advisors.nbfwm.ca
Open in
urlscan Pro
104.111.242.36
Public Scan
Submitted URL: http://www.bluteaucaseley.com/
Effective URL: https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/
Submission: On February 14 via manual from CA
Effective URL: https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/
Submission: On February 14 via manual from CA
Summary
This website contacted 11 IPs
in 4 countries
across 10 domains to perform 39 HTTP transactions.
The main IP is 104.111.242.36, located in
Amsterdam, Netherlands and
belongs to AKAMAI-AS - Akamai Technologies, Inc., US.
The main domain is advisors.nbfwm.ca.
TLS certificate: Issued by Entrust Certification Authority - L1M on October 2nd 2017. Valid for: 2 years.
This is the only time advisors.nbfwm.ca was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1M on October 2nd 2017. Valid for: 2 years.
This is the only time advisors.nbfwm.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2a00:1450:400... 2a00:1450:4001:81c::2013 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 22 | 104.111.242.36 104.111.242.36 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 5 | 2.18.232.23 2.18.232.23 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 2 | 2a00:1450:400... 2a00:1450:4001:817::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 54.77.130.155 54.77.130.155 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 2a00:1450:400... 2a00:1450:400c:c0a::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 172.82.228.17 172.82.228.17 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 1 1 | 66.117.28.86 66.117.28.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 1 | 66.117.29.6 66.117.29.6 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 1 | 52.215.56.157 52.215.56.157 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 2 | 172.217.22.102 172.217.22.102 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 39 | 11 |
22
104.111.242.36
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-36.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-36.deploy.static.akamaitechnologies.com
| advisors.nbfwm.ca |
5
2.18.232.23
(European Union)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
| assets.adobedtm.com |
2
54.77.130.155
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-130-155.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-130-155.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
172.82.228.17
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d2.sc.omtrdc.net
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d2.sc.omtrdc.net
| nationalbankofcanada.d2.sc.omtrdc.net |
1
66.117.28.86
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
| cm.everesttech.net |
1
66.117.29.6
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
| nationalbankofcanada.tt.omtrdc.net |
1
52.215.56.157
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-56-157.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-56-157.eu-west-1.compute.amazonaws.com
| nationalbankofcanada.demdex.net |
2
2a03:2880:f02d:12:face:b00c:0:3
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| connect.facebook.net |
2
172.217.22.102
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f102.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f102.1e100.net
| 5357220.fls.doubleclick.net |
1
2a03:2880:f12d:83:face:b00c:0:25de
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
nbfwm.ca
advisors.nbfwm.ca |
669 KB |
| 5 |
adobedtm.com
assets.adobedtm.com |
102 KB |
| 3 |
omtrdc.net
nationalbankofcanada.d2.sc.omtrdc.net nationalbankofcanada.tt.omtrdc.net |
7 KB |
| 3 |
doubleclick.net
1 redirects
stats.g.doubleclick.net 5357220.fls.doubleclick.net |
533 B |
| 3 |
demdex.net
dpm.demdex.net nationalbankofcanada.demdex.net |
3 KB |
| 2 |
facebook.net
connect.facebook.net |
23 KB |
| 2 |
google-analytics.com
1 redirects
ssl.google-analytics.com |
17 KB |
| 1 |
facebook.com
www.facebook.com |
