fbdate.me
Open in
urlscan Pro
52.29.47.222
Malicious Activity!
Public Scan
Effective URL: https://fbdate.me/jump?tds_campaign=g1162tag&tds_id=g1162tag_jump_a_523547173656&tds_oid=19187&tds_cid=4b695658faa...
Submission: On December 13 via api from BE
Summary
TLS certificate: Issued by Amazon on June 5th 2019. Valid for: a year.
This is the only time fbdate.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a00:1450:400... 2a00:1450:4001:81b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 46.249.48.11 46.249.48.11 | 50673 (SERVERIUS-AS) (SERVERIUS-AS) | |
2 2 | 46.249.48.12 46.249.48.12 | 50673 (SERVERIUS-AS) (SERVERIUS-AS) | |
2 2 | 208.94.65.205 208.94.65.205 | 36529 (AXXA-RACKCO) (AXXA-RACKCO - Rackco.com) | |
1 4 | 52.29.47.222 52.29.47.222 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
7 | 2600:9000:20e... 2600:9000:20eb:b000:a:cd44:7f80:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 52.29.68.89 52.29.68.89 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
11 | 3.122.9.38 3.122.9.38 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
27 | 8 |
ASN50673 (SERVERIUS-AS, NL)
PTR: amsdemo-web01.rackco.com
funonthecards.info |
ASN50673 (SERVERIUS-AS, NL)
PTR: ageu-web02.rackco.com
gooolinks.com | |
usertolook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-47-222.eu-central-1.compute.amazonaws.com
fbdate.me |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
www.cdnreference.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-68-89.eu-central-1.compute.amazonaws.com
retargetcore.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-9-38.eu-central-1.compute.amazonaws.com
uf.noclef.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
noclef.com
uf.noclef.com |
8 KB |
7 |
cdnreference.com
www.cdnreference.com |
165 KB |
4 |
fbdate.me
1 redirects
fbdate.me |
19 KB |
2 |
retargetcore.com
retargetcore.com |
2 KB |
2 |
datiofinder.com
2 redirects
datiofinder.com |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
24 KB |
1 |
googleapis.com
fonts.googleapis.com Failed |
426 B |
1 |
usertolook.com
1 redirects
usertolook.com |
481 B |
1 |
gooolinks.com
1 redirects
gooolinks.com |
823 B |
1 |
funonthecards.info
funonthecards.info |
915 B |
1 |
goo.gl
1 redirects
goo.gl |
756 B |
27 | 11 |
Domain | Requested by | |
---|---|---|
11 | uf.noclef.com |
retargetcore.com
uf.noclef.com |
7 | www.cdnreference.com |
fbdate.me
|
4 | fbdate.me |
1 redirects
funonthecards.info
retargetcore.com |
2 | retargetcore.com |
www.cdnreference.com
fbdate.me |
2 | datiofinder.com | 2 redirects |
1 | www.googletagmanager.com |
fbdate.me
|
1 | fonts.googleapis.com |
fbdate.me
|
1 | usertolook.com | 1 redirects |
1 | gooolinks.com | 1 redirects |
1 | funonthecards.info | |
1 | goo.gl | 1 redirects |
27 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fbdate.me Amazon |
2019-06-05 - 2020-07-05 |
a year | crt.sh |
cdnreference.com Amazon |
2019-06-06 - 2020-07-06 |
a year | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
retargetcore.com Amazon |
2019-06-05 - 2020-07-05 |
a year | crt.sh |
noclef.com Amazon |
