![](/screenshots/d9739079-7a22-4cd3-9d64-8a7c5d741da8.png)
www.benefitsandpensionsmonitor.com
Open in
urlscan Pro
104.26.15.213
Public Scan
Effective URL: https://www.benefitsandpensionsmonitor.com/
Submission: On September 06 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1P5 on August 17th 2023. Valid for: 3 months.
This is the only time www.benefitsandpensionsmonitor.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com
cdn.sajari.com |
ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
googleads.g.doubleclick.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-242-75.compute-1.amazonaws.com
in.ml314.com |
ASN15169 (GOOGLE, US)
PTR: bl-in-f113.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-27-28.compute-1.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-173-20.compute-1.amazonaws.com
sync.crwdcntrl.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com
ps.eyeota.net |
ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
www.googletagservices.com | |
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eastus-8.in.applicationinsights.azure.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
googlesyndication.com
c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 |
623 KB |
18 |
doubleclick.net
1 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 |
185 KB |
12 |
ml314.com
3 redirects
ml314.com — Cisco Umbrella Rank: 2152 in.ml314.com — Cisco Umbrella Rank: 11766 |
13 KB |
12 |
keymedia.com
cdn-res.keymedia.com — Cisco Umbrella Rank: 258022 |
62 KB |
9 |
benefitsandpensionsmonitor.com
1 redirects
www.benefitsandpensionsmonitor.com |
42 KB |
7 |
lytics.io
c.lytics.io — Cisco Umbrella Rank: 11144 |
67 KB |
6 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226 |
340 KB |
4 |
gstatic.com
fonts.gstatic.com |
88 KB |
3 |
eyeota.net
2 redirects
ps.eyeota.net — Cisco Umbrella Rank: 1178 |
2 KB |
3 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1729 eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 9378 |
45 KB |
3 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1204 |
169 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
2 |
crwdcntrl.net
2 redirects
sync.crwdcntrl.net — Cisco Umbrella Rank: 957 |
583 B |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 379 |
692 B |
2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 447 |
833 B |
2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 234 |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
147 KB |
2 |
sajari.com
cdn.sajari.com — Cisco Umbrella Rank: 76156 |
248 KB |
1 |
amazonaws.com
s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 2420 |
59 KB |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 8913 |
455 B |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49 |
258 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249 |
6 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58 |
1 KB |
1 |
bpmmagazine.com
1 redirects
www.bpmmagazine.com |
427 B |
105 | 24 |
Domain | Requested by | |
---|---|---|
17 | securepubads.g.doubleclick.net |
1 redirects
www.benefitsandpensionsmonitor.com
securepubads.g.doubleclick.net js.monitor.azure.com www.googletagservices.com |
16 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
www.benefitsandpensionsmonitor.com tpc.googlesyndication.com |
12 | cdn-res.keymedia.com |
www.benefitsandpensionsmonitor.com
|
11 | ml314.com |
3 redirects
www.benefitsandpensionsmonitor.com
ml314.com |
9 | www.benefitsandpensionsmonitor.com |
1 redirects
www.benefitsandpensionsmonitor.com
|
7 | c.lytics.io |
www.benefitsandpensionsmonitor.com
c.lytics.io |
6 | pagead2.googlesyndication.com |
js.monitor.azure.com
www.googletagservices.com tpc.googlesyndication.com |
6 | www.googletagservices.com |
securepubads.g.doubleclick.net