247 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net |
527 B |
| 1 |
bluteaucaseley.com
1 redirects
www.bluteaucaseley.com |
305 B |
| 39 | 10 |
| Domain | Requested by | |
|---|---|---|
| 22 | advisors.nbfwm.ca |
advisors.nbfwm.ca
|
| 5 | assets.adobedtm.com |
advisors.nbfwm.ca
assets.adobedtm.com |
| 2 | 5357220.fls.doubleclick.net |
1 redirects
assets.adobedtm.com
|
| 2 | connect.facebook.net |
assets.adobedtm.com
connect.facebook.net |
| 2 | nationalbankofcanada.d2.sc.omtrdc.net |
assets.adobedtm.com
|
| 2 | dpm.demdex.net |
assets.adobedtm.com
advisors.nbfwm.ca |
| 2 | ssl.google-analytics.com |
1 redirects
advisors.nbfwm.ca
|
| 1 | www.facebook.com |
advisors.nbfwm.ca
|
| 1 | nationalbankofcanada.demdex.net |
assets.adobedtm.com
|
| 1 | nationalbankofcanada.tt.omtrdc.net |
assets.adobedtm.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | stats.g.doubleclick.net |
advisors.nbfwm.ca
|
| 1 | www.bluteaucaseley.com | 1 redirects |
| 39 | 13 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nbfwm.ca |
| client.bnc.ca |
| www.linkedin.com |
| www.iiroc.ca |
| www.cipf.ca |
| www.nbc.ca |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| bncd.ca Entrust Certification Authority - L1M |
2017-10-02 - 2019-10-02 |
2 years | crt.sh |
| assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2018-04-06 - 2019-04-11 |
a year | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2019-01-29 - 2019-04-23 |
3 months | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| *.g.doubleclick.net Google Internet Authority G3 |
2019-01-29 - 2019-04-23 |
3 months | crt.sh |
| *.d2.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2016-05-04 - 2019-05-23 |
3 years | crt.sh |
| *.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2017-10-19 - 2020-11-25 |
3 years | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-01-21 - 2019-04-21 |
3 months | crt.sh |
| *.doubleclick.net Google Internet Authority G3 |
2019-01-29 - 2019-04-23 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/
Frame ID: F28B77F13198CD5F34651C42201BCA0E
Requests: 36 HTTP requests in this frame
Frame:
https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-56d0c41664746d57d6000d51.html
Frame ID: FBCDF2D405E9E6BD4F98117BF4708481
Requests: 1 HTTP requests in this frame
Frame:
https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=0
Frame ID: C3249E2DCCBD408ADD209933D3FBF93F
Requests: 1 HTTP requests in this frame
Frame:
https://5357220.fls.doubleclick.net/activityi;dc_pre=CJ-zrY3Cu-ACFZVA4AodoGkA9g;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=undefined;u4=en;u5=nbfwm;u6=site;u7=undefined;u8=undefined;u9=advisors;u10=credit-card;u11=https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/;u12=;u13=;u14=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: ED64E96D3102237300DBDA1EAEF2B13A
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.bluteaucaseley.com/
HTTP 302
https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/ Page URL
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^Modernizr$/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
- env /^s_(?:account|objectID|code|INST)$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^jQuery$/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
URL: http://nbfwm.ca/
Title: NBFWM.CA
Title: NBFWM.CA
Search URL Search Domain Scan URL
URL: https://client.bnc.ca/nbfwm/login
Title: Client access
Title: Client access
Search URL Search Domain Scan URL
URL: http://www.linkedin.com/pub/david-bluteau/33/1a2/82b
Title: LinkedIn profile
Title: LinkedIn profile
Search URL Search Domain Scan URL
URL: https://nbfwm.ca/en/products-and-services/
Title: Product and Services
Title: Product and Services
Search URL Search Domain Scan URL
URL: https://nbfwm.ca/en/financial-information/
Title: Financial Information
Title: Financial Information
Search URL Search Domain Scan URL
URL: https://nbfwm.ca/en/corporate-information/