2019-12-12 - 2021-01-12 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://fbdate.me/jump?tds_campaign=g1162tag&tds_id=g1162tag_jump_a_523547173656&tds_oid=19187&tds_cid=4b695658faa083f876c4ef567a26b94efdb5808b&tds_host=fbdate.me&dci=adc11a160949fb5ff6b0f822768f23e6bcfb059d&id=19187&utm_campaign=f97a64ef&utm_source=int&utm_content=1004&data2=JXUHuYCM&_tgUrl=aHR0cHM6Ly9mYmRhdGUubWUvdGRzL2NwYT9pZD0xOTE4NyZkY2k9YWRjMTFhMTYwOTQ5ZmI1ZmY2YjBmODIyNzY4ZjIzZTZiY2ZiMDU5ZCZ0ZHNfaG9zdD1mYmRhdGUubWUmdGRzSWQ9ZzExNjJ0YWdfdGRzX3NpdGVfZ3JvdXBfYV81MjM1NDcxNzM2NTYmdGRzX2NhbXBhaWduPWcxMTYydGFnJnRkc19pZD1nMTE2MnRhZ19qdW1wX2FfNTIzNTQ3MTczNjU2JnRkc19vaWQ9MTkxODcmdXRtX3NvdXJjZT1pbnQmdXRtX2NhbXBhaWduPWY5N2E2NGVmJnV0bV9jb250ZW50PTEwMDQmZGF0YTI9SlhVSHVZQ00mdXRtX3N1Yj1vcG5mbmwmbT1wcyZ0ZHNfY2lkPTRiNjk1NjU4ZmFhMDgzZjg3NmM0ZWY1NjdhMjZiOTRlZmRiNTgwOGImcF90ZHNfY2lkPWM3NjJkYjViY2VmYjczYTZkOWQ2ZjA3YzllZDBiMWMyYzAwNzk0MGEmdGRzX3JlYXNvbj1kaXJlY3QmdGRzX3NwbGl0PWE%3D&tds_rt=&_boUrl=aHR0cHM6Ly9mYmRhdGUubWUvdGRzL2NwYS9iYWNrb2ZmZXJJbnRlcmxheWVyP3Rkc19ob3N0PWZiZGF0ZS5tZSZkY2k9YWRjMTFhMTYwOTQ5ZmI1ZmY2YjBmODIyNzY4ZjIzZTZiY2ZiMDU5ZCZpZD0xOTE4NyZ1dG1fY2FtcGFpZ249Zjk3YTY0ZWYmdXRtX3NvdXJjZT1pbnQmdXRtX2NvbnRlbnQ9MTAwNCZkYXRhMj1KWFVIdVlDTSZ0ZHNJZD1iMzEwN3podV9yJnV0bV9zdWI9b3BuZm5sJm09cHMmcF90ZHNfY2lkPTRiNjk1NjU4ZmFhMDgzZjg3NmM0ZWY1NjdhMjZiOTRlZmRiNTgwOGImdGRzX3JlYXNvbj1kaXJlY3QmdGRzX2JvX29yaWdpbj1qdW1w
Frame ID: 5FF9044F7DC799CF4829B2E6B4ED66EC
Requests: 24 HTTP requests in this frame
Frame:
https://uf.noclef.com/c_js/rtSlot/init?event=jumpVisit0Sec
Frame ID: 310DD609EC9AD652E9696A3121627FCA
Requests: 1 HTTP requests in this frame
Frame:
https://uf.noclef.com/c_js/rtSlot/init?event=complVisit0Sec
Frame ID: 34A95EE463311842DF61997FD35A5F90
Requests: 1 HTTP requests in this frame
Frame:
https://uf.noclef.com/c_js/rtSlot/init?event=jumpVisit10Sec
Frame ID: 609842F8CFEF02E85448CABF8A846C85
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://goo.gl/qevKVa
HTTP 302
http://funonthecards.info/?&ciEFyGF Page URL
-
http://gooolinks.com/start_send2.php?&affid=1004?&ciEFyGF&email=myriam.carbonez@hotmail.com
HTTP 302
http://usertolook.com/vp.php?cid=1031&affid=1004&var1=&email=myriam.carbonez@hotmail.com&ret=http%... HTTP 302
http://datiofinder.com/?offerid=201&sub5=myriam.carbonez@hotmail.com&repid=1004&sub1= HTTP 302
http://datiofinder.com/?offerid=152&sub5=myriam.carbonez@hotmail.com&repid=1004&sub1= HTTP 302
https://fbdate.me/tds/cpa?tdsId=p6279zol_r&tds_campaign=p6279zol&utm_source=int&utm_campaign=f... HTTP 302
https://fbdate.me/jump?tds_campaign=g1162tag&tds_id=g1162tag_jump_a_523547173656&tds_oid=19187... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://goo.gl/qevKVa
HTTP 302
http://funonthecards.info/?&ciEFyGF Page URL
-
http://gooolinks.com/start_send2.php?&affid=1004?&ciEFyGF&email=myriam.carbonez@hotmail.com
HTTP 302
http://usertolook.com/vp.php?cid=1031&affid=1004&var1=&email=myriam.carbonez@hotmail.com&ret=http%3A%2F%2Fdatiofinder.com%2F%3Fofferid%3D201&dcc=17432801 HTTP 302
http://datiofinder.com/?offerid=201&sub5=myriam.carbonez@hotmail.com&repid=1004&sub1= HTTP 302
http://datiofinder.com/?offerid=152&sub5=myriam.carbonez@hotmail.com&repid=1004&sub1= HTTP 302
https://fbdate.me/tds/cpa?tdsId=p6279zol_r&tds_campaign=p6279zol&utm_source=int&utm_campaign=f97a64ef&utm_content=1004&data2=JXUHuYCM&utm_sub=opnfnl&m=ps HTTP 302
