www.benefitscanada.com
Open in
urlscan Pro
2600:9000:214f:5e00:1e:da0c:3ac0:93a1
Public Scan
Effective URL: https://www.benefitscanada.com/pensions/retirement/canadian-women-are-16-less-confident-about-retiring-than-men-survey/
Submission: On March 21 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 8th 2023. Valid for: a year.
This is the only time www.benefitscanada.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 216.39.113.144 216.39.113.144 | 23342 (UNITEDLAYER) (UNITEDLAYER) | |
20 | 2600:9000:214... 2600:9000:214f:5e00:1e:da0c:3ac0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:80e::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 108.138.17.47 108.138.17.47 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 18.66.122.127 18.66.122.127 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:801::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 151.101.2.132 151.101.2.132 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:400c:c0c::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.130.132 151.101.130.132 | 54113 (FASTLY) (FASTLY) | |
3 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE) | |
52 | 14 |
ASN16509 (AMAZON-02, US)
www.benefitscanada.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-47.fra56.r.cloudfront.net
static.freeskreen.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
fonts.gstatic.com | |
www.google.de |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-127.fra60.r.cloudfront.net
sb.freeskreen.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
benefitscanada.com
www.benefitscanada.com — Cisco Umbrella Rank: 796363 |
631 KB |
5 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 |
161 KB |
5 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
249 KB |
4 |
m32.media
rdc.m32.media — Cisco Umbrella Rank: 27984 fastlygeo.m32.media — Cisco Umbrella Rank: 30886 |
59 KB |
4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 |
3 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25 |
20 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
136 KB |
3 |
freeskreen.com
static.freeskreen.com — Cisco Umbrella Rank: 54782 sb.freeskreen.com — Cisco Umbrella Rank: 41430 |
30 KB |
3 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6069 |
515 B |
1 |
mb00.net
1 redirects
t.mb00.net |
454 B |
52 | 11 |
Domain | Requested by | |
---|---|---|
20 | www.benefitscanada.com |
www.benefitscanada.com
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | fonts.googleapis.com |
www.benefitscanada.com
|
3 | securepubads.g.doubleclick.net |
rdc.m32.media
securepubads.g.doubleclick.net |
3 | rdc.m32.media |
www.benefitscanada.com
www.googletagmanager.com rdc.m32.media |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | www.googletagmanager.com |
www.benefitscanada.com
www.googletagmanager.com |
3 | www.google.com |
www.benefitscanada.com
|
2 | www.google.de | |
2 | stats.g.doubleclick.net |
www.google-analytics.com
|
2 | sb.freeskreen.com |
static.freeskreen.com
www.benefitscanada.com |
1 | fastlygeo.m32.media |
rdc.m32.media
|
1 | www.gstatic.com |
www.google.com
|
1 | static.freeskreen.com |
www.benefitscanada.com
|
1 | t.mb00.net | 1 redirects |
52 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.avantages.ca |
www.ciin.ca |
www.facebook.com |
twitter.com |
www.linkedin.com |
benefitscanada.com |
ladingpage.tcmlesaffaires.pages.dialoginsight.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
avatar.tcmediasaffaires.com Amazon RSA 2048 M01 |
2023-02-08 - 2024-03-08 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
*.freeskreen.com Amazon RSA 2048 M02 |
2023-02-22 - 2023-12-16 |
10 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
*.m32.media Sectigo RSA Domain Validation Secure Server CA |
2023-01-13 - 2023-11-22 |
10 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.benefitscanada.com/pensions/retirement/canadian-women-are-16-less-confident-about-retiring-than-men-survey/
Frame ID: 6CB9C47EC2C1A7C6C1191DCD57244399
Requests: 52 HTTP requests in this frame
Frame:
https://sb.freeskreen.com/t.gif?tm=1679400857&p=4265&c=5531&ttm=1679400857687&s=&d=&v=&t=2b89dbf0-e166-4d16-bf53-7ea7b48fc513&co=DE&pr=DE-BE&ci=Berlin&dm=null&flc=&slc=&e=AdOpened&m=2&x=null
Frame ID: F5B7F39F43B437C592AB9576A4EADC5C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Canadian women are 16% less confident about retiring than men: survey | Benefits Canada.comPage URL History Show full URLs
-
http://t.mb00.net/s/c?5g.1b8fd.5.7yhel.t2h
HTTP 302
https://www.benefitscanada.com/pensions/retirement/canadian-women-are-16-less-confident-about-retiring-than... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: AVANTAGES
Search URL Search Domain Scan URL
Title: CIIN
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: See all
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://t.mb00.net/s/c?5g.1b8fd.5.7yhel.t2h
HTTP 302
