www.benefitsandpensionsmonitor.com
Open in
urlscan Pro
104.26.15.213
Public Scan
Effective URL: https://www.benefitsandpensionsmonitor.com/
Submission: On September 01 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1P5 on August 17th 2023. Valid for: 3 months.
This is the only time www.benefitsandpensionsmonitor.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com
cdn.sajari.com |
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
fonts.gstatic.com |
ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
googleads.g.doubleclick.net | |
pagead2.googlesyndication.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com |
ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net
8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-56-174.compute-1.amazonaws.com
in.ml314.com |
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
www.googletagservices.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-26-129.compute-1.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-146-227.compute-1.amazonaws.com
sync.crwdcntrl.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com
ps.eyeota.net |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eastus-8.in.applicationinsights.azure.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
googlesyndication.com
8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150 pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 |
642 KB |
18 |
doubleclick.net
1 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 |
185 KB |
12 |
ml314.com
3 redirects
ml314.com — Cisco Umbrella Rank: 1767 in.ml314.com — Cisco Umbrella Rank: 10931 |
13 KB |
12 |
keymedia.com
cdn-res.keymedia.com — Cisco Umbrella Rank: 205674 |
65 KB |
9 |
benefitsandpensionsmonitor.com
1 redirects
www.benefitsandpensionsmonitor.com |
42 KB |
8 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
7 |
lytics.io
c.lytics.io — Cisco Umbrella Rank: 10232 |
67 KB |
6 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214 |
340 KB |
4 |
gstatic.com
fonts.gstatic.com |
88 KB |
3 |
eyeota.net
2 redirects
ps.eyeota.net — Cisco Umbrella Rank: 1056 |
2 KB |
3 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1547 eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 9358 |
46 KB |
3 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1070 |
169 KB |
2 |
crwdcntrl.net
2 redirects
sync.crwdcntrl.net — Cisco Umbrella Rank: 795 |
863 B |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 348 |
693 B |
2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 395 |
833 B |
2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 223 |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 |
147 KB |
2 |
sajari.com
cdn.sajari.com — Cisco Umbrella Rank: 68513 |
248 KB |
1 |
amazonaws.com
s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 2313 |
59 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
267 B |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 9197 |
455 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
6 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41 |
1 KB |
1 |
bpmmagazine.com
1 redirects
www.bpmmagazine.com |
433 B |
111 | 24 |
Domain | Requested by | |
---|---|---|
17 | securepubads.g.doubleclick.net |
1 redirects
www.benefitsandpensionsmonitor.com
securepubads.g.doubleclick.net www.googletagservices.com |
16 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
www.benefitsandpensionsmonitor.com tpc.googlesyndication.com |
12 | cdn-res.keymedia.com |
www.benefitsandpensionsmonitor.com
|
11 | ml314.com |
3 redirects
www.benefitsandpensionsmonitor.com
ml314.com |
9 | www.benefitsandpensionsmonitor.com |
1 redirects
www.benefitsandpensionsmonitor.com
|
8 | www.google.com |
www.benefitsandpensionsmonitor.com
securepubads.g.doubleclick.net tpc.googlesyndication.com |
7 | c.lytics.io |
www.benefitsandpensionsmonitor.com
c.lytics.io |
6 | pagead2.googlesyndication.com |
www.googletagservices.com
js.monitor.azure.com tpc.googlesyndication.com |
6 | www.googletagservices.com |
securepubads.g.doubleclick.net
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | ps.eyeota.net |
2 redirects
www.benefitsandpensionsmonitor.com
|
3 | use.fontawesome.com |
www.benefitsandpensionsmonitor.com
use.fontawesome.com |
2 | eastus-8.in.applicationinsights.azure.com |
js.monitor.azure.com
|
2 | sync.crwdcntrl.net | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | dpm.demdex.net |
1 redirects
www.benefitsandpensionsmonitor.com
|
2 | www.googletagmanager.com |
www.benefitsandpensionsmonitor.com
www.googletagmanager.com |
2 | cdn.sajari.com |
www.benefitsandpensionsmonitor.com
cdn.sajari.com |
1 | s3.us-west-2.amazonaws.com |
c.lytics.io
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | www.google.ca |
www.benefitsandpensionsmonitor.com
|
1 | in.ml314.com |
ml314.com
|
1 | 8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | js.monitor.azure.com |
