www.vivemoncasinovip1.com
Open in
urlscan Pro
104.18.5.170
Public Scan
Effective URL: https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&sourceID=903726&source=fb&sub_aid2=11920_58_197__&...
Submission: On March 23 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.
This is the only time www.vivemoncasinovip1.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 188.120.233.170 188.120.233.170 | 29182 (THEFIRST-AS) (THEFIRST-AS) | |
1 1 | 185.125.19.53 185.125.19.53 | 62222 (QS-AS) (QS-AS) | |
1 1 | 203.32.121.174 203.32.121.174 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
1 3 | 203.29.52.150 203.29.52.150 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
7 7 | 203.22.223.42 203.22.223.42 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
1 1 | 188.114.97.7 188.114.97.7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 104.18.5.170 104.18.5.170 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.186.138 142.250.186.138 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.74.195 142.250.74.195 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.18.23.183 104.18.23.183 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 5 |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
tarenived.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
huffson-delivery.com | |
huffson-derivery.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
hghit.com | |
hgbn.rocks | |
hgbn.space | |
hgbn.network | |
hgbn1.com | |
hg-bn.com | |
hgbnr.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
vivemoncasinovip1.com
www.vivemoncasinovip1.com |
712 KB |
2 |
huffson-delivery.com
1 redirects
huffson-delivery.com — Cisco Umbrella Rank: 333141 |
1 KB |
1 |
afflnk.com
track.afflnk.com |
373 B |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
1 |
bfflnk.com
1 redirects
www.bfflnk.com |
842 B |
1 |
huffson-derivery.com
huffson-derivery.com — Cisco Umbrella Rank: 357638 |
512 B |
1 |
hgbnr.com
1 redirects
hgbnr.com — Cisco Umbrella Rank: 357628 |
506 B |
1 |
hg-bn.com
1 redirects
hg-bn.com — Cisco Umbrella Rank: 352134 |
499 B |
1 |
hgbn1.com
1 redirects
hgbn1.com — Cisco Umbrella Rank: 359510 |
499 B |
1 |
hgbn.network
1 redirects
hgbn.network — Cisco Umbrella Rank: 358901 |
498 B |
1 |
hgbn.space
1 redirects
hgbn.space — Cisco Umbrella Rank: 354548 |
501 B |
1 |
hgbn.rocks
1 redirects
hgbn.rocks — Cisco Umbrella Rank: 353359 |
499 B |
1 |
hghit.com
1 redirects
hghit.com — Cisco Umbrella Rank: 357629 |
499 B |
1 |
tarenived.com
1 redirects
tarenived.com |
472 B |
1 |
mintyschoice.com
1 redirects
mintyschoice.com |
183 B |
1 |
gmx04.ru
1 redirects
gmx04.ru |
373 B |
19 | 17 |
Domain | Requested by | |
---|---|---|
14 | www.vivemoncasinovip1.com |
huffson-delivery.com
www.vivemoncasinovip1.com |
2 | huffson-delivery.com | 1 redirects |
1 | track.afflnk.com |
