www.zzgifts.online
Open in
urlscan Pro
45.32.110.74
Public Scan
Submitted URL: http://track.arise-yumeco.com/b7400a64-966e-48bf-9233-9691c4f7a97c?zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&subage=%5Bsubscriptio...
Effective URL: https://www.zzgifts.online/idmoney/index.php?city=Iserlohn&model=Desktop&brand=Desktop&cep=e7v3zFf6sevEBcXnJSWamUVyJUAIBabp...
Submission: On August 02 via api from US — Scanned from DE
Effective URL: https://www.zzgifts.online/idmoney/index.php?city=Iserlohn&model=Desktop&brand=Desktop&cep=e7v3zFf6sevEBcXnJSWamUVyJUAIBabp...
Submission: On August 02 via api from US — Scanned from DE
Summary
This website contacted 4 IPs
in 3 countries
across 5 domains to perform 27 HTTP transactions.
The main IP is 45.32.110.74, located in
Singapore, Singapore and
belongs to AS-CHOOPA, US.
The main domain is www.zzgifts.online.
TLS certificate: Issued by R10 on July 16th 2024. Valid for: 3 months.
This is the only time www.zzgifts.online was scanned on urlscan.io!
TLS certificate: Issued by R10 on July 16th 2024. Valid for: 3 months.
This is the only time www.zzgifts.online was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 18.195.243.218 18.195.243.218 | 16509 (AMAZON-02) (AMAZON-02) | |
| 13 | 45.32.110.74 45.32.110.74 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
| 12 | 139.45.197.250 139.45.197.250 | 9002 (RETN-AS) (RETN-AS) | |
| 1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
| 27 | 4 |
2
18.195.243.218
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-243-218.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-243-218.eu-central-1.compute.amazonaws.com
| track.arise-yumeco.com |
13
45.32.110.74
(Singapore, Singapore)
ASN20473 (AS-CHOOPA, US)
PTR: 45.32.110.74.vultrusercontent.com
ASN20473 (AS-CHOOPA, US)
PTR: 45.32.110.74.vultrusercontent.com
| www.zzgifts.online |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
zzgifts.online
www.zzgifts.online |
92 KB |
| 12 |
shaumtol.com
shaumtol.com — Cisco Umbrella Rank: 113885 |
19 KB |
| 2 |
arise-yumeco.com
2 redirects
track.arise-yumeco.com |
2 KB |
| 1 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 5822 |
547 B |
| 0 |
kaspersky-labs.com
Failed
ie.kis.scr.kaspersky-labs.com Failed |
|
| 27 | 5 |
| Domain | Requested by | |
|---|---|---|
| 13 | www.zzgifts.online |
www.zzgifts.online
shaumtol.com |
| 12 | shaumtol.com |
www.zzgifts.online
shaumtol.com |
| 2 | track.arise-yumeco.com | 2 redirects |
| 1 | my.rtmark.net |
shaumtol.com
|
| 0 | ie.kis.scr.kaspersky-labs.com Failed |
www.zzgifts.online
|
| 27 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| push.winprizes790.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.zzgifts.online R10 |
2024-07-16 - 2024-10-14 |
3 months | crt.sh |
| shaumtol.com E5 |
2024-07-30 - 2024-10-28 |
3 months | crt.sh |
| rtmark.net R11 |