https://fbdate.me/jump?tds_campaign=g1162tag&tds_id=g1162tag_jump_a_523547173656&tds_oid=19187&tds_cid=4b695658faa083f876c4ef567a26b94efdb5808b&tds_host=fbdate.me&dci=adc11a160949fb5ff6b0f822768f23e6bcfb059d&id=19187&utm_campaign=f97a64ef&utm_source=int&utm_content=1004&data2=JXUHuYCM&_tgUrl=aHR0cHM6Ly9mYmRhdGUubWUvdGRzL2NwYT9pZD0xOTE4NyZkY2k9YWRjMTFhMTYwOTQ5ZmI1ZmY2YjBmODIyNzY4ZjIzZTZiY2ZiMDU5ZCZ0ZHNfaG9zdD1mYmRhdGUubWUmdGRzSWQ9ZzExNjJ0YWdfdGRzX3NpdGVfZ3JvdXBfYV81MjM1NDcxNzM2NTYmdGRzX2NhbXBhaWduPWcxMTYydGFnJnRkc19pZD1nMTE2MnRhZ19qdW1wX2FfNTIzNTQ3MTczNjU2JnRkc19vaWQ9MTkxODcmdXRtX3NvdXJjZT1pbnQmdXRtX2NhbXBhaWduPWY5N2E2NGVmJnV0bV9jb250ZW50PTEwMDQmZGF0YTI9SlhVSHVZQ00mdXRtX3N1Yj1vcG5mbmwmbT1wcyZ0ZHNfY2lkPTRiNjk1NjU4ZmFhMDgzZjg3NmM0ZWY1NjdhMjZiOTRlZmRiNTgwOGImcF90ZHNfY2lkPWM3NjJkYjViY2VmYjczYTZkOWQ2ZjA3YzllZDBiMWMyYzAwNzk0MGEmdGRzX3JlYXNvbj1kaXJlY3QmdGRzX3NwbGl0PWE%3D&tds_rt=&_boUrl=aHR0cHM6Ly9mYmRhdGUubWUvdGRzL2NwYS9iYWNrb2ZmZXJJbnRlcmxheWVyP3Rkc19ob3N0PWZiZGF0ZS5tZSZkY2k9YWRjMTFhMTYwOTQ5ZmI1ZmY2YjBmODIyNzY4ZjIzZTZiY2ZiMDU5ZCZpZD0xOTE4NyZ1dG1fY2FtcGFpZ249Zjk3YTY0ZWYmdXRtX3NvdXJjZT1pbnQmdXRtX2NvbnRlbnQ9MTAwNCZkYXRhMj1KWFVIdVlDTSZ0ZHNJZD1iMzEwN3podV9yJnV0bV9zdWI9b3BuZm5sJm09cHMmcF90ZHNfY2lkPTRiNjk1NjU4ZmFhMDgzZjg3NmM0ZWY1NjdhMjZiOTRlZmRiNTgwOGImdGRzX3JlYXNvbj1kaXJlY3QmdGRzX2JvX29yaWdpbj1qdW1w Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://goo.gl/qevKVa HTTP 302
- http://funonthecards.info/?&ciEFyGF
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
funonthecards.info/ Redirect Chain
|
685 B 915 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
jump
fbdate.me/ Redirect Chain
|
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webPushMotivationPopupSmall.css
www.cdnreference.com/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53e1897753d34848f5362c73f06da885.css
www.cdnreference.com/landings/19187/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
993aa9d4e15af9c46c6b01ed2388953e.js
www.cdnreference.com/landings/19187/js/ |
96 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.gif
www.cdnreference.com/landings/19187/images/ |
116 KB 117 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
www.cdnreference.com/landings/19187/images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webPushMotivationPopupSmall.js
www.cdnreference.com/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_img.js
www.cdnreference.com/js/ |
564 B 877 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
739 B 426 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp_ec.js
retargetcore.com/fp/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
uf.noclef.com/c_js/ |
8 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
secoffer.js
fbdate.me/ |
613 B 959 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mtu-integration-bridge.js
fbdate.me/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac3fc68831981c704535980c826941a5
retargetcore.com/43fbb6270523e1760fa5f0d2579dea07/ |
35 B 502 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtr.js
uf.noclef.com/c_js/ |
976 B 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtl.js
uf.noclef.com/c_js/ |
2 KB 990 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpush.js
