amerifirstloan.com
Open in
urlscan Pro
166.78.186.77
Public Scan
Effective URL: https://amerifirstloan.com/
Submission Tags: falconsandbox
Submission: On January 20 via api from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 10th 2019. Valid for: 2 years.
This is the only time amerifirstloan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN50152 (IMED, GB)
PTR: intermedia.co.uk
url.emailprotection.link |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
amerifirstloan.com
amerifirstloan.com |
4 MB |
4 |
google-analytics.com
www.google-analytics.com |
19 KB |
3 |
google.com
www.google.com |
648 B |
3 |
fontawesome.com
use.fontawesome.com |
98 KB |
2 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
143 KB |
2 |
facebook.net
connect.facebook.net |
31 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
31 KB |
2 |
jquery.com
code.jquery.com |
36 KB |
1 |
facebook.com
www.facebook.com |
266 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
88 B |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
1 |
amerifirst.us
1 redirects
www.amerifirst.us |
576 B |
1 |
emailprotection.link
1 redirects
url.emailprotection.link |
202 B |
42 | 13 |
Domain | Requested by | |
---|---|---|
21 | amerifirstloan.com |
amerifirstloan.com
|
4 | www.google-analytics.com |
amerifirstloan.com
www.google-analytics.com |
3 | www.google.com |
amerifirstloan.com
www.gstatic.com |
3 | use.fontawesome.com |
amerifirstloan.com
use.fontawesome.com |
2 | connect.facebook.net |
amerifirstloan.com
connect.facebook.net |
2 | code.jquery.com |
amerifirstloan.com
|
1 | www.facebook.com |
amerifirstloan.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.gstatic.com |
www.google.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googletagmanager.com |
amerifirstloan.com
|
1 | ajax.googleapis.com |
amerifirstloan.com
|
1 | fonts.googleapis.com |
amerifirstloan.com
|
1 | www.amerifirst.us | 1 redirects |
1 | url.emailprotection.link | 1 redirects |
42 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
www.linkedin.com |
www.instagram.com |
protectyourtransaction.com |
www.greenvaluemortgages.us |
payment.amerifirst.us |
amerifirst.hrmdirect.com |
www.nmlsconsumeraccess.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.amerifirstloan.com Go Daddy Secure Certificate Authority - G2 |
2019-10-10 - 2021-10-10 |
2 years | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://amerifirstloan.com/
Frame ID: 3AE5B14142B20E0A1A04184C291249CC
Requests: 40 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEt0sUAAAAACN1fPJCyZMx7Kd6MkYrK6A1cuIh&co=aHR0cHM6Ly9hbWVyaWZpcnN0bG9hbi5jb206NDQz&hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&size=normal&cb=7vys6zttbcfn
Frame ID: 9937AF2D1FB5E678C0DF19CA0284EE67
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&k=6LcEt0sUAAAAACN1fPJCyZMx7Kd6MkYrK6A1cuIh&cb=x5jm7uw51zpz
Frame ID: 6772EB86BE9649393F03F2B0D190D1B6
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://url.emailprotection.link/?aGJzNT67dpIMPacS1t6YPAggF_oSZn_ZXm7XpFCezoXk~
HTTP 302
http://www.amerifirst.us/ HTTP 302
https://amerifirstloan.com/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: face-book
Search URL Search Domain Scan URL
Title: twitter
Search URL Search Domain Scan URL
Title: linkedin
Search URL Search Domain Scan URL
Title: instagram
Search URL Search Domain Scan URL
Title: Protect Your Transaction®
Search URL Search Domain Scan URL
Title: Green Value Mortgage
Search URL Search Domain Scan URL
Title: Payments
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: https://www.nmlsconsumeraccess.org/
Search URL Search Domain Scan URL
Title: NMLS CONSUMER ACCESS
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://url.emailprotection.link/?aGJzNT67dpIMPacS1t6YPAggF_oSZn_ZXm7XpFCezoXk~
HTTP 302
http://www.amerifirst.us/ HTTP 302
https://amerifirstloan.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
amerifirstloan.com/ Redirect Chain
|
25 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.0.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate-1.2.1.min.js
code.jquery.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
amerifirstloan.com/website/framework/includes/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.4.1/css/ |
49 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
12 KB 928 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
amerifirstloan.com/themes/amerifirst-responsive2/css/ |
88 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.main.js
amerifirstloan.com/themes/amerifirst-responsive2/js/ |
163 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon01.png
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon02.png
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
884 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon03.png
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
890 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 648 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-logo.png