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | ps.eyeota.net |
2 redirects
www.benefitsandpensionsmonitor.com
|
3 | use.fontawesome.com |
www.benefitsandpensionsmonitor.com
use.fontawesome.com |
2 | eastus-8.in.applicationinsights.azure.com |
js.monitor.azure.com
|
2 | www.google.com |
www.benefitsandpensionsmonitor.com
tpc.googlesyndication.com |
2 | sync.crwdcntrl.net | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | dpm.demdex.net |
1 redirects
www.benefitsandpensionsmonitor.com
|
2 | www.googletagmanager.com |
www.benefitsandpensionsmonitor.com
www.googletagmanager.com |
2 | cdn.sajari.com |
www.benefitsandpensionsmonitor.com
cdn.sajari.com |
1 | s3.us-west-2.amazonaws.com |
c.lytics.io
|
1 | www.google.ca |
www.benefitsandpensionsmonitor.com
|
1 | c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | in.ml314.com |
ml314.com
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | js.monitor.azure.com |
www.benefitsandpensionsmonitor.com
|
1 | cdnjs.cloudflare.com |
www.benefitsandpensionsmonitor.com
|
1 | fonts.googleapis.com |
www.benefitsandpensionsmonitor.com
|
1 | www.bpmmagazine.com | 1 redirects |
105 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
premium.benefitsandpensionsmonitor.com |
www.keymedia.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
benefitsandpensionsmonitor.com GTS CA 1P5 |
2023-08-17 - 2023-11-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
use.fontawesome.com GTS CA 1P5 |
2023-09-01 - 2023-11-30 |
3 months | crt.sh |
keymedia.com Cloudflare Inc ECC CA-3 |
2023-03-19 - 2024-03-18 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
cdn.sajari.com GTS CA 1D4 |
2023-08-30 - 2023-11-28 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06 |
2023-06-21 - 2024-06-15 |
a year | crt.sh |
ml314.com GTS CA 1D4 |
2023-08-05 - 2023-11-03 |
3 months | crt.sh |
*.ml314.com Amazon RSA 2048 M02 |
2023-02-27 - 2023-12-14 |
10 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01 |
2023-04-11 - 2023-12-28 |
9 months | crt.sh |
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-05 - 2024-08-30 |
a year | crt.sh |
This page contains 12 frames:
Primary Page:
https://www.benefitsandpensionsmonitor.com/
Frame ID: 57F06B25ADB015199A2BA545B64D5485
Requests: 60 HTTP requests in this frame
Frame:
https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: 82897E4D404E51EF8E73EEA1258626B8
Requests: 2 HTTP requests in this frame
Frame:
https://c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B64C2EED029E75E1F599944934D9BDD
Requests: 1 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMMwAQY02uJDVy344tYVzMBMg2NbdYbGrOe_kCaoE5SVzOHhelEBPWjqMgMSrgxjcY-UOmL7uzLAxin-GoisxegBxStnipaXAPW30No5IYoPO9779dMO0OI6cWPmW_sDbJGzgYqbb3zXhWuCW9U1Qbm8OHZzrQZZ-G0Ia6TLH5Bfi2esRg1-4JB6fh4yqYK0GffRDYDBWNVqys4EcrYDuGZ5UanVQHphXhYiSNVKzEfEeQ2PuRsaIj0tvbY21Nuo1xvzWfHc63gUhI5wB6ft8H3JuGWD5avaFZUU_ZpZ-N1Mfla8YwWH6iMQBZh1A1nUYccCgAqr2TLsdd1bnqT0MXJ0ZlZwThUH5LOKgnhS8E-diCY6KNyeSevcg9NHSrshUWlESq7bjIfQ1v0DNqF6MhB-o&sai=AMfl-YTTI4lF3BYj4dPlWLXPj-eEVxy4gqSNhiWzmZbGEVLQ4SmJDOyJe96cCHbTLJRH5CYlBq4HuZAxfw3sRXiYcc4s3pmaw9tbM8gNPqLg6jVIlD6Q3OP0w_0UR0cltGMfR18iMQSxuAD_1STARZMD&sig=Cg0ArKJSzNzQLwFOb-pYEAE&uach_m=[UACH]&adurl=
Frame ID: A8E5D4376941047036FB62E7F05AE4A1
Requests: 7 HTTP requests in this frame
Frame:
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=BPMW_BMO_Global_Asset_Management_inc&cb=1355721217
Frame ID: 3AACF277790E8D94146692D3C6BAFCED
Requests: 8 HTTP requests in this frame
Frame:
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=805016255
Frame ID: 36E882A5630381518F4A3C27547F655B