huffson-delivery.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
www.vivemoncasinovip1.com
|
1 | www.bfflnk.com | 1 redirects |
1 | huffson-derivery.com | |
1 | hgbnr.com | 1 redirects |
1 | hg-bn.com | 1 redirects |
1 | hgbn1.com | 1 redirects |
1 | hgbn.network | 1 redirects |
1 | hgbn.space | 1 redirects |
1 | hgbn.rocks | 1 redirects |
1 | hghit.com | 1 redirects |
1 | tarenived.com | 1 redirects |
1 | mintyschoice.com | 1 redirects |
1 | gmx04.ru | 1 redirects |
19 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
huffson-delivery.com Cloudflare Inc ECC CA-3 |
2021-09-01 - 2022-08-31 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-14 - 2022-07-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-02-28 - 2022-05-23 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-03-17 - 2022-06-09 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&sourceID=903726&source=fb&sub_aid2=11920_58_197__&sub_aid5=a3118c3ce5564413539fe850762565c4tea5phoo5df20d3c4b251-3091&transaction_id=i04464b993d43aa3797c100dca2e69&click_id=3856032046&qt=0.64156
Frame ID: FC21A92B475EB495E0AB8CAC98855F1D
Requests: 17 HTTP requests in this frame
Frame:
https://www.vivemoncasinovip1.com/trackCookie?ab=b&adv_sub1=b&hold=yes&c_silent=1&sourceID=903726&source=fb&sub_aid2=11920_58_197__&sub_aid5=a3118c3ce5564413539fe850762565c4tea5phoo5df20d3c4b251-3091&transaction_id=i04464b993d43aa3797c100dca2e69&click_id=3856032046&qt=0.64156
Frame ID: 85B51992BAEAE030803B61AC52AAC77E
Requests: 1 HTTP requests in this frame
Frame:
https://track.afflnk.com/track.gif?e=lp&info=%7B%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22cd%22%3A24%2C%22pd%22%3A24%2C%22r%22%3A%22https%3A//huffson-delivery.com/%22%2C%22l%22%3A%22https%3A//www.vivemoncasinovip1.com/promonew/roue-de-fortune/%3Fhold%3Dyes%26c_silent%3D1%26sourceID%3D903726%26source%3Dfb%26sub_aid2%3D11920_58_197__%26sub_aid5%3Da3118c3ce5564413539fe850762565c4tea5phoo5df20d3c4b251-3091%26transaction_id%3Di04464b993d43aa3797c100dca2e69%26click_id%3D3856032046%26qt%3D0.64156%22%7D&src=903726&sid=69&cid=1648028486&ab=b&hold=yes&c_silent=1&sourceID=903726&source=fb&sub_aid2=11920_58_197__&sub_aid5=a3118c3ce5564413539fe850762565c4tea5phoo5df20d3c4b251-3091&transaction_id=i04464b993d43aa3797c100dca2e69&click_id=3856032046&qt=0.64156
Frame ID: 55502AF059664DC733C0560F866F4D2B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ViveMonCasino - L’HEURE DE LA PROVOC’ EST ARRIVÉEPage URL History Show full URLs
-
http://gmx04.ru/gmb/?T5dA3w
HTTP 302
https://mintyschoice.com/vive-mon-casino3/?flow=197 HTTP 302
https://tarenived.com/11920/26807?param=58_197__&clickid=412905&lp=3726 HTTP 302
https://huffson-delivery.com/direct?placement_id=11920&atp=58_197__&click_id=412905&sub_id_4=&pv=3726&lan... Page URL
-
https://huffson-delivery.com/p/11920/b/26807?u=https%3A%2F%2Fwww.bfflnk.com%2F%3Fbrand_id%3D69%26source_i...
