live3.news4more.com
Open in
urlscan Pro
2606:4700::6812:1b7e
Public Scan
Effective URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-...
Submission: On March 30 via manual from US — Scanned from FR
Summary
TLS certificate: Issued by E1 on February 4th 2023. Valid for: 3 months.
This is the only time live3.news4more.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 46.105.88.234 46.105.88.234 | 16276 (OVH) (OVH) | |
1 1 | 142.93.114.237 142.93.114.237 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 1 | 34.107.223.80 34.107.223.80 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 2 | 52.213.121.49 52.213.121.49 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6812:1b7e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 2606:4700::68... 2606:4700::6812:a95 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 2606:4700::68... 2606:4700::6812:d73b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:d63b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 7 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.223.107.34.bc.googleusercontent.com
www.xn3j2k.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-121-49.eu-west-1.compute.amazonaws.com
eu-adsrv.rtbsuperhub.com |
ASN13335 (CLOUDFLARENET, US)
lpmedia.servefilesonly.com | |
imedia.servefilesonly.com |
ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com | |
onesignal.com | |
img.onesignal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 182885 imedia.servefilesonly.com — Cisco Umbrella Rank: 221691 |
961 KB |
6 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3575 onesignal.com — Cisco Umbrella Rank: 1243 img.onesignal.com — Cisco Umbrella Rank: 6776 |
94 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 357 |
32 KB |
2 |
rtbsuperhub.com
2 redirects
eu-adsrv.rtbsuperhub.com — Cisco Umbrella Rank: 64941 |
1 KB |
1 |
news4more.com
live3.news4more.com — Cisco Umbrella Rank: 866755 |
7 KB |
1 |
xn3j2k.com
1 redirects
www.xn3j2k.com |
434 B |
1 |
alwaysbeemailing.com
1 redirects
alwaysbeemailing.com |
403 B |
1 |
sayhitorachel.com
1 redirects
tracking.sayhitorachel.com |
681 B |
28 | 9 |
Domain | Requested by | |
---|---|---|
16 | lpmedia.servefilesonly.com |
live3.news4more.com
|
3 | onesignal.com |
cdn.onesignal.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdn.onesignal.com |
live3.news4more.com
cdn.onesignal.com |
2 | eu-adsrv.rtbsuperhub.com | 2 redirects |
1 | img.onesignal.com | |
1 | imedia.servefilesonly.com |
live3.news4more.com
|
1 | ajax.googleapis.com |
live3.news4more.com
|
1 | fonts.googleapis.com |
live3.news4more.com
|
1 | live3.news4more.com | |
1 | www.xn3j2k.com | 1 redirects |
1 | alwaysbeemailing.com | 1 redirects |
1 | tracking.sayhitorachel.com | 1 redirects |
28 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.news4more.com E1 |
2023-02-04 - 2023-05-05 |
3 months | crt.sh |
*.servefilesonly.com E1 |
2023-02-18 - 2023-05-19 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-03 - 2023-06-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Frame ID: C3DF42B8868F7B177E84A3817784426F
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
bl.news4more.comPage URL History Show full URLs
-
http://tracking.sayhitorachel.com/tracking/click?d=LdT8bX4yDpuVkhjcM4x2R0xPxFRcZb8OV8jyJi9Wm1R4D6Z8oMwUEeu6epE...