Requests: 7 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYggXBUT7eiPhDEKWm6cYj75z8WWfpL2g8CDcdWDrTFqjjeMAYP5jCCVF2i1WObn4PGRUyt3nBTQQLJPn_7f0M_IVxr8ecNud8QfEKi0z_Xc7BnqRcfrtTMSx0qIBbu9hTAe9xpyxTIg3Pg-9y8H9jK80PObgdC6TrmvgKH8aezWrMhlj1pl-1eSWiglxmRm-9vU40lUrIXxjDgERxwAO1ZPxE1BmMFhH04TsfUtpanx2XtnzU0sOPchscOllr-mnbjKQzhh0a2ncJNyIP590jrOHyGP8se6wJloHdf7qFQZQLccWAc5xWL0wb6hCf2pFAYONmEd96-4_QUOcVhquoYE1G-m3XxiFjs_o&sai=AMfl-YRj4CnZrSfRdfUf4GmTnZvjAwAGbElQnduW3Hsqo1emF6Vw1ZaTTXGMtIXC6U7MYixX9BeAEvrmkb4C6t_ScWbMpbz-vBOv9OieTTUs8bUwIDJAymx2uy113eRtttz1jQeVjISky0kyaCqUd0-j&sig=Cg0ArKJSzKvrkpEseLnTEAE&uach_m=[UACH]&adurl=
Frame ID: E3409A69B7F161952D837909EADF070F
Requests: 6 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFkojfSNWlEyNBBvO_HjfuUuNA8IEW3Hqt3NUYiBXoASON4STv3BFqPN8bXSVO4kYEO7KYYk8WCVO_ca0v71HlRmUVAJ4wvVBApwk0F0zrazYOVnFA9UsJ-Kek6W79VH7lNW_xsCHC84tUMYpNm0Y6_NDU5wuc3G37I0F5xi7krKZa1HTW5fyxm5a3K7Bt9IX_GFX8TGT3TqUn7x7zCPv6HMCEIDKjtYbGnjnAxBW8359WfHAQVD-PKIROgC-p_m2GQYFiIKo3AtQKUwQv62oYhOysKBIl49Do4OCtDMb8nL5sPQ40dYSmj5cQd8CE_hanyJsZyVfb5Rcapjyvk3V5Ij0dSGO5q9D9FI0&sai=AMfl-YRRyGjJEyNgsm7owwuvGR1uThfiblPsJtY92u9pIBNPAlIpMJ58g7iBJc2dSnEZTtepkENZz4dXy0XXKVitYsYnnacdeqyjc6Mw7UliA97nLXphagBGkjp0Pk_azCQy9Vmgf4sX76Aq1EDcb9UQ&sig=Cg0ArKJSzAaPaEB2BYK5EAE&uach_m=[UACH]&adurl=
Frame ID: D185610503A56BB8A8B7C303EE281AA1
Requests: 6 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVBpXVsJHeD6fi9yKIcPf9GElsY5A9qLOvHs3uVplQIUSVQR8xkzvGZU9Qwzhx8vK3jfjuRpX6S2H-NSWabxAFoTQRfGnU8P4_ASGC3hA-Fbhd7UjaqeRvYmb8Lz4cd6c-vLRvw9EzHMnj6RDhOCTg8Dvy7mMjR3P0Q_jdweTKjVchiazqtGYAOc7w022FUW1Ps-4FRjdAvXnDMt0lNjPlLoAeiAlztFOKNTrTSuLvMejFsmgGmIeWdeQbdKw9tvMIcx1DkGw7P3iDaP2ADnmhkAJTIPf2wWT1KDKKRPvmoIt_ik4wDXBFn-h_vhEnbbGq6cEVQsNZ6YwWEioe5h0okJSpWp4uqpVas18&sai=AMfl-YTABKn2iUEkR9DnQlYvVgyyqP4TeFakbCfshi7im1XuOr4IDcMdIf2XDduEwURoHYcBHtWR1l8JoAVzdLDA5EQp6B9vviKEy991Sz0s-8h-6llYrBe4r-4G9Zya0lvHldY3weGxWr_IniFqg7lq&sig=Cg0ArKJSzKiNsZcrC6QsEAE&uach_m=[UACH]&adurl=
Frame ID: 451E14E4514A071D0FAD4E3E903C004D
Requests: 6 HTTP requests in this frame
Frame:
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=1677201037
Frame ID: 39812396796FAC2F93E9EB7CDD9D387F
Requests: 3 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57A05A454C5287B56ED3CD8415442E30
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F92D5C2E2A406B570D046B47184301C
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/d9739079-7a22-4cd3-9d64-8a7c5d741da8.png)
Page Title
Benefits and Pensions MonitorPage URL History Show full URLs
-
https://www.bpmmagazine.com/
HTTP 301
https://www.benefitsandpensionsmonitor.com/ Page URL
Detected technologies
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- googlesyndication\.com/
Detected patterns
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Underscore.js.png)
Detected patterns
- underscore.*\.js(?:\?ver=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.bpmmagazine.com/
HTTP 301
https://www.benefitsandpensionsmonitor.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
- https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3638329944546738185&redir= HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638329944546738185&redir=
- https://idsync.rlcdn.com/395886.gif?partner_uid=3638329944546738185 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzODMyOTk0NDU0NjczODE4NRAAGg0I7dPhpwYSBQjoBxAAQgBKAA HTTP 307
- https://ml314.com/csync.ashx?fp=b2a48fd0c21801c82d0b1617c053ecedecd120d12306692052d92f64b8c01b94f4cb09cee1a4f8eb&person_id=3638329944546738185&eid=50082
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
- https://ml314.com/utsync.ashx?eid=53819&et=0&fp=50e58a3f-1878-4992-aed7-3e6303b2976b&gdpr=0&gdpr_consent= HTTP 302
- https://ml314.com/csync.ashx?fp=50e58a3f-1878-4992-aed7-3e6303b2976b&person_id=3638329944546738185&eid=53819