HTTP 302
https://www.bfflnk.com/?brand_id=69&source_id=903726&source=fb&aff_sub2=11920_58_197__&aff_sub5=a31... HTTP 302
https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&sourceID=903726&source=fb&sub_... Page URL
Detected technologies
CodeIgniter (Web Frameworks) ExpandDetected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gmx04.ru/gmb/?T5dA3w
HTTP 302
https://mintyschoice.com/vive-mon-casino3/?flow=197 HTTP 302
https://tarenived.com/11920/26807?param=58_197__&clickid=412905&lp=3726 HTTP 302
https://huffson-delivery.com/direct?placement_id=11920&atp=58_197__&click_id=412905&sub_id_4=&pv=3726&lang=fr&cc=FR Page URL
-
https://huffson-delivery.com/p/11920/b/26807?u=https%3A%2F%2Fwww.bfflnk.com%2F%3Fbrand_id%3D69%26source_id%3D903726%26source%3Dfb%26aff_sub2%3D11920_58_197__%26aff_sub5%3Da3118c3ce5564413539fe850762565c4tea5phoo5df20d3c4b251-3091%26atp%3D58_197__%26click_id%3D412905%26sub_id_4%3D%26pv%3D3726%26lang%3Dfr%26cc%3DFR&atp=58_197__&click_id=412905&sub_id_4=&pv=3726&lang=fr&cc=FR
HTTP 302
https://www.bfflnk.com/?brand_id=69&source_id=903726&source=fb&aff_sub2=11920_58_197__&aff_sub5=a3118c3ce5564413539fe850762565c4tea5phoo5df20d3c4b251-3091 HTTP 302
https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&sourceID=903726&source=fb&sub_aid2=11920_58_197__&sub_aid5=a3118c3ce5564413539fe850762565c4tea5phoo5df20d3c4b251-3091&transaction_id=i04464b993d43aa3797c100dca2e69&click_id=3856032046&qt=0.64156 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://gmx04.ru/gmb/?T5dA3w HTTP 302
- https://mintyschoice.com/vive-mon-casino3/?flow=197 HTTP 302
- https://tarenived.com/11920/26807?param=58_197__&clickid=412905&lp=3726 HTTP 302
- https://huffson-delivery.com/direct?placement_id=11920&atp=58_197__&click_id=412905&sub_id_4=&pv=3726&lang=fr&cc=FR
- https://hghit.com/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1 HTTP 302
- https://hgbn.rocks/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1&iteration=2 HTTP 302
- https://hgbn.space/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1&iteration=3 HTTP 302
- https://hgbn.network/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1&iteration=4 HTTP 302
- https://hgbn1.com/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1&iteration=5 HTTP 302
- https://hg-bn.com/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1&iteration=6 HTTP 302
- https://hgbnr.com/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1&iteration=7 HTTP 302
- https://huffson-derivery.com/set-cookie.gif?_HGAU=850ca821-f700-4966-a72e-aed416358335&partially=1&iteration=8
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
direct
huffson-delivery.com/ Redirect Chain
|
612 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
set-cookie.gif
huffson-derivery.com/ Redirect Chain
|
43 B 512 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.vivemoncasinovip1.com/promonew/roue-de-fortune/ Redirect Chain
|
96 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-vive-mon-casino.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
left.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
84 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pin.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moving-part2-off-clean-ok.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
92 KB 92 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moving-part2-clean-ok.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
91 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moving-part1.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
center.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
betsoft-logo.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rite.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
76 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.png
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
www.vivemoncasinovip1.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-bg-d.jpg
www.vivemoncasinovip1.com/promonew/assets/sites/26/2019/11/ |