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
housing-logo.png
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amerifirst-best-2020.png
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img1.jpg
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
176 KB 176 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img2.jpg
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
178 KB 178 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img3.jpg
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
166 KB 166 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg1.jpg
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
602 KB 602 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg2.jpg
amerifirstloan.com/themes/amerifirst-responsive2/images/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova-light-webfont.woff
amerifirstloan.com/themes/amerifirst-responsive2/fonts/ |
25 KB 26 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova-bold-webfont.woff
amerifirstloan.com/themes/amerifirst-responsive2/fonts/ |
26 KB 26 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.ttf
amerifirstloan.com/themes/amerifirst-responsive2/fonts/ |
8 KB 9 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova-reg-webfont.woff
amerifirstloan.com/themes/amerifirst-responsive2/fonts/ |
25 KB 26 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova-black-webfont.woff
amerifirstloan.com/themes/amerifirst-responsive2/fonts/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ |
70 KB 71 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/r8jtf1oixV0IGff4hgB4EzDF/ |
335 KB 131 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
323104055112426
connect.facebook.net/signals/config/ |
27 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
anchor
www.google.com/recaptcha/api2/ Frame 9937 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 88 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 266 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
bframe
www.google.com/recaptcha/api2/ Frame 6772 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| fbq function| _fbq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| recaptcha object| closure_lm_734700 function| initSlickCarousel function| initCustomForms function| initMobileNav function| initStickyScrollBlock function| initFormValidation function| initTouchNav function| TouchNav function| StickyScrollBlock object| lib object| jcf0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
amerifirstloan.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
url.emailprotection.link
use.fontawesome.com
www.amerifirst.us
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
166.78.186.77
185.64.213.245
192.237.213.130
2001:4de0:ac19::1:b:3b
23.111.9.35
2a00:1450:4001:802::2004
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
024bed6c7e5e4147acb6ee2560ce2f16164fad0c499f338dc00a6f22c5cf49a0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1424c290879c2d40f9793c217485d1809bc3e6e63af5ce0f642781949bc0486c
1b5d4a5a56d9a495dc98c1a86228a27f6ad95946c574cff629a2969d92601db0
1c2129a2a9b7b70817512f371b97bf3130af782faf9c4a39b225a9d94eaeddfd
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2924b6b94397fe2ad1b750e9a441207b7c5d3f8a9675f5086a91d761d2ccc6b4
2ee60bf2732808df672ec29e19df5cbe8ce6d3c0f27aecaca01e7d68ebf9797d
4563536c86f7a600da68a786d23dcf404cc9b3085329ba666e791e4f6f44b29d
45d657a861acaa724c4157df0feb0cae2f51807a0bd894d94e765a18c09e2323
4899cb99dee48d1ce59bc04b138d67b15a79c700329f1967cbd5c456fe6f0f5e
48abb204396a94892597a0ad0e9cfa84eb793c98e8028826462296798347eb41
48afd58db5dc1d3c49fb6c4ee6d999f2505c8a7e5a0e2c6b777ce0b068cdd7e8
49d54f4fb8ffddff3eb0a1b5261619c237715e5497dc6ca0dc8645a535ffeb9a
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
4d64f142cf22d40343bbf54ee0e0ec48b7b2bc654b9be78517d5634207286524
508e254532c4b1add4bdaa65e30fe0a2ef5e31b6eb807ff84a51c4a91bcc285f
5468f0d1f8207ab01a1c3dadc4eb7f2094be7e50b40397f78c101ed6672cd676
564958e69240021b2182dcab3740d4f0b74d30c728b36cb1413f9f78b2ac912f
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
760656a8ccb71a3f3e37734a335bb16ae0680b15965fec11aae58f9624dcf765
795c38d8807d7b8c66883277b7068594e58d4801f1ad80aba48d74e4937ce70b
7c93df798420dc9da00b01ff5f92c06538207ec97087aa7a6ecce1fc46e85d21
817d91fe1e6ae54b940a634fddca1050fe269dd0cf5235153dad31b3413efc20
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8cf9e9d0e4961b0f2ddccfeb3649dcdcb3752478c418f311e2b24c9a6b2666f7
9bc0d9ba8718d2cf3413598cb0f3aabc35765bd06c1c211589da4960a86a8297
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
d19fffadd3448844a6dbe84367829270272056216face9083c9c01feccbf967e
db2be83ef0e790bdc0535ba8beb6399b63ea9d0eddb7da5010311e7a7bc23a16
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6109992abe5571adb8fcd2f375b15233a4590ca21ef5e458208b53ebf9ce57a
f12a5f225009d38a814b8d49c9b49af79f6ae647d8d029d30017cbe52bcaaf97
f9200496dc486ec1b8526d6b4a3bbe8818618993757b326518d59d4b09d78fa0