https://www.benefitscanada.com/pensions/retirement/canadian-women-are-16-less-confident-about-retiring-than-men-survey/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.benefitscanada.com/pensions/retirement/canadian-women-are-16-less-confident-about-retiring-than-men-survey/ Redirect Chain
|
89 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.min-1.0.0.css
www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/assets/css/ |
164 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.benefitscanada.com/wp-content/themes/avatar-tcm/ |
533 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-1.0.8.css
www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-be/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.js
www.benefitscanada.com/wp-content/cache/busting/7/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min-1.4.1.js
www.benefitscanada.com/wp-content/cache/busting/7/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 874 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
freeskreen.min.js
static.freeskreen.com/ba/20/ |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Benefits_logo.png
www.benefitscanada.com/wp-content/uploads/sites/7/2022/07/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2022-Money-Managers-edirect_MMD-Widget.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2020/12/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PSGV_widget_345x150_draft1.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2022/12/ |
45 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RebuildingWork_homepageWidget_345x150_draft1.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2022/12/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BCHS-Report-2022-HomepageWidget-345x150-ENG.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2022/08/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BenefitsCanada-Logo-White.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/08/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CIR_Logo_Horizontal_CMYK_white.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/09/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CIIN-logo.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/09/ |
57 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Avantages_2012w.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/06/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.min.js
www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/javascripts/ |
76 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/javascripts/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 907 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 694 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 536 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
129 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazyload-10.3.5.min.js
www.benefitscanada.com/wp-content/plugins/wp-rocket/inc/front/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ |
26 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ |
407 KB 163 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
167492169_2.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2023/03/ |
92 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
sb.freeskreen.com/publisher/ |
67 KB 20 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
madops.js
rdc.m32.media/ |
156 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m32pixel.min.js
rdc.m32.media/ |
56 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.gif
sb.freeskreen.com/ Frame F5B7 |
43 B 412 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 214 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 69 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 354 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.json
rdc.m32.media/adops/custom_files/benefitscanada.com/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fastlygeo.m32.media/ |
173 B 346 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
77 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 296 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2023031601.js
securepubads.g.doubleclick.net/gpt/ |
396 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
80 B 75 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
89 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| $ function| jQuery object| dataLayer number| CurrentYear object| translated_string object| avatar_theme_url object| m32_context object| lazyLoadOptions object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _extends function| _typeof function| LazyLoad boolean| parentAccessible number| _timeout object| _vendors string| _gdprTimeoutConsent function| getTCFVersion function| getCCPAVersion object| fskWindow function| Sizzle function| fskLib function| FSK_getExtraParameters boolean| FskHasLoaded object| _fskparameters function| _fskParseGetParameters undefined| fskffc undefined| fskcfc function| _fskInsertScript function| _fskProcessInsertGDPR object| as function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension object| jQuery11240264839268044611 object| ias