HTTP 302
https://alwaysbeemailing.com/campaigns/xw4140p7qe105/track-url/ny850v299b4c4/dc51da57886d5186b1da88f828c9... HTTP 301
https://www.xn3j2k.com/cmp/2Z3GP8/25D7F3/?source_id=msp&sub1=xw4140p7qe105&sub2=sayhitorachel&sub3=... HTTP 302
https://eu-adsrv.rtbsuperhub.com/ir/?placement=8ba6f30d-635a-4292-ac16-504de8d18b50&subPublisher=79 HTTP 302
https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642... HTTP 302
https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auct... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
OneSignal (Marketing automation) Expand
Detected patterns
- cdn\.onesignal\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tracking.sayhitorachel.com/tracking/click?d=LdT8bX4yDpuVkhjcM4x2R0xPxFRcZb8OV8jyJi9Wm1R4D6Z8oMwUEeu6epEiPE1ho1BMZN8BBorAcXeJo4FKNwLf7CqVwdJF4GtnUe7xd99W3ZlAEkbQkKgigskM_zLhRNSLjPAJmUOS7f6P9RAE-Azmse4ixsFjDVgM_j4K3a3QmukHBIZA2BBY0hzcPRNO2wQBZW8V1mx-rzPdMUB0RiwaPbtCwzxmWWM4WSWJGLHJaL7WnRJo5izBIBpjOfUoMQ2
HTTP 302
https://alwaysbeemailing.com/campaigns/xw4140p7qe105/track-url/ny850v299b4c4/dc51da57886d5186b1da88f828c953f4e0de8801 HTTP 301
https://www.xn3j2k.com/cmp/2Z3GP8/25D7F3/?source_id=msp&sub1=xw4140p7qe105&sub2=sayhitorachel&sub3=vos.am@hotmail.com&sub4=abe HTTP 302
https://eu-adsrv.rtbsuperhub.com/ir/?placement=8ba6f30d-635a-4292-ac16-504de8d18b50&subPublisher=79 HTTP 302
https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb HTTP 302
https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
jmc6100
live3.news4more.com/landing/ Redirect Chain
|
26 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corner.css
lpmedia.servefilesonly.com/widgets/corner/ |
170 B 484 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
lpmedia.servefilesonly.com/build/templates/MB/JMobileChat/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
casualdatingHeart.png
lpmedia.servefilesonly.com/img/_logos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
casualdatingHeart_w.png
lpmedia.servefilesonly.com/img/_logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.min.js
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popwin.js
lpmedia.servefilesonly.com/js/ |
854 B 569 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcdddee3-dca0-4a95-b1e9-cb4fc033e0f0.jpg
imedia.servefilesonly.com/ |
215 KB 215 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
284 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-1.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
367 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-2.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
127 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
onesignal.com/api/v1/sync/ab03e1b9-a368-491d-a853-57db5d2801a2/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-1.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
8 KB 8 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-2.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
27 KB 27 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-2.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
283 KB 283 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OneSignalSDKStyles.css
onesignal.com/sdks/ |
82 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-1.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
360 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon
onesignal.com/api/v1/apps/ab03e1b9-a368-491d-a853-57db5d2801a2/ |
184 B 774 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dddf4ef8-d9fc-4042-9ac7-f11cba5eb983
img.onesignal.com/permanent/ |
11 KB 11 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-3.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
239 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-3.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
11 KB 12 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jmc6100-3.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ |
395 KB 396 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| OneSignal function| $ function| jQuery object| x undefined| j undefined| ll undefined| selElmnt undefined| a undefined| b undefined| c function| closeAllSelect undefined| typingTimer object| dataCountries object| $country undefined| $countryName object| $zipCity undefined| $btnLocation undefined| $btnValidateLocation undefined| $displayErrorLocation boolean| isLocationByGeolocation number| doneTyping object| countries undefined| curLanguage function| _eventClickAutocomplete function| findCountryCode function| displayCountry function| findCountryName function| buildAutocomplete function| getCurentLocation function| getCurentLocationByIp function| sendCurrentLocation function| sendValidateLocation function| fillLocationValidated function| validateLocation function| validateLocationMessage function| getCurrentLink function| goToStep function| countdownToNextStep function| activeProgressBar function| Validator object| Popwin function| populateLinks function| deeplinkQueryStringToArray function| deeplinkAddParametersToURL function| rotateImg function| LoadVideo number| __oneSignalSdkLoadCount function| __jp07 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
eu-adsrv.rtbsuperhub.com/ir | Name: srtbid Value: TP-642572451dfbb7.73447394 |
|
www.xn3j2k.com/ | Name: uniqueClick_25D7F3 Value: a810284b-5e7b-4448-ba84-e81c49957709:1680175684 |
|
www.xn3j2k.com/ | Name: transaction_id Value: 45f4cb7560e64b9ca30389f26d1fb66f |
|
live3.news4more.com/ | Name: PHPSESSID Value: e2nvpgu1vfoc2igup8ausut3d5 |
|
.news4more.com/ | Name: __cf_bm Value: xG44p_ktb9bkFPVJmu1alA8COZZz3SsPfnL1KV1icPg-1680175685-0-AdYTJXfVftc1EhChXK13S3JOd1PXOhhuVb61cPJBiI5c+BN22LPUzweY5mIB4Q4ajSU/yy3M5NfTMJiEc49/UoI= |
|
.servefilesonly.com/ | Name: __cf_bm Value: 8Sg2yuU5.HamjMNQA2AzntfCBUI1IZhVHhTrto.1o7c-1680175685-0-Ab6t/wOvYcWyttP8/6X2BXokNc/GYZNADlZ0YvoToUdeFnsUeVpvZwcy4LBBkw41CWtQ/01p+Mv0kS5M9JEGS1M= |
|
.onesignal.com/ | Name: __cf_bm Value: 7yyeKUEu7MoB581p5nm1e_.mB8E4nYtaGF8JTyuq5T4-1680175685-0-ARG3Su2YlpzGU2UvkVCHc6lbcxsz7wSEuXgmDp1S2ETUlcMs6/GHzEuY2N+lLQjAr5KMVcHIrV8JQOgXr2II6Yo= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
alwaysbeemailing.com
cdn.onesignal.com
eu-adsrv.rtbsuperhub.com
fonts.googleapis.com
fonts.gstatic.com
imedia.servefilesonly.com
img.onesignal.com
live3.news4more.com
lpmedia.servefilesonly.com
onesignal.com
tracking.sayhitorachel.com
www.xn3j2k.com
142.93.114.237
2606:4700::6812:1b7e
2606:4700::6812:a95
2606:4700::6812:d63b
2606:4700::6812:d73b
2a00:1450:4001:812::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
34.107.223.80
46.105.88.234
52.213.121.49
0ad52165cc6b3c50eba82c56abb65284455ad606c29b6f134ee1e472dc4cbaa2
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299
19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9
357629ec1614161f8b3eab4f5643e824aa39a262bac26c32b64f5324f1f46563
3f8b95b5b14094945598842bd5e4877c8a7a37733975e0d809e41cc53f999587
459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2
5c1061d49dac41af1ca8c10ed195d78d35f5f87551a36bd148189ee9101910ff
7cab4be0e7fe939d22c5ea3167b1d8378988494642ca8d6fd41ce84f1e03d623
7fea82fe2adfc37eba8bc5f85a421f48c1c00c467d253dbd07fd8107b8c39620
8a00c8802774a18c05eb659f1ed3ca884a658e5304a71aacf0a498131f441563
90dbf5e0dc6571f4d401fc345e91eaca9df0354ed9180628d0e3bbac88cdf372
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895
a1dca8107ce4f619cc1b33257c1f1cbacd657697d91a0551c1feef4803627c45
abb9665c2650167450a41f608d8d02dbe67658109c6454c51b64917ff29416c1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181
afb61b7d333ca96af47d36a167dd0af56d6ab22b70b82869ea19be9a7f8e5438
c30f4cb0a4bb08c2bf52de94091cd64de5301e9a5c77b36ca8c686dcaf31e466
ceb58acc54679268926472a6a05930c84036b8b1ba18be1a33d10e1838382f7b
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
f0a503b8a23dd6b7fc6c57e296ad31f4208d1ad7e71a90d58232cccb99fac6d2
f30f1eca639cb609aaf9b3f23f0f685394d1e4097c582df10fe7e9bd9fc95d0d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e