www.benefitsandpensionsmonitor.com
|
1 | cdnjs.cloudflare.com |
www.benefitsandpensionsmonitor.com
|
1 | fonts.googleapis.com |
www.benefitsandpensionsmonitor.com
|
1 | www.bpmmagazine.com | 1 redirects |
111 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
premium.benefitsandpensionsmonitor.com |
www.keymedia.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
benefitsandpensionsmonitor.com GTS CA 1P5 |
2023-08-17 - 2023-11-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
use.fontawesome.com GTS CA 1P5 |
2023-07-04 - 2023-10-02 |
3 months | crt.sh |
keymedia.com Cloudflare Inc ECC CA-3 |
2023-03-19 - 2024-03-18 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
cdn.sajari.com GTS CA 1D4 |
2023-08-30 - 2023-11-28 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06 |
2023-06-21 - 2024-06-15 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
ml314.com GTS CA 1D4 |
2023-08-05 - 2023-11-03 |
3 months | crt.sh |
*.ml314.com Amazon RSA 2048 M02 |
2023-02-27 - 2023-12-14 |
10 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01 |
2023-04-11 - 2023-12-28 |
9 months | crt.sh |
prod.ai.ingestion.msftcloudes.com Microsoft Azure TLS Issuing CA 01 |
2023-08-31 - 2024-06-27 |
10 months | crt.sh |
This page contains 12 frames:
Primary Page:
https://www.benefitsandpensionsmonitor.com/
Frame ID: 84A1402A7DF09684C59AEA1C3CA52210
Requests: 60 HTTP requests in this frame
Frame:
https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Frame ID: 5B40E71D1376EAE48E5896F7577E9775
Requests: 2 HTTP requests in this frame
Frame:
https://8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB2CE1A9CAF18A3A6402ED13230F1AF6
Requests: 1 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiPAV3XSs0J-d4gkxIps1j16A7sa5fxKPme133Qaj4aQ7mE1rOFm8B-5NL-tgN-gSRUeWzW0ujdXePnF5LZgwsuCUwPUmHtgcHDt3CZt7t6_frIO6bt8HjymplHO0Qi_lgPV1-BYjfUpjxbTI3pwFGUIrimNguztQ0jKSJTbZ6V-0qyj2_lGNYF-wot3-YmXzX_7z42aDglUw8qPgeF5T74zQYnQ75dByGHzkaLiqZbfPGnkmI59lodJj9dqfy6QXB31rjbvTwDKiH3xM4iou4jC6K6HyL2n-bGbbY6b-mjJVfq9mel-hZ5ayyhikQeiYRcWqz6ksNnz-zFtNW0wq29_2ygZz5y82IDAot9NDK8m0woIfhfxquBuqFgsnFYHKj7MV6XqQkGQ8ntbvQbjyjkA4&sai=AMfl-YSYTJ9fn6m-bLCrNbGASPy41T0Z9x3hIRyZKjjw7WpCBgF4iBCyWbDLeCPmf-SMjq5Wbmg5etbtksrDX4eLYyDLzfBPEI4sDf0m9VVL2RGMhMaJdmEQOLGpmySqwtw&sig=Cg0ArKJSzJ3oBpRobgODEAE&uach_m=[UACH]&adurl=
Frame ID: 1D998E2816A1EAC64D17E951A22E2153
Requests: 8 HTTP requests in this frame
Frame:
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=BPMW_Medavie_Blue_Cross&cb=2105466321
Frame ID: EBDB183A543320AF12A1E15B3A352C3E
Requests: 9 HTTP requests in this frame
Frame:
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=336938587
Frame ID: F827A175135C854D808E92C2C189D781
Requests: 8 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlXZRuViqQqWM8QXYIvEIM69fdMgRo2DKQa7_GKmpfUi1BC4SkzB_yT9TTg80QYP95yAZ19G75lPj5OemfIhWZ9AJO87jFTjGcRGP2YOyuB0bBYt2kdEgiCTAqzpeFwrlFleXd2YSQDVeujYlgQQrBgckayCNN2dNja7B3dtMuLBY-FetPEICMxxC1H0E9LX8NVBwyWkg_9-GD5CRNWSaGi4bONB2Y_ziqHu2bQpk5zDmCBmHNDUZlYKT6Wo7zOyh7G5Z0HHGzMH29bIzidxvqRcvqdV-oUROJryaUdRPY920sPdSp7szbQqmnaDdHHzQGawg4gMk0Ujt4BK9qETQmyVofXCZsRpUZp2M&sai=AMfl-YS_hu3HAo8sGSdMaugTUwSlBKpDMp9i1yJnzJjUOk1aIR3zegXZq6z9N_5AUPUPXDg7pzHD_1VQeOgW5eOhHp4SGYAr3glsu9keui4kMuk4TifRM5X6Eae5zteLeg0&sig=Cg0ArKJSzN0Nv_QVm_nTEAE&uach_m=[UACH]&adurl=
Frame ID: AB66EC6C5BE124AA0A64444D8FD63763
Requests: 7 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzgh-5COsk2tOi58IfRLAyi2MRBnRfeD0Q1hwQk8xq3zz6gsKtfFuWqlA0QQs0CPfroSR8X1pxg5DrNa6JcybeBzazKAx9W3eBYlQ4Ae597OVZOCn_a2-8SxgKrZlv_xz6vQ7RzQVosicPZ8PiluVJS5Tji7L1Z0W9TcNZOAq5e7QcW28OdaaxIJbUNxNt8OSZzc1kvAm9unDa9WzpGlNFCBS4vPw3bh2n0RufQdpEV5wferkR26_NnRtNrbbyz-cQbdw5wdfbzsF3WVcjtmL9n45HqnBCIBX-nIbUYAAP9OqWcPEP3fevsHcZSiOPjH5K3gRoxehPPuyW_GOzR6DXfBRHwR8JTkOGdNY&sai=AMfl-YSlaXLjc38g1OW4vOZz7THxhARTi1e3YxlzJfBNl11jLoDRYXzj_R_7yAlAln2JULAh9tNpvoa91V7z0apE4PMfh7gMYC3jUze6MTSs8EatnVk2rBux-8_c9i8dFNo&sig=Cg0ArKJSzHO7ejI3N3E2EAE&uach_m=[UACH]&adurl=
Frame ID: 0E1B61C8442373EB7EEC55E05ED83CB3
Requests: 7 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKRnJFCRLcY8jgsLNmjWuqMJ35fU0sOnOcejYG_SHAAmgXw_Go3t4EdPmNHXJ0-P2N1NP6LCmNJu2kkLF7EOxOmflnZRib3fpzfWJtMSAkeMcF_oDf4FBQiFNZAzSG6pyF5c4IRUPzMW09TQrsKE7zXs8KoS0obtP06dhYSUsXOxMzMYinGfgGySDtltZGIAAA2uVd45_LyQzOtyWQrzElPHtHaj_Mjk8_rz3jYJl-b3ed8EB91W2zSwuzw5o9yjbjUQTct2ccnD10OanWet2bXfsjgVZIvxmHT2hVyLEWGKxOgnqe1yGdX4RLNgl0IzoY1P1LZulZOQ_Quhcyw_XTfeJdfsypM3afltA&sai=AMfl-YTAQ4co4VfhBbtr7ICg9miMK58CoGDPlngHagsJq3fnVLmXU-0FHXxFviYSgtwe-rRTHlbBo48V_o9q_hnlY9LgJmAyRoK7n__VCdTyhjqklHN89-b8VwsnJ2y0vLI&sig=Cg0ArKJSzNOV1AS_PNsuEAE&uach_m=[UACH]&adurl=
Frame ID: 67829CFA2F6E94E1EA41924020CD55FE
Requests: 7 HTTP requests in this frame
Frame:
https://ml314.com/utsync.ashx?eid=89860&et=0&dc=Mercer_Canada_Limited&cb=1203258409
Frame ID: CA1336C44260B3F6A729CC56FFF35E11
Requests: 3 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8B04D0FB4524E70374E304A05DBCA56
