participant.myameriflex.com
Open in
urlscan Pro
146.88.104.115
Public Scan
Effective URL: https://participant.myameriflex.com/
Submission: On December 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 1st 2020. Valid for: 2 years.
This is the only time participant.myameriflex.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN33070 (RMH-14, US)
participant.myameriflex.com | |
producer-api.ameriflexbenefits.com |
ASN20473 (AS-CHOOPA, US)
PTR: d13.adspeed.us
host.fsastore.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-14.ham50.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-54-230-205-75.ham50.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-4-166.eu-west-1.compute.amazonaws.com
d.adroll.com |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-78.ham50.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-233-146.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-130-246.compute-1.amazonaws.com
api.raygun.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-23-145.eu-west-1.compute.amazonaws.com
ws2.hotjar.com |
ASN16509 (AMAZON-02, US)
dg9yx063wiiht.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
typekit.net
use.typekit.net p.typekit.net |
333 KB |
10 |
myameriflex.com
participant.myameriflex.com |
15 MB |
6 |
fsastore.com
host.fsastore.com cdn.fsastore.com |
18 KB |
5 |
adroll.com
4 redirects
d.adroll.com |
3 KB |
5 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws2.hotjar.com |
65 KB |
3 |
raygun.io
api.raygun.io |
513 B |
2 |
ameriflexbenefits.com
producer-api.ameriflexbenefits.com |
377 B |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net |
946 B |
2 |
polyfill.io
cdn.polyfill.io |
787 B |
1 |
pubmatic.com
simage2.pubmatic.com |
549 B |
1 |
cloudfront.net
dg9yx063wiiht.cloudfront.net |
30 KB |
41 | 11 |
Domain | Requested by | |
---|---|---|
10 | participant.myameriflex.com |
participant.myameriflex.com
|
9 | use.typekit.net |
participant.myameriflex.com
|
5 | d.adroll.com |
4 redirects
participant.myameriflex.com
|
4 | host.fsastore.com |
participant.myameriflex.com
host.fsastore.com |
3 | api.raygun.io |
participant.myameriflex.com
|
2 | producer-api.ameriflexbenefits.com |
participant.myameriflex.com
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | cdn.fsastore.com |
participant.myameriflex.com
|
2 | cdn.polyfill.io |
participant.myameriflex.com
|
1 | simage2.pubmatic.com | |
1 | dg9yx063wiiht.cloudfront.net |
participant.myameriflex.com
|
1 | ws2.hotjar.com |
participant.myameriflex.com
|
1 | in.hotjar.com |
participant.myameriflex.com
|
1 | p.typekit.net |
participant.myameriflex.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
participant.myameriflex.com
|
41 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
fsastore.com |
host.fsastore.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.myameriflex.com DigiCert SHA2 Secure Server CA |
2020-04-01 - 2022-04-22 |
2 years | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-08-16 - 2022-08-16 |
a year | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020 |
2021-06-04 - 2022-07-06 |
a year | crt.sh |
host.fsastore.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-04 - 2022-08-06 |
2 years | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
*.fsastore.com Sectigo RSA Domain Validation Secure Server CA |
2020-03-01 - 2022-03-01 |
2 years | crt.sh |
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-05 - 2022-12-06 |
a year | crt.sh |
*.ameriflexbenefits.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-10 - 2023-01-10 |
a year | crt.sh |
*.raygun.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-10-11 - 2022-11-11 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://participant.myameriflex.com/
Frame ID: 1277EE1952A7CC13B0EFC87564132621
Requests: 40 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 03C9AB67E4D8C1A5F103F2CBD20FE804
Requests: 1 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Shop FSA Store
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90 HTTP 302
- https://d.adroll.com/cm/g/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=V4vTgRLNEUD-Cjqqq4PGrQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=V4vTgRLNEUD-Cjqqq4PGrQ&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
- https://d.adroll.com/ipixel/S6N6R5JXAJC35DUNEZUZ2E/LCNO3PT6OJCT7NAYJVQ443?name=32060c90 HTTP 302
- https://d.adroll.com/cm/pubmatic/out?advertisable=S6N6R5JXAJC35DUNEZUZ2E HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
participant.myameriflex.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eex8ezx.js
use.typekit.net/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
cdn.polyfill.io/v2/ |
222 B 618 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
participant.myameriflex.com/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qc.php
host.fsastore.com/ |
269 B 483 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.3b40c149c193716ce5cf.js
participant.myameriflex.com/ |
3 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1256861.js
static.hotjar.com/c/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
cdn.polyfill.io/v2/ |
222 B 169 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.cbd9b920d05cd9e47f57.js
script.hotjar.com/ |
227 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qc.php
host.fsastore.com/ |
1 KB 920 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1180x125.jpg
cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 536 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qc.php
host.fsastore.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-config.json
participant.myameriflex.com/ |
36 B 125 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ |
34 KB 35 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ |
34 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/309dfe/000000000000000000010091/27/ |
42 KB 42 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/eb729a/000000000000000000010092/27/ |
42 KB 42 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ |
50 KB 51 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/cf3e4e/000000000000000000010095/27/ |