248 KB 249 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trackCookie
www.vivemoncasinovip1.com/ Frame 85B5 |
4 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.gif
track.afflnk.com/ Frame 5550 |
43 B 373 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored object| __cfQR number| idx object| prizes object| modal object| prizeFs object| prizeBonus object| wheelSpinOff object| wheelSpinOn object| wheelPin object| _$aff boolean| __cfRLUnblockHandlers29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gmx04.ru/ | Name: qwerty_gmb Value: 0 |
|
mintyschoice.com/ | Name: site28 Value: 197 |
|
tarenived.com/ | Name: _HGAU Value: 4d62040e-3f0d-4ea2-8cd1-48ecf148be60 |
|
tarenived.com/ | Name: vst_cnt_17292 Value: 1 |
|
huffson-delivery.com/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
huffson-delivery.com/ | Name: pl_impr_11920_hourly Value: 1|1648032083.0 |
|
huffson-delivery.com/ | Name: pl_impr_11920_daily Value: 1|1648114883.0 |
|
hghit.com/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
hgbn.rocks/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
hgbn.space/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
hgbn.network/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
hgbn1.com/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
hg-bn.com/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
hgbnr.com/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
huffson-derivery.com/ | Name: _HGAU Value: 850ca821-f700-4966-a72e-aed416358335 |
|
www.bfflnk.com/ | Name: tid Value: i04464b993d43aa3797c100dca2e69 |
|
www.vivemoncasinovip1.com/ | Name: __cflb Value: 02DiuDi4Jiy6Skh6C81aVqw8eU2NMNpbaxYL5e1KfHjsi |
|
.vivemoncasinovip1.com/ | Name: __cfruid Value: f85581984873aa2c9a38795b4825da3efadcee1e-1648028485 |
|
.vivemoncasinovip1.com/ | Name: sourceID Value: 903726 |
|
.vivemoncasinovip1.com/ | Name: systemID Value: 69 |
|
.vivemoncasinovip1.com/ | Name: splitRun Value: b |
|
.vivemoncasinovip1.com/ | Name: ci_session Value: 0f80b2c88afc9836ed55f25684814bc4d8253443 |
|
.vivemoncasinovip1.com/ | Name: locale Value: fr-FR |
|
.vivemoncasinovip1.com/ | Name: hasOffers Value: eyJ0cmFuc2FjdGlvbl9pZCI6ImkwNDQ2NGI5OTNkNDNhYTM3OTdjMTAwZGNhMmU2OSIsImFpZCI6bnVsbCwic3ViX2FpZCI6bnVsbCwic3ViX2FpZDIiOiIxMTkyMF81OF8xOTdfXyIsIm9mZmVySWQiOiIifQ%3D%3D |
|
.vivemoncasinovip1.com/ | Name: reftag Value: i04464b993d43aa3797c100dca2e69 |
|
.vivemoncasinovip1.com/ | Name: aff_type Value: 5 |
|
.vivemoncasinovip1.com/ | Name: clickID Value: 1648028486 |
|
.vivemoncasinovip1.com/ | Name: aff_memberid Value: 12175 |
|
.vivemoncasinovip1.com/ | Name: aff_system Value: RVG |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
gmx04.ru
hg-bn.com
hgbn.network
hgbn.rocks
hgbn.space
hgbn1.com
hgbnr.com
hghit.com
huffson-delivery.com
huffson-derivery.com
mintyschoice.com
tarenived.com
track.afflnk.com
www.bfflnk.com
www.vivemoncasinovip1.com
104.18.23.183
104.18.5.170
142.250.186.138
142.250.74.195
185.125.19.53
188.114.97.7
188.120.233.170
203.22.223.42
203.29.52.150
203.32.121.174
0f52cb333b33ad34e2e9a936e5718a5f98db2d13462f3dbe0a2094f464f7f1e4
11825c564f11076057dcd444f934b1390db40fe73af1d8911a8cb7c2641d9a45
11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516
22bf4886da4771f874089b7610e9f67ce0e0b17ccadb5026b412e0ccff69e660
370b28f3130defe77d3f601ad95e8bfbf5e96f283986c1da25b2f1c26c71a3f0
64001a2a1e2c3ba13abfc8214a422f9d1df24c496e4082f63b5a55ab0fe9e000
68caa4b24ba360d11a24204fa9888792cf475760633ee4b2c88046004d4b13c3
7438eb634dc5ebc767955884ea27360fb48cf567c01f21fd0a127f66d402651d
7df25b2b0d3efec986c7bcd7935f1910a0b57a4aabdf9d282c5455f3e6b63f37
84fdec0d337e83a6df624c8c432280c6adeb89edb6d2cc1804ef211ab7ba863a
9fe07bd5886891a0d84e369d2ba69a19712a449b1b7d4e2051f30149df2dc735
ac6a633b4cfeec3907a22a5e53b22ae233a3fe9c2478543e4391dd1dd4eb23a3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b21fe9192b38dd8a084cc54f7ac6cfc2a080f9b2ceaf121c9f12adc33c9f0a96
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ddae5df267a0cc2c84bba696b2ecb78220c64258ef06caa860580492a08d2a70