Title: About Us
Title: About Us
Search URL Search Domain Scan URL
URL: http://www.iiroc.ca/Pages/default.aspx
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.cipf.ca/HomePage.aspx
Title:
Title:
Search URL Search Domain Scan URL
URL: http://nbfwm.ca/en/user-agreement/
Title: User agreement
Title: User agreement
Search URL Search Domain Scan URL
URL: http://nbfwm.ca/en/confidentiality-policy/
Title: Confidentiality policy
Title: Confidentiality policy
Search URL Search Domain Scan URL
URL: https://www.nbc.ca/en/confidentiality-policies/cookies.html
Title: Cookies
Title: Cookies
Search URL Search Domain Scan URL
URL: http://nbfwm.ca/en/security-policies/
Title: Security policies
Title: Security policies
Search URL Search Domain Scan URL
URL: http://www.iiroc.ca/investors/knowyouradvisor/Pages/AdvisorReport.aspx
Title: See advisor reports of the IIROC
Title: See advisor reports of the IIROC
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.bluteaucaseley.com/
HTTP 302
https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2016474233&utmhn=advisors.nbfwm.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=David%20Bluteau%20%7C%20Bluteau%20Caseley%20Wealth%20Management%20Group%20%7C%20National%20Bank%20Financial&utmhid=1021195976&utmr=-&utmp=%2Fen%2Fteams%2Fbluteau-caseley-wealth-management-group%2Four-team%2Fdavid-bluteau%2F&utmht=1550157340681&utmac=UA-35868018-2&utmcc=__utma%3D154483047.204620113.1550157341.1550157341.1550157341.1%3B%2B__utmz%3D154483047.1550157341.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2044127875&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35868018-2&cid=204620113.1550157341&jid=2044127875&_v=5.7.2&z=2016474233
- https://cm.everesttech.net/cm/dd?d_uuid=68074689907629281293513740841692896820 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XGWGHAAAD9yIhRN_
- https://5357220.fls.doubleclick.net/activityi;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=undefined;u4=en;u5=nbfwm;u6=site;u7=undefined;u8=undefined;u9=advisors;u10=credit-card;u11=https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/;u12=;u13=;u14=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://5357220.fls.doubleclick.net/activityi;dc_pre=CJ-zrY3Cu-ACFZVA4AodoGkA9g;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=undefined;u4=en;u5=nbfwm;u6=site;u7=undefined;u8=undefined;u9=advisors;u10=credit-card;u11=https://advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/;u12=;u13=;u14=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
39 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
advisors.nbfwm.ca/en/teams/bluteau-caseley-wealth-management-group/our-team/david-bluteau/ Redirect Chain
|
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-styles
advisors.nbfwm.ca/feuil/themes/common/libs/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-scripts
advisors.nbfwm.ca/feuil/themes/common/ |
433 KB 433 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ResourcesToJson
advisors.nbfwm.ca/Localization/ |
1 KB 796 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
microsite-less-styles
advisors.nbfwm.ca/feuil/themes/microsite/less/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
microsite-scripts
advisors.nbfwm.ca/feuil/themes/microsite/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satelliteLib-3515936bfa88f68815e17af9c4dadc060f6dc580.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
129 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
header-logo-fbngp_en.jpg
advisors.nbfwm.ca/feuil/themes/admin/images/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Bluteau%20DeVenney%20Caseley_6d3c6.jpg
advisors.nbfwm.ca/~/media/Images/Banners/Microsites/B/ |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
David_Bluteau_fa379.jpg
advisors.nbfwm.ca/~/media/Images/ProfilImage/B/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
IIROC_logo_large.png