56 KB 56 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame 03C9 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feature
producer-api.ameriflexbenefits.com/papi/ |
166 B 338 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/1256861/ |
146 B 323 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
api.raygun.io/ |
2 B 171 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
api.raygun.io/ |
2 B 171 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
content
ws2.hotjar.com/api/v2/sites/1256861/recordings/ |
66 B 398 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amazon-connect-chat-interface-client.js
dg9yx063wiiht.cloudfront.net/ |
98 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
api.raygun.io/ |
2 B 171 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1180x125.jpg
cdn.fsastore.com/tpa/fsa/PartnerAssets/Ban/OTC/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Redirect Chain
|
1 B 549 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qc.php
host.fsastore.com/ |
43 B 173 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infinite-logo-white.svg
participant.myameriflex.com/images/ |
6 MB 6 MB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infinite-logo-blue.svg
participant.myameriflex.com/images/ |
6 MB 6 MB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
announcement
producer-api.ameriflexbenefits.com/ |
2 B 39 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Background4.jpg
participant.myameriflex.com/images/ |
753 KB 753 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular.woff2
participant.myameriflex.com/font/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Light.woff2
participant.myameriflex.com/font/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-ExtraBold.woff2
participant.myameriflex.com/font/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Typekit function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| asdate string| q string| c object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| amf object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched string| RaygunObject function| rg4js object| TraceKit object| webVitals function| raygunUtilityFactory function| raygunNetworkTrackingFactory function| raygunBreadcrumbsFactory function| raygunCoreWebVitalFactory object| Raygun function| flatpickr object| s function| amazon_connect number| 2f1acc6c3a606b082e5eef5e54414ffb12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
host.fsastore.com/ | Name: impuniraw Value: 581385-1639691686 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkjda_iSV9-pSCjIGPHAaWMq_zDle8UeIS1VMBbJxJstXXQ6p-aaWY-C3Mgq9A |
|
d.adroll.com/ | Name: __adroll Value: 578bd38112cd1140fe0a3aaaab83c6ad-g_1639605286-a_1639605286 |
|
.adroll.com/ | Name: __adroll_shared Value: 578bd38112cd1140fe0a3aaaab83c6ad-g_1639605286-a_1639605286 |
|
.myameriflex.com/ | Name: _hjSessionUser_1256861 Value: eyJpZCI6IjBkN2UyY2JjLThmYzgtNTBiNi05MjcwLTFmYWY1ZTZhMzA2ZCIsImNyZWF0ZWQiOjE2Mzk2MDUyODU3MTEsImV4aXN0aW5nIjpmYWxzZX0= |
|
.myameriflex.com/ | Name: _hjFirstSeen Value: 1 |
|
.myameriflex.com/ | Name: _hjSession_1256861 Value: eyJpZCI6IjAzYWQyNzAwLTA4MzctNDJlNC1hMDE2LTQ0ZGE5YzIxZDM0NSIsImNyZWF0ZWQiOjE2Mzk2MDUyODY3OTh9 |
|
participant.myameriflex.com/ | Name: _hjIncludedInSessionSample Value: 1 |
|
.myameriflex.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.pubmatic.com/ | Name: KRTBCOOKIE_10 Value: 22808-NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ&KRTB&22883-NTc4YmQzODExMmNkMTE0MGZlMGEzYWFhYWI4M2M2YWQ |
|
.pubmatic.com/ | Name: PugT Value: 1639597441 |
|
.pubmatic.com/ | Name: PUBMDCID Value: 3 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.raygun.io
cdn.fsastore.com
cdn.polyfill.io
cm.g.doubleclick.net
d.adroll.com
dg9yx063wiiht.cloudfront.net
host.fsastore.com
in.hotjar.com
p.typekit.net
participant.myameriflex.com
producer-api.ameriflexbenefits.com
script.hotjar.com
simage2.pubmatic.com
static.hotjar.com
use.typekit.net
vars.hotjar.com
ws2.hotjar.com
108.128.4.166
142.250.184.226
146.88.104.115
151.139.245.16
18.206.130.246
185.64.189.110
2600:9000:2016:4400:1b:1126:8840:21
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba0a
2a04:4e42:600::282
34.240.23.145
45.77.88.11
52.222.186.14
52.222.186.78
54.230.205.75
63.32.233.146
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
498fbaaa1dec46ea8e25fdd8ef0ea0f8541c9bfcc9f6e6a7c41d7090202b685f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d
78f91cfc7d9442353eea1fd73f25d3b0a575ddf5072127a1fabc4278fc57878a
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868
85c53e187a3762188e52037f4132042e3e8facafda6c8df8b28e03167bf94710
85de3416fff19aff55dc409f6b0117f55f1724036a17d5ed4935bd5ea288538e
8a2de23d0a1ae5711886f9fd002e56c02ca094280f33821ccec07c91e6a480cd
90190604592ae0b7e70d5cf050ef73784a8e94ee5cebf5ca241289cc1fc849e6
9191236609651784e259092183314fe28193d10e100e8a736cab8b84fbda8665
93a3c605abb6468f589004e823898e5c6c5b5bdbdb9406e7baf1834360ce5c88
953823347d8f87e8978c4ae174f49f45e9d1c67c1199bb2d4571b7e0d38ae514
9911551bfac483efeaad5d4f502eaf6796e61f1776eaeac37e937104e47ec84f
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
b1070994a5ce59988e75c06e05cabaf0d68ab6125cdc979164c9eb4d99efb648
b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff
beb6f491167c8b47575c89aad57323ab8717e0da5d094cabc62f8a689c9abc57
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cafd7efa7ed59c732810e406f1cf32730148f18a5268794cddedae252bd1f358
cb39ecf529057e48380aadb4e9aea9228a0a92dc02189874e5942ff9425b1f9c
ce86d72dbc9cb4c204fed9801c2d10400a59983a4c1d557d8ab8e9aadb6c7f49
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cfadaf3f9466f990d8f188c1f9f97fa83fc95c345aa8ddb00aaf47990708f9e6
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d5dad4403d4ae0560704f4fb671398490d4066db76b8a757f838308e06cf15ec
e352678cf6d79046a1fb15152a37bc39890e8f72ded43cfb94562f4776f872be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f97a3cab0f4e0eef38180b5b68f9ff006018efa6e3515fbb9f1c0b8c7110c0ab