246756242629d9c2df110
90f27e8f2f87396f9b45aa2576ea3d46c5158534f08dd12273d0a56b6a9eb5ea
a87c8b05dbb316bd0e7d96719b6692f422aa50f519420a098c493ab9cbd1cb31
aadf6ca8a27e3ed3d85622f50f303850effee4a7ad1fce1757123ee161a58d3d
b45ac9c902a3caafbeae78fe9f89926e4ed012b7630dfebcd61f3af59e9d47b4
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f
e35eea42577f7ccdeef8d5b19f759befaeaad3851b9cab1a360787a82af32197
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
f6c97c056a5e3b6ecefac58d4f65b99803ebfaf1df104569d1f65dd91b683beb
fe356e35a30dadc77826cfbabd77cf472cc4aab598700172da1ad2727b32c10d