imduyv.gob.mx
Open in
urlscan Pro
68.65.121.216
Malicious Activity!
Public Scan
Effective URL: http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ
Submission: On April 16 via automatic, source openphish — Scanned from US
Summary
This is the only time imduyv.gob.mx was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 69.61.26.122 69.61.26.122 | 22653 (GLOBALCOM...) (GLOBALCOMPASS) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81e::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:821::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:824::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::2002 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:817::2001 | 15169 (GOOGLE) (GOOGLE) | |
9 | 68.65.121.216 68.65.121.216 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80b::2002 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:81c::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 190.115.26.9 190.115.26.9 | 262254 (DDOS-GUAR...) (DDOS-GUARD CORP.) | |
2 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2607:f8b0:400... 2607:f8b0:4006:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
33 | 13 |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com | |
tpc.googlesyndication.com |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium41-4.web-hosting.com
imduyv.gob.mx |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
imduyv.gob.mx
imduyv.gob.mx |
354 KB |
5 |
googlesyndication.com
4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138 |
40 KB |
4 |
gstatic.com
www.gstatic.com |
2 KB |
4 |
google.com
adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2 |
33 KB |
3 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 |
126 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 818 |
83 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29 |
20 KB |
1 |
cutlinks.ca
cutlinks.ca |
|
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48 |
44 KB |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192 |
25 KB |
1 |
cutt.us
cutt.us — Cisco Umbrella Rank: 270865 |
2 KB |
33 | 11 |
Domain | Requested by | |
---|---|---|
9 | imduyv.gob.mx |
cutt.us
imduyv.gob.mx |
4 | www.gstatic.com |
imduyv.gob.mx
www.google.com |
3 | www.google.com |
tpc.googlesyndication.com
imduyv.gob.mx |
3 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net |
2 | maxcdn.bootstrapcdn.com |
imduyv.gob.mx
maxcdn.bootstrapcdn.com |
2 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | cutlinks.ca |
imduyv.gob.mx
|
1 | 4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | www.googletagmanager.com |
cutt.us
|
1 | www.googletagservices.com |
cutt.us
|
1 | cutt.us | |
33 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cutt.us R3 |
2023-04-01 - 2023-06-30 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
cutlinks.ca R3 |
2023-04-07 - 2023-07-06 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ
Frame ID: 6A7FD884E00C859B9BE6545C83015B36
Requests: 13 HTTP requests in this frame
Frame:
https://4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5C2D7177EA38D8FCA55A38306148B55
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6171AA3BE60169CF84DD0ADAB6FEAB7A
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E7A7C4B60C25827C79D30A0DF2D7BA0
Requests: 1 HTTP requests in this frame
Frame:
http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP
Frame ID: A339596D305D14BB2860F2B419296EA1
Requests: 7 HTTP requests in this frame
Frame:
http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm
Frame ID: 0643DE9B8D268F5B323935937F1653EA
Requests: 6 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LecguUUAAAAAGcZhPKHMpRYIjyzHiOBcDt2in0X&co=aHR0cDovL2ltZHV5di5nb2IubXg6ODA.&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=invisible&cb=v5qg4ddkmsyo
Frame ID: 0C0127E48CC3369E415DF4BD7DA8AE0F
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Login into.......Page URL History Show full URLs
- https://cutt.us/kaG4O Page URL
- http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://cutt.us/kaG4O Page URL
- http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
kaG4O
cutt.us/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
77 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 200 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ |
400 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
29 B 574 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
651 B 694 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5C2 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
imduyv.gob.mx/~wp-lms.php/ |
587 B 680 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6171 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 7E7A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
pagead2.googlesyndication.com/bg/ Frame 6171 |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AJz0j8
cutlinks.ca/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
imduyv.gob.mx/js-bFmqHuH//mobile_blue/ Frame A339 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A339 |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame A339 |
1 KB 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js
imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame A339 |
343 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.js
imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame A339 |
884 B 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ Frame A339 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anchor.htm
imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame 0643 |
21 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A339 |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles__ltr.css
imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor_data/ Frame 0643 |
50 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js
imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame 0643 |
343 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
x4dl7Lk5ENOB7Pbvmb3t7sJ-hPoGBwvfellrHtOoe40.js
imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor_data/ Frame 0643 |
14 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 0C01 |
47 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ Frame 0C01 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ Frame 0C01 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
x4dl7Lk5ENOB7Pbvmb3t7sJ-hPoGBwvfellrHtOoe40.js
www.google.com/js/bg/ Frame 0643 |
14 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0643 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cutt.us/ | Name: _ga Value: GA1.2.474053843.1681658341 |
|
.cutt.us/ | Name: _gid Value: GA1.2.1334041979.1681658341 |
|
.cutt.us/ | Name: _gat_gtag_UA_31510493_1 Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.cutt.us/ | Name: __gads Value: ID=eb8a00b4a807d0d6:T=1681658341:S=ALNI_MbLVRltueSFrEaK3kcH0WAuo2tcpA |
|
.cutt.us/ | Name: __gpi Value: UID=00000be300bf73b6:T=1681658341:RT=1681658341:S=ALNI_MbgVM8z9wbkVGOXqtrnP71R5HO5vw |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com
adservice.google.com
cutlinks.ca
cutt.us
imduyv.gob.mx
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
190.115.26.9
2606:4700::6812:acf
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
68.65.121.216
69.61.26.122
095b00a947e39ff2eaf6388fa4b4a47f4e4294f62f1763efc181c5e48b7ad327
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d309e54873d9219eec4ca63af38fdd3885de42b10aae999cf1a6bf83aa812c2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e711ba755b21dcac232b0349a31fbc826640ee21f32162234954a272a9efca1
5733efc9c2f38b7b1a2fd21a763803c14e7286a6264cb85dd117754da6680c34
58273c51f55c256d3415aa428c3d6b5c4d50bd95ffd0aaa0870a1e9b845ceb3a
588c61a23f00676877ebe19391294d510c0ebe0e3416926c5fc50ec15a3ba049
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597c432575e9111ce5768a8f6daad60a3af9f496adc2ad221752bf251210fdba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6
88861ad753f942c86dff23c369d0ba16b1f8b7b1459f1a22a9cfb60c35c08665
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
9f7c3261df3df9aae8b6c8e4433a7ba73cedd3a1c17880764b6728a0f52980c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c78765ecb93910d381ecf6ef99bdedeec27e84fa06070bdf7a596b1ed3a87b8d
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
edcd4c49fcb8bf04f1d999fb31c1285eeb6c5939657482019564220ae5f85c84
f1adf3bd41013e705b1257dd8478addbdc83bc1a4b1087212bcff296dbe316e1