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 2454B2020603109D2F963D146DEE9FEA
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Benefits and Pensions MonitorPage URL History Show full URLs
-
https://www.bpmmagazine.com/
HTTP 301
https://www.benefitsandpensionsmonitor.com/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Underscore.js (JavaScript Libraries) Expand
Detected patterns
- underscore.*\.js(?:\?ver=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.bpmmagazine.com/
HTTP 301
https://www.benefitsandpensionsmonitor.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
- https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXmmPOdEGlZOUaeXaIhCpbCyc24BArfNtw96iV58NLbQ0MlpIlj22NkA9A9_MfwSf_ednFYZqUA526B1N248v7hKdS4BGO92mphiEPfr8cQ502QHSvwFMkmORnOqT-HYtPzLqKEB4cV4x5rUK84u8Gi0A-heBoopmZlwlCsc9w0HTViHSr_chnwHRiNDLlklZzOxek37YnqrP56n4Gch9d9IUB56YTpmy3ZYPALIHD2yBImOPODOjGaAgA8lmZjeYSX3sNU-wPSajRxRBgxET1sTx6FcgeZL6DbyMUI2TruQ8Dprc9DZqHz6Mn4Nt0GAERpGJlHAqOFDaSIIH2MZl0Bl8sW6-hmCtl_KvXPXdJU1MQ_xQ&sai=AMfl-YSQvB82tXMtCJAkF85ao77n3IER4GgSUNiHDE-cXoSRLrTTzTu09mxghZVIzvWRXdvozgFSS97ijrhoFY-TACcRbHJ3NMNHQ_WZvvUgsVcZTkMZ1hnW88XGOX8m_w0&sig=Cg0ArKJSzDM8UO-43DJvEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/938868486417794075? HTTP 302
- https://tpc.googlesyndication.com/simgad/938868486417794075
- https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3638205844146356254&redir= HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3638205844146356254&redir=
- https://idsync.rlcdn.com/395886.gif?partner_uid=3638205844146356254 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzODIwNTg0NDE0NjM1NjI1NBAAGg0IiLjFpwYSBQjoBxAAQgBKAA HTTP 307
- https://ml314.com/csync.ashx?fp=5904e7c8a7969fc55114a1d5569bb958c9c54e874112e62a111703f15e9f13e0f4cb09cee1a4f8eb&person_id=3638205844146356254&eid=50082
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
- https://ml314.com/utsync.ashx?eid=53819&et=0&fp=0af96244-d699-40fe-b695-33241c7aa728&gdpr=0&gdpr_consent= HTTP 302
- https://ml314.com/csync.ashx?fp=0af96244-d699-40fe-b695-33241c7aa728&person_id=3638205844146356254&eid=53819
- https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638205844146356254 HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3638205844146356254 HTTP 302
- https://ml314.com/csync.ashx?fp=5fd60f2e2dba0ec7241206ac02137610&eid=50146&person_id=3638205844146356254
- https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
- https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2vN5fvbthjyA2OGGXQKKam1tFH-R6bj7Pp0fick4f24Q&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
- https://ml314.com/csync.ashx?fp=2vN5fvbthjyA2OGGXQKKam1tFH-R6bj7Pp0fick4f24Q&person_id=3638205844146356254&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
- https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
111 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.benefitsandpensionsmonitor.com/ Redirect Chain
|
71 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.15.1/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.css
www.benefitsandpensionsmonitor.com/css/ |
118 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638290912571681806.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=680,h=408,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
16 KB 17 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638290911054983064.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
3 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638290909374512516.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
3 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0270_638290901412110383.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/us/036/ |
3 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0416_638235740276059227.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
3 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0380_638243366583363374.png
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
4 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0379_638259010816384828.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=260,h=156,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
8 KB 8 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
99 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-white.svg
www.benefitsandpensionsmonitor.com/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.js
www.benefitsandpensionsmonitor.com/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
cdn.sajari.com/embed/1/ |
210 B 726 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
153 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.2.min.js
js.monitor.azure.com/scripts/b/ |
119 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ |
78 KB 79 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ |
77 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0416_638240720879273421.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=160,h=223,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
10 KB 11 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0405_638290914930727478.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
5 KB 5 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0379_638260712350258409.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0379_638271244057343798.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0416_638236786968401602.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=150,h=90,f=auto/https://cdn-res.keymedia.com/cms/images/ca/159/ |
1 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-gray.svg
www.benefitsandpensionsmonitor.com/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame 5B40 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
cdn.sajari.com/embed/2.24.0/ |
818 KB 248 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/ |
403 KB 127 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
56 B 74 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.min.js
c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/ |
67 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.aspx
ml314.com/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
266 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7ffa76c6581fa1e4
www.benefitsandpensionsmonitor.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5B40 |
0 577 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fancybox_sprite.png
www.benefitsandpensionsmonitor.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
254 KB 28 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB2C |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utsync.ashx
ml314.com/ |
644 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ud.ashx
in.ml314.com/ |
20 B 482 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/cid/ |
24 B 471 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/948015301/ |
42 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.ca/pagead/1p-user-list/948015301/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 267 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 1D99 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 1D99 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D99 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5309217833160978465
tpc.googlesyndication.com/simgad/ Frame 1D99 |
99 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 1D99 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utsync.ashx
ml314.com/ Frame EBDB |
43 B 63 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame EBDB |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame EBDB |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBDB |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2453369684630933724
tpc.googlesyndication.com/simgad/ Frame EBDB |
131 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame EBDB |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utsync.ashx
ml314.com/ Frame F827 |
43 B 63 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame F827 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F827 |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F827 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8141981464877924056
tpc.googlesyndication.com/simgad/ Frame F827 |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame F827 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame AB66 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame AB66 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB66 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2835067271640315872
tpc.googlesyndication.com/simgad/ Frame AB66 |
84 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame AB66 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 0E1B |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 0E1B |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E1B |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13750746038314746937
tpc.googlesyndication.com/simgad/ Frame 0E1B |
101 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 0E1B |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 6782 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 6782 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6782 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2067408762714973922
tpc.googlesyndication.com/simgad/ Frame 6782 |
120 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 6782 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utsync.ashx
ml314.com/ Frame CA13 |
43 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
938868486417794075
tpc.googlesyndication.com/simgad/ Frame CA13 Redirect Chain
|