- https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638329944546738185 HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638329944546738185 HTTP 302
- https://ml314.com/csync.ashx?fp=da19cc73a9f80eb4d57f672174a7237d&eid=50146&person_id=3638329944546738185
- https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
- https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2Ub4a92uCKyWpPK1tncN_V-EnjDFvWVFyzY6ES80DRtk&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
- https://ml314.com/csync.ashx?fp=2Ub4a92uCKyWpPK1tncN_V-EnjDFvWVFyzY6ES80DRtk&person_id=3638329944546738185&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
- https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
- https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdb9Uar1APYd2cPDSsehyuCbwrpNqycVnSIHq91TMfpalB0RdaCM4ERDYw--5a575jONutUtKZyGiSB0RxusJ-SnAFkCBC6vNjzX7WzPNSpxu9TTlQZLgXMN-wDT8dNA-mM2OvTAU3qsDv-jYL5i-ppyELvopn8hRMF5GL2GqiaX1B5e_h35P7fUIx3smhdkT3HL0BYTjDWnSkjhWvxnVd9DJ8sCbFbZY9KiUZjLWi2dxqe8bZDbTwFwYvtdIWGkrORGt5rB3NBZEVoUgo8lEn8wm19Ge376j5YOKgIeDCWIQNQP0Db2Ju5QMLRovdjnvcq1iLh64lAHMgta12g8kEQnF8gpeLoFy22TKypTaX8ogIlTU&sai=AMfl-YQl8RfBZmtCtlhtPvJqHHPLU-b_uI5v7rJabk-1vfrgjakka3JlCvpkxGDrB7wuhbjqaFOcRznpDsVkuh1Cbnm1KDftpPRzX1Aaa1UhpWexjVpnhuP1Pr_2IFcfXFaoY8rq71RlMRGyRy_fpHzG&sig=Cg0ArKJSzIa-PlitJBTVEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/938868486417794075? HTTP 302
- https://tpc.googlesyndication.com/simgad/938868486417794075
105 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.benefitsandpensionsmonitor.com/ Redirect Chain
|
72 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.15.1/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.css
www.benefitsandpensionsmonitor.com/css/ |
118 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638295214742556240.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=680,h=408,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
14 KB 15 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0321_638295213439339487.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
2 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638295211986099462.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
2 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0270_638291732631163108.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/us/036/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0416_638235740276059227.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
3 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0380_638243366583363374.png
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
4 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0379_638259010816384828.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
8 KB 8 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
98 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-white.svg
www.benefitsandpensionsmonitor.com/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.js
www.benefitsandpensionsmonitor.com/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
cdn.sajari.com/embed/1/ |
210 B 720 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
153 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ |
78 KB 79 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ |
77 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0416_638240720879273421.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=160,h=223,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
10 KB 11 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638295216018014012.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
3 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638290914930727478.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