uf.noclef.com/c_js/ |
71 B 377 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha.js
uf.noclef.com/c_js/ |
2 KB 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbdate.me
uf.noclef.com/v1/recaptcha/inject/ |
113 B 346 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbdate.me
uf.noclef.com/v1/rtr/check/ |
24 B 255 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
codes
uf.noclef.com/v1/rtl/ |
317 B 549 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
uf.noclef.com/c_js/rtSlot/ Frame 310D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
uf.noclef.com/c_js/rtSlot/ Frame 34A9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
uf.noclef.com/c_js/rtSlot/ Frame 6098 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,600,700italic,700
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| _ins_opt object| adsLayer object| DataCloudEC function| _dct object| WebPushMotivationPopup object| google_tag_manager function| onRecaptchaLoadCallback object| ufApp3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
uf.noclef.com/ | Name: visitor_id Value: 5df3fb59defafd001d3b7050 |
|
fbdate.me/ | Name: AWSALB Value: EBabclwYMIhccEzsKDdUYoXBXYuov3E7xi6xEeG980vakVhCSQ5JDYyHNntPfZ2zmSPvyLpRez8TyhGddrMGsDiPeBuO0YhgDV9GDlS/DougfZAqqxqgNK5CQAK6 |
|
.fbdate.me/ | Name: dci Value: adc11a160949fb5ff6b0f822768f23e6bcfb059d |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
datiofinder.com
fbdate.me
fonts.googleapis.com
funonthecards.info
goo.gl
gooolinks.com
retargetcore.com
uf.noclef.com
usertolook.com
www.cdnreference.com
www.googletagmanager.com
fonts.googleapis.com
208.94.65.205
2600:9000:20eb:b000:a:cd44:7f80:93a1
2a00:1450:4001:808::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:825::200a
3.122.9.38
46.249.48.11
46.249.48.12
52.29.47.222
52.29.68.89
068863b4334302059776ab75bcb135799ecfa8ca85a78b2f97f594d74a564753
117c491367b0bbeb47d8e3ce745ba524a01b37598b966b9b00e81188d0a599a2
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
42c7938c4d49cd90c7be8b30c19bbf582b7c4fb7c7b2bddfd6c9384fd7de61cb
4514cd2de379cdaad87fd64fdc67ed6053614d265f50e380a58f726b57bfc8de
541a9d5f694932e627e6f97860bb380fb90c2e1b1366b5efdbd64c412305b93a
5e4f2ff5631af1f28c050f82b71604ccbcc3661c9969fae7f085341c5a00b86f
693ab511dfb8146a75e05a4d2b28e52a49447814bb190a092e61eb2f1ded56a7
6db275a7e4a0bdcefaca1a2900dcf636b8dc6028c0855a3bb2e3d4cd98854855
7ba112bbbdc2ca472ff358e67084da404815ab54d5d1a35005b0446995277a50
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f
8fead59cc17d71966ad8c63c36d8e27fa2be2d83b6577434d64eed4ef305e895
94b833c90aa95854ee402c7cfd3f8cff7de24d64653e9a30ad761477f63ed55e
9a78bc8f5a945195574e58b87eb0601b66358bd83d816601fd5230cf4256d2a1
a52867a8e1120623ae8cacf240a4a1c78b9f629a067182ae83a75b8cd9adcf66
ad93ebf236149854e02b2dcb7ca0095033c5fb6b9fa3540da68cfb8ec8ec38d6
b24fabfed2bb56269fe49bf9521ba516c1aebbf6081cf3b4008a68a50ba75b9b
c9ac115acdd3526f6de72d6a1c1e6a18a46d5b21f4a540e233558c94fe24556a
db44a016811044de2b5f5ba318ec86bb76c38a4a9b342a627c8f0884589ea34b
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a
f4de590557954db4620cac91198d8f4c304f59b1d0b746db178e0081388d7514
f659f8ecb8fe2bc0a5ed11df12128a4ae021b6494c07a8eba9778d5a55396cdd