2024-07-05 - 2024-10-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.zzgifts.online/idmoney/index.php?city=Iserlohn&model=Desktop&brand=Desktop&cep=e7v3zFf6sevEBcXnJSWamUVyJUAIBabprX1GV1UmiTfqzowg1T0c7E-FNR0IwZA2dxJO5QqgUYt87GhkEGoX0ux90MVdpbesYMQWwUvCJDWtigBwEci9tZNxi_pj4bDKM_gGv3G-jG4FBrjLFH_TYGJ8HjXnZmCUXRQNOHWBy1B5H70B6sLa-w_yIYYEV9Temu64MGV215N_DDpFS6bYcs6FWUbH6UFPH1LzGrHPle1EqEW4nqCNVqaBLvT78-G0YN6poRehzjm62GjKWMDSy0lYQvDN_3r808SdmOXb1YP0SOznXexOoWD9pq5i6NDDIGICKcy9SYxIwWwAVwBqCdQ3eMGUl6_6t8PIMcQ3x67WAvUpRhukoiQzX3eBHkRAZBf1jV64VZMb_eyufQ4WXK8nbwpl4Uj17wiQpOa4-3Nf6uNTEOPg2_Hhk7UFFMDxf4VQuvyvtUBG7XKWjsz1NY-wWYVWDqADCf_mjHRCkO_S9xpguXeo0Q-92OvSAg8swXrg0bClyzVTfyhAH_oq3Qlonctvfh2qrI23gchlkgdEIDmA6I8x9yXNYIT5EgZ6&lptoken=17db2275621963d414ee&zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&subage=%5Bsubscriptionage%5D&campaigid=%5Bcampaignid%5D&browser=%5Bbrowser%5D&creativeid=%5Bcreativeid%5D&bid=%5Bbid%5D&clickid=%5Bclickid%5D
Frame ID: E90B5FEBDCA86A9D8A02B8BBAE030A2C
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Kompetisi iPhone 11Page URL History Show full URLs
-
http://track.arise-yumeco.com/b7400a64-966e-48bf-9233-9691c4f7a97c?zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&s...
HTTP 307
https://track.arise-yumeco.com/b7400a64-966e-48bf-9233-9691c4f7a97c?zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&s... HTTP 307
https://track.arise-yumeco.com/b7400a64-966e-48bf-9233-9691c4f7a97c/2?zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D... HTTP 302
https://www.zzgifts.online/idmoney/index.php?city=Iserlohn&model=Desktop&brand=Desktop&cep=e7v3zFf6sevE... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://push.winprizes790.com/?utm_medium=35d2ee559ac5eb6a317c5d6a56fb84684af9f248&utm_campaign=DirectlinkAfflow&cid={clickid}
Title: Dapatkan Hadiah Anda →
Title: Dapatkan Hadiah Anda →
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://track.arise-yumeco.com/b7400a64-966e-48bf-9233-9691c4f7a97c?zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&subage=%5Bsubscriptionage%5D&campaigid=%5Bcampaignid%5D&browser=%5Bbrowser%5D&creativeid=%5Bcreativeid%5D&bid=%5Bbid%5D&clickid=%5Bclickid%5D
HTTP 307
https://track.arise-yumeco.com/b7400a64-966e-48bf-9233-9691c4f7a97c?zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&subage=%5Bsubscriptionage%5D&campaigid=%5Bcampaignid%5D&browser=%5Bbrowser%5D&creativeid=%5Bcreativeid%5D&bid=%5Bbid%5D&clickid=%5Bclickid%5D HTTP 307
https://track.arise-yumeco.com/b7400a64-966e-48bf-9233-9691c4f7a97c/2?zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&subage=%5Bsubscriptionage%5D&campaigid=%5Bcampaignid%5D&browser=%5Bbrowser%5D&creativeid=%5Bcreativeid%5D&bid=%5Bbid%5D&clickid=%5Bclickid%5D HTTP 302