5 KB 5 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0379_638271244057343798.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
2 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0416_638236786968401602.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
1 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-gray.svg
www.benefitsandpensionsmonitor.com/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.2.min.js
js.monitor.azure.com/scripts/b/ |
119 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/ Frame 8289 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
cdn.sajari.com/embed/2.24.0/ |
818 KB 248 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
80268d9feb5e842b
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8289 |
0 545 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ |
403 KB 127 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
67 B 85 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.min.js
c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/ |
67 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.aspx
ml314.com/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
266 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utsync.ashx
ml314.com/ |
644 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ud.ashx
in.ml314.com/ |
20 B 482 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 258 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fancybox_sprite.png
www.benefitsandpensionsmonitor.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
253 KB 27 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B64 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
csync.ashx
ml314.com/ Redirect Chain
|
43 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
csync.ashx
ml314.com/ Redirect Chain
|
43 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
csync.ashx
ml314.com/ Redirect Chain
|
43 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/948015301/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.ca/pagead/1p-user-list/948015301/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/cid/ |
24 B 448 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9139cc1e-3c02-458e-8bdb-f4fe0559de1f
c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/ |
129 KB 17 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/c/ |
35 B 397 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame A8E5 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame A8E5 |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8E5 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11202325669827928853
tpc.googlesyndication.com/simgad/ Frame A8E5 |
101 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utsync.ashx
ml314.com/ Frame 3AAC |
43 B 63 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 3AAC |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 3AAC |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AAC |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5410905114216313110
tpc.googlesyndication.com/simgad/ Frame 3AAC |
109 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utsync.ashx
ml314.com/ Frame 36E8 |
43 B 63 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 36E8 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 36E8 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 36E8 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8141981464877924056
tpc.googlesyndication.com/simgad/ Frame 36E8 |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame E340 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame E340 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E340 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2067408762714973922
tpc.googlesyndication.com/simgad/ Frame E340 |