advisors.nbfwm.ca/feuil/themes/common/images/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-membre-cipf.png
advisors.nbfwm.ca/feuil/themes/common/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
reset.css
advisors.nbfwm.ca/feuil/themes/microsite/less/libs/ |
1 KB 964 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mbox-contents-cabceeb6042286c15719f55d78bd4e17a2f7cdb3.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
108 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
nationalbankofcanada.d2.sc.omtrdc.net/ |
3 B 476 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=XGWGHAAAD9yIhRN_
dpm.demdex.net/ Redirect Chain
|
42 B 769 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
nationalbankofcanada.tt.omtrdc.net/m2/nationalbankofcanada/mbox/ |
97 B 649 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-5931c9b364746d2b6d003e39.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
satellite-56d0c41664746d57d6000d51.html
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ Frame FBCD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s-code-contents-d94a658397371915b43253ad75e43dddf1901b59.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
76 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wrapper-shadow.png
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
addthis-sharing.png
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg-side-menu.gif
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow-side-menu.png
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
coordinate-icon.png
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wrapper-lowerpage-bg.png
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bloc-lowerpage-bg.png
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow-dark-right-small.png
advisors.nbfwm.ca/feuil/themes/microsite/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.gif
advisors.nbfwm.ca/feuil/themes/common/libs/plugins/jquery/colorbox/images/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
controls.gif
advisors.nbfwm.ca/feuil/themes/common/libs/plugins/jquery/colorbox/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
dest5.html
nationalbankofcanada.demdex.net/ Frame C324 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
52 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
;u12=;u13=;u14=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
5357220.fls.doubleclick.net/activityi;dc_pre=CJ-zrY3Cu-ACFZVA4AodoGkA9g;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=undefined;u4=en;u5=nbfwm;u6=site;u7=undefined;u8=undefined;u9=advisors;u10=cred... Frame ED64 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1783130221942772
connect.facebook.net/signals/config/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s32288162551447
nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbca-fbngp-production/10/JS-2.6.0-D7QN/ |
5 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| cssua function| $ function| jQuery function| DP_jQuery_1550157340297 object| html5 object| Modernizr function| _ object| kafe object| __global_localization__ object| FBNSC object| _gaq function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| _gat object| gaGlobal object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate function| fbq function| _fbq function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq object| s_i_nbca-fbngp-production13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .rfihub.com/ | Name: eud Value: H4sIAAAAAAAAAF3RoU_DQBTH8YzRZKFbMv4FMtvQ6-64nCxiJTODTLS2pZyAQEgwBDk5OVk5WVlZieyfUImcnKxa5sr3uY94v7v33s10vVzefphzrRZvX48_rxOhlC-Unkuh1bwY9KyEX8IVXMMNfIA7eHPx31t4BxdwCVdwDbfwkflD5MHlJfLgvTNNojh6eArD-zD5fhefcen0V-zfVQ5GHOFJ-Bdu4Bb-gzv6CitycTJ3lgllrTTSU2kgPGlt5hmbP3vailyZ9EUGeXbst-nAdIgpxvjWBJe_xpjwCSGmxs2rAgAA |
|
| .rfihub.com/ | Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dTUvTPf0M45PDrEM0w02N69yMQpKyVcSCPby0s-zBAF_t-zigKpVjAIR7uHuHoGOjk6OERW5hgXhs5hUkgxN09JMLE10TRONDHVN0tKSdC3TUpJ1zdMMU0wtE1NNjFKSAFfuBA5qAAAA |