https://www.zzgifts.online/idmoney/index.php?city=Iserlohn&model=Desktop&brand=Desktop&cep=e7v3zFf6sevEBcXnJSWamUVyJUAIBabprX1GV1UmiTfqzowg1T0c7E-FNR0IwZA2dxJO5QqgUYt87GhkEGoX0ux90MVdpbesYMQWwUvCJDWtigBwEci9tZNxi_pj4bDKM_gGv3G-jG4FBrjLFH_TYGJ8HjXnZmCUXRQNOHWBy1B5H70B6sLa-w_yIYYEV9Temu64MGV215N_DDpFS6bYcs6FWUbH6UFPH1LzGrHPle1EqEW4nqCNVqaBLvT78-G0YN6poRehzjm62GjKWMDSy0lYQvDN_3r808SdmOXb1YP0SOznXexOoWD9pq5i6NDDIGICKcy9SYxIwWwAVwBqCdQ3eMGUl6_6t8PIMcQ3x67WAvUpRhukoiQzX3eBHkRAZBf1jV64VZMb_eyufQ4WXK8nbwpl4Uj17wiQpOa4-3Nf6uNTEOPg2_Hhk7UFFMDxf4VQuvyvtUBG7XKWjsz1NY-wWYVWDqADCf_mjHRCkO_S9xpguXeo0Q-92OvSAg8swXrg0bClyzVTfyhAH_oq3Qlonctvfh2qrI23gchlkgdEIDmA6I8x9yXNYIT5EgZ6&lptoken=17db2275621963d414ee&zoneid=%5Bzoneid%5D&subid=%5Bsubid%5D&subage=%5Bsubscriptionage%5D&campaigid=%5Bcampaignid%5D&browser=%5Bbrowser%5D&creativeid=%5Bcreativeid%5D&bid=%5Bbid%5D&clickid=%5Bclickid%5D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
index.php
www.zzgifts.online/idmoney/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
www.zzgifts.online/idmoney/ |
119 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
www.zzgifts.online/idmoney/ |
1 KB 579 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
www.zzgifts.online/idmoney/ |
96 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.zzgifts.online/idmoney/ |
85 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mobile-detect.min.js
www.zzgifts.online/idmoney/ |
36 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detect_device.js
www.zzgifts.online/idmoney/ |
777 B 411 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
countries.js
www.zzgifts.online/idmoney/ |
10 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
phil.png
www.zzgifts.online/idmoney/ |
371 B 371 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading.gif
www.zzgifts.online/idmoney/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checkmark.png
www.zzgifts.online/idmoney/ |
371 B 371 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
init
ie.kis.scr.kaspersky-labs.com/1B74BD89-2A22-4B93-B451-1C9E1052A0EC/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
micro.tag.min.js
shaumtol.com/pfe/current/ |
44 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sw-check-permissions-c68d7.js
www.zzgifts.online/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
zone
shaumtol.com/ |
0 338 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gid.js
my.rtmark.net/ |
65 B 547 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.zzgifts.online/ |
371 B 320 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zone
shaumtol.com/ |
824 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
shaumtol.com/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ie.kis.scr.kaspersky-labs.com
- URL
- https://ie.kis.scr.kaspersky-labs.com/1B74BD89-2A22-4B93-B451-1C9E1052A0EC/init?url=https%3A%2F%2Fwww.zzgifts.online%2Fidmoney%2Findex.php%3Fcity%3DIserlohn%26model%3DDesktop%26brand%3DDesktop%26cep%3De7v3zFf6sevEBcXnJSWamUVyJUAIBabprX1GV1UmiTfqzowg1T0c7E-FNR0IwZA2dxJO5QqgUYt87GhkEGoX0ux90MVdpbesYMQWwUvCJDWtigBwEci9tZNxi_pj4bDKM_gGv3G-jG4FBrjLFH_TYGJ8HjXnZmCUXRQNOHWBy1B5H70B6sLa-w_yIYYEV9Temu64MGV215N_DDpFS6bYcs6FWUbH6UFPH1LzGrHPle1EqEW4nqCNVqaBLvT78-G0YN6poRehzjm62GjKWMDSy0lYQvDN_3r808SdmOXb1YP0SOznXexOoWD9pq5i6NDDIGICKcy9SYxIwWwAVwBqCdQ3eMGUl6_6t8PIMcQ3x67WAvUpRhukoiQzX3eBHkRAZBf1jV64VZMb_eyufQ4WXK8nbwpl4Uj17wiQpOa4-3Nf6uNTEOPg2_Hhk7UFFMDxf4VQuvyvtUBG7XKWjsz1NY-wWYVWDqADCf_mjHRCkO_S9xpguXeo0Q-92OvSAg8swXrg0bClyzVTfyhAH_oq3Qlonctvfh2qrI23gchlkgdEIDmA6I8x9yXNYIT5EgZ6%26lptoken%3D17db2275621963d414ee%26zoneid%3D%255Bzoneid%255D%26subid%3D%255Bsubid%255D%26subage%3D%255Bsubscriptionage%255D%26campaigid%3D%255Bcampaignid%255D%26browser%3D%255Bbrowser%255D%26creativeid%3D%255Bcreativeid%255D%26bid%3D%255Bbid%255D%26clickid%3D%255Bclickid%255D&nocache=11924
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| MobileDetect object| md string| OSName function| convertCountryCode object| dayNames object| monthNames object| now string| today function| get_date function| getURLParameter object| s function| displayQuestion function| toggle boolean| PreventExitPop function| ExitPop object| zfgformats3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .track.arise-yumeco.com/ | Name: b7400a64-966e-48bf-9233-9691c4f7a97c-v4 Value: xLj4QvVR5jXlBU_MukkgIZ1VqihtIMMt2k05qiPRm0Q |
|
| .track.arise-yumeco.com/ | Name: cep-v4 Value: u1o3oxZ4VW-1_H0FAnL3XZOZHG3Fe7t-xDs9YlJ62I0ZbBy9sqKk-7KJ64YiaQ_IB6mB2jgIVexEjnY6Evdka406dPkusz0OSDPq_cvbmzoxu4KiTZ6JD1jG3e6mhE80FetMyf57_nraJcpKIkxC7UQo46diuuiSUjGUoLLyzBc1WYsGtqqT4utyyn9xqk1Wn4HGWE5gzbU2OJfowKIw05BPuDT89yOYGLchUHKhbIOQITCFLJzyra4tbxl1D8pTQdi-yH-UI0FiVNSVShD8bJozcdt3BhxpBIgHHccSMTs2gK8qKQFpXl1D7cfKOg30CupbWbs7hspk6bFN3p_XhO-b3TY14lOQDOmphZQ4RmxFmq6ySs_2KunUe0n8X29zAdoQun586JQfFrdPPFtcr_l9govPNCMht4M4wmx6gsxnrSlm0wZeZNPH3F1c2UQ5PQ8MycRLtFpM6YSNtVP6cBAUKfJ6g4w15HEIYzrcpO8Uian3R1a_u8B-HJnYMpDb35vq2kxoYHWc4G-dlQ2V-8vFX76dO6Tli_I4a3VyGINKgH4wK5JMp2wyf-kAO06g |
|
| my.rtmark.net/ | Name: ID Value: 0180ac2e8b884a5cf2e7c9e411f37973 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ie.kis.scr.kaspersky-labs.com
my.rtmark.net
shaumtol.com
track.arise-yumeco.com
www.zzgifts.online
ie.kis.scr.kaspersky-labs.com
139.45.195.8
139.45.197.250
18.195.243.218
45.32.110.74
1578bf9c69d9611023c51e986a448a5ba15267c004a152d74f6927ff815a1d86
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
2c2d27fbb655aa94d2ac35b08fbe141fa389ad7dbf6900ca4933675a58d13ba0
35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0
41b735828dc7b4a68c0481fa7f6e3b151750d6753e4ee9959b37d364a743add3
4e787764ab7abe57a9375d3243a755446740055b4c593ff1e73ed12eba7cf980
527175e3a0972998abf654b4a9e0aea4bc8bbf62aadd61042ad1e3cc89505da3
68863e14275c192461e1780c12f9c630ae15adf58784409d4b158c09bfecf314
99d25eda0ae02ebd0cc72d58f7fd20bfa7156418ceb848e0cfd5e75bfb240e90
a82de8f8a5ff6aa086494356a68e7c60bdd50885e9651a18cfa58b1fb862e7c5
a90a0feff0b27f7f8af357f7f3e35d3c7bc49b2c36067bb1ed9e3a64e2bb29e3
b9f13180163ebc1cf0aa4cea60a62aa2e9e1320226f88931995a9aafbea4207b
c0eb414b8acc11779e4f3486818db7bb4589c368165a39eac7c96baa98f72524
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855