120 KB 120 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame D185 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame D185 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D185 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13750746038314746937
tpc.googlesyndication.com/simgad/ Frame D185 |
101 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 451E |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 451E |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 451E |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2835067271640315872
tpc.googlesyndication.com/simgad/ Frame 451E |
84 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame A8E5 |
216 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 3AAC |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 36E8 |
212 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E340 |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D185 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 451E |
216 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utsync.ashx
ml314.com/ Frame 3981 |
43 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
938868486417794075
tpc.googlesyndication.com/simgad/ Frame 3981 Redirect Chain
|
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.js
c.lytics.io/static/ |
102 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 451E |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 3981 |
212 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 36E8 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame A8E5 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame D185 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.css
c.lytics.io/static/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keymedia-overrides.css
s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/ |
58 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame E340 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 3AAC |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
c.lytics.io/api/program/campaign/config/04efff7793bfc7d9b702b19cc7b0db31/ |
399 B 678 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
eastus-8.in.applicationinsights.azure.com//v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
eastus-8.in.applicationinsights.azure.com//v2/ |
49 B 159 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame A8E5 |
42 B 174 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 3AAC |
42 B 108 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57A0 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 1F92 |
829 B 976 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 57A0 |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F92 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 57A0 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| googletag object| dataLayer object| appInsights function| whichTransitionEndEvent function| dismissIntromercial function| _ function| ListPager function| requestPostitialOnScroll function| e object| n string| t object| r object| o object| a string| u object| c object| s object| f object| d object| Microsoft object| __dynProto$Gbl object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| GooglebQhCsO object| jstag object| _ml object| regeneratorRuntime undefined| google_measure_js_timing function| onYouTubeIframeAPIReady object| gaGlobal number| google_unique_id object| __lytics__jstag__ undefined| u_719086869719574700 undefined| u_3991777184129796 object| pathfora object| GoogleGcLKhOms object| google_image_requests26 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.benefitsandpensionsmonitor.com/ | Name: ARRAffinity Value: 768c1fa6b7720d25880d38a03dc6c18f0fede13efd5b31224530feefe6996987 |
|
.www.benefitsandpensionsmonitor.com/ | Name: ARRAffinitySameSite Value: 768c1fa6b7720d25880d38a03dc6c18f0fede13efd5b31224530feefe6996987 |