|
| .rfihub.com/ | Name: smd Value: H4sIAAAAAAAAAOPiNTQ1NTA0NTc2MTQzMQUAUVaJqg8AAAA |
|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzQ2NDMwNDEwMjQ0NTGyNBPiM9RN8a4KTK5wrnQqKC6Q4jU0NTUwNDU3NgGqsgQA427I3TQAAAA |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzQ2NDMwNDEwMjQ0NTGyNBPiM9RN8a4KTK5wrnQqKC4AAJ7rDIAlAAAA |
|
| .adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwiG4oi-wKaJNxAFOAE. |
|
| .adsrvr.org/ | Name: TDID Value: ef9f286b-cc92-429d-9f32-d54bbe7a30b2 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlMYNk4DZRoPp3dSO6Rn5-l2dH1oGcC-umbURXJbbnaiTtWuTL48fso6Jmk |
|
| .demdex.net/ | Name: dextp Value: 771-1-1550157341227|1083-1-1550157341328|1085-1-1550157341429|1086-1-1550157341553|1087-1-1550157341658|1088-1-1550157341759|19913-1-1550157341863 |
|
| .demdex.net/ | Name: demdex Value: 68074689907629281293513740841692896820 |
|
| .nbfwm.ca/ | Name: aam_uuid Value: 68074689907629281293513740841692896820 |
|
| .nbfwm.ca/ | Name: _fbp Value: fb.1.1550157341220.1201024896 |
|
| .nbfwm.ca/ | Name: s_cc Value: true |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5357220.fls.doubleclick.net
advisors.nbfwm.ca
assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
nationalbankofcanada.d2.sc.omtrdc.net
nationalbankofcanada.demdex.net
nationalbankofcanada.tt.omtrdc.net
ssl.google-analytics.com
stats.g.doubleclick.net
www.bluteaucaseley.com
www.facebook.com
104.111.242.36
172.217.22.102
172.82.228.17
2.18.232.23
2a00:1450:4001:817::2008
2a00:1450:4001:81c::2013
2a00:1450:400c:c0a::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.215.56.157
54.77.130.155
66.117.28.86
66.117.29.6
0080d11eeac76ea701f577af60cb9458a462b9bd4ad41fbd14d8b826701feca5
07af6cabb176176319e4cd603416e5b52cf21dbd19b332660f1ceff85ecaa56a
0bfa79cf5b82ae0a74e2c0444c6d8fb82cc89380f7df42eca81a26fe9caebc59
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
134b48ccd0a5ad8510b4ed3e84b952b2ee2fb86d77ce7edf4b659b7772de81d7
147396e6d5d803a69af6ac0e78ab924666270ae3c436ff73201c737a69c51e9f
17708562c23573d07e5828bb33e9311023088e1bbda12984559289c6986ade7d
222d6a37b66b79384926caa02c4dd11d56ab1d64ffb239fd5db9ebf1abfaf6b5
2eb567ecf7d1579db1fe3c77b3740c1a495256b5332f1acd6ac7e97d2bae1a85
305fa731fa32f18696c2ad8e1f4b6c2fb9ba61795bd84787b861477d127e3e61
3484481491e9006bc6237744103af83a9d2d07385e91148319e668c75421cd4f
39f38bda9c06ae210b5214b69596e318ec78b9ea67fd6846a755154f5fde4ecc
4d5705171f8a56646461dbe2a0435cb1460ea39ca473ff650f8409ff4d19c6e9
5277b23a0a0f6fb3c9d2ff2a8b2840fe153cfc956632a9275723fdf3579637d6
6e3c79ed0a7db335055dcb3d5d77d8effc09ebc0d99bbb39fae53b5d6520bf03
7379b1414458cb33e67eade3fac1de4f248c2b7bb248079bf4b8253dfc1a5cc2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e56b9d00e68f26f91c7262e795179a9ff2876376f028d0a4799ad9e40136106
946ae28bf3548bd68e1cf61e00e2cd2e69baf23003de49c1491d9df2da453a04
9a074456e4a0c124b4fe7a0972c45e70a9a74865a6d7f3350cd4d38fc0bd130c
9e5a66c45c9981db885c61437563980cfb2e1c278544e133f5fcbdf06d00d746
b79ef66d14b739eb22749da056a71e171c75d67df8d38b54adfba91f139caa8b
b8de8ac639fedbe6298c907ee5baceca9b0b271668d221391a4dc8aa889dce66
c42a4450a338080aff6c431b7b60de95d28d5e9cf2dab6b550eb953b9edc3045
c8844eb4d4c97bee4fd763c81139f722516a8753d73e26dfb72e349e695a1818
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd4272feb759fdf91c36536a1745658a8f6df8c751ceb5b31f22f9428fc8b314
cf1579abcab1e998e5c60c207d4989be6266bef8e130232bad109d6417320c8d
d0a4ae9552e9f190da58e2503387354f6c7b3d8ec4f95ac5eb6a12857964f20d
d1372df41070419f761c550773c74310feeed302298d7fdcc1676143c28459fc
d95a3d3cf1539ddd158d38e6960367232846e5ab0770e17f6e8ed330ac3602e3
db348ba09f150f96dea1ea054bf34a376fa50faaa10b3a52bc2e2dea95b897e2
dfd40e0f249bdbe5a8ef624b9bc4c41f8ce5c845ed8d77b12d6f835128a28a1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdfe1fc0de2e7b9c8b83a0ed3a04ea250640d4a76a3fa28254ae1951814c6385