function| Konami number| speed object| easter_egg object| navbar undefined| sticky object| navbar_single undefined| addStickyNavbar undefined| addStickyNavbarSingle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| scr object| recaptcha function| gtag function| FskAds function| _FskGetCmpId boolean| _FskHasGgl object| _fskadsparameters object| _fskadunits object| _fskgeo function| _fskAddListener object| _FskAds function| FskRequestAnimationFrame boolean| isAllowed object| _fskconf object| gaplugins object| gaGlobal object| gaData object| googletag object| PWT object| madops object| m32shr boolean| M32DEBUG string| M32VERSION object| CryptoJS object| m32pixel function| Fingerprint2 number| __m32geoStatus function| delay object| __m32geoFct object| __m32geo object| __m32consent object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
t.mb00.net/s | Name: wtIDS Value: 5g.1b8fd.5.7yhel.t2h |
|
t.mb00.net/s | Name: wtIDV Value: 5g.1b8fd.5.7yhel.t2h |
|
.freeskreen.com/ | Name: a Value: NTUzMT0xfHw7 |
|
.freeskreen.com/ | Name: scmtid Value: "c2NtaWQ9ZmdnaGZpYWFlamhnYlRYcVJVWkJrV3F8MTY3OTQwMDg1NzY2NQ==" |
|
.benefitscanada.com/ | Name: _ga Value: GA1.2.928490758.1679400858 |
|
.benefitscanada.com/ | Name: _gid Value: GA1.2.695348194.1679400858 |
|
.benefitscanada.com/ | Name: _gat_UA-2314729-4 Value: 1 |
|
.benefitscanada.com/ | Name: _gat_gtag_UA_2314729_4 Value: 1 |
|
www.benefitscanada.com/ | Name: m32_pubgeo Value: JTdCJTIyaXAlMjIlM0ElMjI4MC4yNTUuNy4xMDMlMjIlMkMlMjJjb3VudHJ5X2NvZGUlMjIlM0ElMjJERSUyMiUyQyUyMmNvdW50cnlfbmFtZSUyMiUzQSUyMmdlcm1hbnklMjIlMkMlMjJyZWdpb25fY29kZSUyMiUzQSUyMkhFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMmthc3NlbCUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNTEuMzElMkMlMjJsb25naXR1ZGUlMjIlM0E5LjUzJTJDJTIybWV0cm8lMjIlM0EyNzYwMDMlMkMlMjJwb3N0YWxfY29kZSUyMiUzQSUyMjM0MTIzJTIyJTdE |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fastlygeo.m32.media
fonts.googleapis.com
fonts.gstatic.com
rdc.m32.media
sb.freeskreen.com
securepubads.g.doubleclick.net
static.freeskreen.com
stats.g.doubleclick.net
t.mb00.net
www.benefitscanada.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
108.138.17.47
151.101.130.132
151.101.2.132
18.66.122.127
216.39.113.144
2600:9000:214f:5e00:1e:da0c:3ac0:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9c
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
131c2a656e113a4214bec9bd4c7f6e04f1dcba39e90d5fd86b5127649598fd55
14466f041b4b990865284bd6eb409aed61ebf2fa42ae0dbc3b467ab95146d71c
1d442b0e1c5ab0b81be56be7ed8e10f411b2b71f9bd31d533a9c19e4919bb526
1f01c860bdb5390bf81294d8b174c53072f9b9fe6ec5e7e3ac675329f1faca81
2593b8ce1dd7728ac059edd47a6c5fec2de18f8354c11a1f9ba3b842c0e749ec
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31562a21b5a205efcf23d93682d66684115f675d04d84e2638f17f980a9dd423
3a908e18d4264aa0f02ccfc1acdf7c164a7fb8bceae2a1c90a1fce524642b507
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4f6acf006930559a4a92d99bed84fd4655eac1194bc08bfcc8cde54c9c3f1c97
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
70c89266b80404dc5a1c9c91a23a53386ec1d1f7ca16cc98a8353a3109c4023d
7649fc545dd602a6776d5b01803d892484a187f836cdc5892e2215ea0b232618
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
885db8262526839be955cf05eadebd0f298766ba0971fe5880fb09e3f5071d6a
8be4a3e0bbc935b1f3a15f782900e568c54a6268ba4404833ed8fc50cdbef040
8f42cfa3c8ef87f84cbf220cab248f0c451f3ac31411e0240f1f3cf4bd2e85c7
8fd0ccdc9a9667dccafebb9a4f8ad15811d05e7318432975b76b75c398318062
9b1b4144aa0b8824f7cb1e4ca8b537d16c881f32b5dc9178f9257b22e4a420ab
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
a83f71d64b85235083085b854f10962a402c85873b53e62d052d71aafe9ebac5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b59668075b67f78c188d4186567ebc8077567486445d17c65c4ea836ffa0ac42
bb9be786bb07390e53ac9b1f6e6344aae5e22d8a8b3c662a7eac6eebcd28f96c
c29e3e7c80d23382bfa0b335660ecc9d3525d1d267d2a060cc6c0cccd7c56d7b
c6644d5e582c798ad136b3b2619fddd906e75ad3f2911bc5d50e0c83a11b60e6
d1b2fea3da8ae6e778c7bd0b86b351112ccbcbfc8a088a10443ef479ca5412d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3a3e39fca849dd5ca088dcb3176b67eb7258689b1e4b63f7f410e8479a7bf64
e49b3b965d5090252ff51b3bd2ac2d65872b7a9160bb5e575af2e6886824669b
e81f118d334e426146c5b6e3c672d89309e45d448e35f9e0c8f28c0c82f8cc1f
e8541d6ca2ec496ef20ce369b49574983997543cc150f1d6f756f3b56019a4f4
e9ad5f2249841dc7d21706f582f33dc92bfd3629abe38db96a02226bf45fa003
ea0ae4fae8924dd26f897ee18cb3b8477306b682a8d7a758abd8da7fb55c1cb7
ee30dfefc3b21776329dcdcc03bd10c08b79afadcae7dfbd2df9bad0319767fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f5ab5d23a68b3a0d10794fda192fba4e40f0a7616173c9a68b82f44a8d9406
f37baa7ed3a84e3e1ac894a654e9ec6e322bf1a1a1a8ff36d4c515fd9621b7b9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7e53c12ccf99e2b09ca2a2bd86617f0d58990e4f851ceefaad4814ced2bdcb4
fad6921438493bdaccf27caa773ed5a79e7a1498b4c8d1a23ccb620e6d8c4dbf
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e