|
www.benefitsandpensionsmonitor.com/ | Name: ai_user Value: MbITcBgNOyUmL/uL5nAHjv|2023-09-06T12:00:44.875Z |
|
.benefitsandpensionsmonitor.com/ | Name: cf_clearance Value: o4WeQzlwxxNF8XGOuZ1PdDWr1C.PKcdOHv0bGBJSTrk-1694001644-0-1-29f07466.9fc32f65.7ef12b86-0.2.1694001644 |
|
.benefitsandpensionsmonitor.com/ | Name: _gcl_au Value: 1.1.1740518731.1694001645 |
|
.benefitsandpensionsmonitor.com/ | Name: _ga_6PGJWLVE01 Value: GS1.1.1694001645.1.0.1694001645.0.0.0 |
|
.benefitsandpensionsmonitor.com/ | Name: _ga Value: GA1.1.503697323.1694001645 |
|
.ml314.com/ | Name: u Value: aHR0cHM6Ly93d3cuYmVuZWZpdHNhbmRwZW5zaW9uc21vbml0b3IuY29tLw== |
|
.ml314.com/ | Name: pi Value: 3638329944546738185 |
|
.ml314.com/ | Name: tp Value: 4%3b9%2f6%2f2023+8%3a00%3a45+AM%3b0 |
|
www.benefitsandpensionsmonitor.com/ | Name: ai_session Value: K3rKkVNC9rdQ7SnsCkgisn|1694001645373|1694001645373 |
|
.www.benefitsandpensionsmonitor.com/ | Name: seerses Value: e |
|
.www.benefitsandpensionsmonitor.com/ | Name: seerid Value: 9139cc1e-3c02-458e-8bdb-f4fe0559de1f |
|
.adsrvr.org/ | Name: TDID Value: 50e58a3f-1878-4992-aed7-3e6303b2976b |
|
.rlcdn.com/ | Name: rlas3 Value: qdEfyqIcj6TEeH42N70yYgbkWBiTOElklFoLsQKhuEU= |
|
.benefitsandpensionsmonitor.com/ | Name: __gads Value: ID=a1e71a4efdfe3adf:T=1694001645:RT=1694001645:S=ALNI_MbddOZMxBmv4j2qK2e6A1qVryGjUQ |
|
.benefitsandpensionsmonitor.com/ | Name: __gpi Value: UID=00000d9057c93dd3:T=1694001645:RT=1694001645:S=ALNI_MbHMeLWHnm4tlewMdtBrzVu0vTzUg |
|
.adsrvr.org/ | Name: TDCPM Value: CAESFgoHZDB0cm8xahILCKDO1_bdtpc8EAUYBSABKAIyCwjm0PKi9LaXPBAFOAE. |
|
.lytics.io/ | Name: seerid Value: 9139cc1e-3c02-458e-8bdb-f4fe0559de1f |
|
.rlcdn.com/ | Name: pxrc Value: CO3T4acGEgUI6AcQABIFCNtOEAA= |
|
.crwdcntrl.net/ | Name: _cc_cc Value: ctst |
|
.eyeota.net/ | Name: mako_uid Value: 18a6a5dc949-31df0000010a4db7 |
|
.eyeota.net/ | Name: SERVERID Value: 19895~DM |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUm3MxvBai8aEwylhzWFDi-UUK_MsBVuaATldGTwNmo7Svb8VtgOaDPoxuaL2Hc |
|
.demdex.net/ | Name: demdex Value: 52913029787190726360796220296787844698 |
|
.dpm.demdex.net/ | Name: dpm Value: 52913029787190726360796220296787844698 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.lytics.io
c530e07522adeba4591e3e6132222620.safeframe.googlesyndication.com
cdn-res.keymedia.com
cdn.sajari.com
cdnjs.cloudflare.com
dpm.demdex.net
eastus-8.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
in.ml314.com
js.monitor.azure.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
ps.eyeota.net
s3.us-west-2.amazonaws.com
securepubads.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
use.fontawesome.com
www.benefitsandpensionsmonitor.com
www.bpmmagazine.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.17.24.14
104.26.15.213
104.26.9.198
13.107.253.40
142.250.31.155
142.251.16.113
142.251.16.132
142.251.16.157
142.251.16.94
142.251.163.147
172.253.115.95
172.253.122.97
172.253.62.157
172.253.63.132
172.253.63.94
172.64.103.11
172.67.215.24
172.67.73.236
3.212.173.20
3.33.220.150
34.111.234.236
34.231.251.31
35.190.50.98
35.190.60.146
50.17.27.28
52.179.73.41
52.218.249.224
52.22.242.75
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
0b2b5c06d11b49f1a09b3c617f06d571638820619a918df7141e86d0157a996c
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0d31a69f7ae0d174b9e6054ebedb533ffa1c85de012409db3fc16fcdf9cc525b
0df756c4dfce2d3233196f3d1ed13159bb17810dd98e66e5864125692fd7288d
155d083e71e7ab6e2eb5da29b26f8913c992b80198db9664167bce6808af23b9
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
21d602532420938af2a411770f1a39123381a9ac669c4b0c43eeea5dccab76ae
22ef2c9b07673319f2329cbc48e5ef3b7e93c14ed51ee4df87b0a798ec70ac09
22f7d96cec1bb8460edaad31832a5a5eb464d5fea528118c7ac2de337dafc2e1
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
2649f11884cfff9c190cfc497510a92aeded35edd11a47a70360c08c6c9add1f
28b2bc91a3209441b556bdca6cb42dc2755a10662a51b5aea914a459d1d169ae
2996e8f68de4c395c4a0d4aa6ebc97f59a743b9744834b8bae9276d5722a63f0
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32fb60eb9aa33c378b3f22656450ab566b63e51d2cf0b9b1d0d3caad7524e831
3d9139eb008a6920449b04b7f2d0f7a2695867ca922bb43436f48c2eb88a9f70
3db368eb2198fb7fabd18447ec5818684af2d37c2d278147e382dd9091908f49
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47038c9f35babad09491c4f2e6e8c3881330418285735049132912fbd3562d4f
47d83c0acf73a546b785d0da2b2b824486d5b55f64efc2fa1845904d92b67f20
49d6c574090ada709342451c0e04a9d39d8bc5a9c3d5728bbac20d5c0577c366
53068c5816e04a1a43f4a68f816c36a3e71153c3885eeed61efc4ac454306d43
53b5f6eb10f48f9b9203a032c298974c3470faf2f13487a0102921f20d4bc450
54f001f120914a2d4a2b2ab39931fd524a7080bf532f13bd5547fc1255ca5c76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57831e5d0327296d6be29fdbff260ba2d9293e42046ec3dba7b47237c8121bba
57b46083bf169d918156d580b3af7774c131ffcdcdf414a5cec8e12396d1ddb0
585e747e0701153996b912f68aaa3b61cac294ecd4a8f2628b7ce5c5a370aa4c
5b11731cad9b522e095aa57c5323bc4e60bf5c5ec3ca537507708dc6e4c6596a
60af7613cf5b70b4cd558546dd7ecab78792b7ed6b8effa9545dac4d3aa1fed3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
785c1f4b0f336168b4c4a5a048fbdb936d8b0c2c2eac51aed8413c143c41ac37
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
81b2a42fe9601870364f23ee6cfb94073cfdd6a03a70802a54bd242b88cce769
81f3524a047e935982417031e51ea8b28a6bb30e47d65a65d0c94b88178453ab
8d4a6f33753ec2e106e224956e81cc673fdb24c509b4810190b0581951539247
927cc5c445c1abef2c2001e0f7033214a6e070288a1068c81da7256d59a3dbce
960c012bcf69ab90fcc37dc9486afce242eba29d635f7e6c8b8d243fedac6d7c
986234269574843718b280cee20a2027b06a5a4d4ed4a2109e4702c91980ee81
99ae26c1a22048b879b145ace32446b3b92cae268ade305cd6e89bb885b5bcc4
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
a3944e77604c3af0b15334cfddc46ab697ef0bf9c323f50b7186c90e8b5c13b0
a6d28ffb69942f92338293495ef8ace117ed2f884c2199d9dd28149d7b9de99f
aebf9956840a795c31489aa11afd8f9ae40e6b39805e04b6e43c9b57165dca8c
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
aff5c482161de24d68eaddba9e083af6a0c933fbfe8a019e8cd9a84fbe5d4786
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3672e8f53d4cd14250c0d76315fa94c7311da3ce7235696d1aa6fa39388dcb6
b699d040f844f5292148ec99302b5af19624782ca5ccdce5e94af26f69da4cd8
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bef2c56ac4dc5ac6175e313afae36e5ea0f1a1a4e5f717ec0ff66a6f5c8fb74f
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
cd3d6fadce0e149d87d8ce7bc663da01a78ce8c033d121ab6a138786f632f956
cefdf0990471243717a17f03abe0063905b1652cd184d74c7773553f9a0ffb71
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d3c92d38448399407f04004ea8b0ff7ac54b416f7456f2e5bb2a04d800d0e27b
dc765890aaaca37c31fb572ff9db7356e17cb243265b78533e19d97f32752b42
ddfeaf0efdaa34256996947c01bdf15ba8de5992eea07fe97a3aee57b57e2711
de5cd45cccf973d02676e44e13c0209769eb7d8cfce2fcf8139238ee982f47ab
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e2817396ee137855e41a860c821d9eecae5115cba06efdbcb5b272789a7047ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e688e1bc932473d750753b26c0ea05f7b6d6609ae4fbd4635eb48d430bee3705
e697712ea46fc718f86b1f6cac883a81f5e15a0f5e8565117c8f974abeec2196
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ecc48c5d07bc999ce015cb02d037832476425803ebb65d21392c34f8c827121c
ed88c46660034c43015d10f6267203692a277a5bcb4f130a8175f4f0828d53c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1