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1D99 |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame EBDB |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F827 |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame AB66 |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 0E1B |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 6782 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0
c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/ |
129 KB 17 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/c/ |
35 B 387 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
csync.ashx
ml314.com/ Redirect Chain
|
43 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
csync.ashx
ml314.com/ Redirect Chain
|
43 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
csync.ashx
ml314.com/ Redirect Chain
|
43 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame CA13 |
212 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 1D99 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame F827 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame EBDB |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 0E1B |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame AB66 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
view
securepubads.g.doubleclick.net/pcs/ Frame 6782 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.js
c.lytics.io/static/ |
102 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.css
c.lytics.io/static/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keymedia-overrides.css
s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/ |
58 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
c.lytics.io/api/program/campaign/config/04efff7793bfc7d9b702b19cc7b0db31/ |
399 B 529 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D99 |
42 B 108 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame EBDB |
42 B 404 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
eastus-8.in.applicationinsights.azure.com//v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
eastus-8.in.applicationinsights.azure.com//v2/ |
49 B 159 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8B0 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 2454 |
829 B 978 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
pagead2.googlesyndication.com/bg/ Frame A8B0 |
38 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 2454 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame A8B0 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| googletag object| dataLayer object| appInsights function| whichTransitionEndEvent function| dismissIntromercial function| _ function| ListPager function| requestPostitialOnScroll object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| GooglebQhCsO object| jstag object| _ml object| regeneratorRuntime undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| __lytics__jstag__ undefined| u_286600047629661060 function| e object| n string| t object| r object| o object| a string| u object| c object| s object| f object| d object| Microsoft object| __dynProto$Gbl function| onYouTubeIframeAPIReady undefined| u_441902720920983800 object| pathfora object| GoogleGcLKhOms object| google_image_requests27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.benefitsandpensionsmonitor.com/ | Name: ARRAffinity Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9 |
|
.www.benefitsandpensionsmonitor.com/ | Name: ARRAffinitySameSite Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9 |
|
.benefitsandpensionsmonitor.com/ | Name: _gcl_au Value: 1.1.818068964.1693539335 |
|
.benefitsandpensionsmonitor.com/ | Name: cf_clearance Value: m8BjbjFn2mWbKZAQAmBwAUbDyYcTAw8wFPb_LY9Jbfg-1693539335-0-1-26f6478b.cb8def34.71f7186b-0.2.1693539335 |
|
.www.benefitsandpensionsmonitor.com/ | Name: seerses Value: e |
|
www.benefitsandpensionsmonitor.com/ | Name: ai_user Value: 7nafnsLy83xW3wHGkI7Crp|2023-09-01T03:35:35.424Z |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlAMbjiZfsn-CLP-WhHEw46LdzF0y50W9Nwo06Iefpq8SGg9NOEhOXGSP7afN4 |
|
.benefitsandpensionsmonitor.com/ | Name: _ga_6PGJWLVE01 Value: GS1.1.1693539335.1.0.1693539335.0.0.0 |
|
.benefitsandpensionsmonitor.com/ | Name: _ga Value: GA1.1.369381993.1693539335 |
|
.benefitsandpensionsmonitor.com/ | Name: __gads Value: ID=eaac3d74621d1692:T=1693539335:RT=1693539335:S=ALNI_MZJGuRNNQOVZbKklOmON9Qnoyc-rA |
|
.benefitsandpensionsmonitor.com/ | Name: __gpi Value: UID=00000d8f3d41df51:T=1693539335:RT=1693539335:S=ALNI_ManSdIKFMDOH5kCC3C5mGtUnjWvPw |
|
.ml314.com/ | Name: u Value: aHR0cHM6Ly93d3cuYmVuZWZpdHNhbmRwZW5zaW9uc21vbml0b3IuY29tLw== |
|
.ml314.com/ | Name: pi Value: 3638205844146356254 |
|
.ml314.com/ | Name: tp Value: 4%3b8%2f31%2f2023+11%3a35%3a35+PM%3b0 |
|
.www.benefitsandpensionsmonitor.com/ | Name: seerid Value: 5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0 |
|
.lytics.io/ | Name: seerid Value: 5cb8e04d-c2f1-48b0-bc91-18c36efbd0e0 |
|
.rlcdn.com/ | Name: rlas3 Value: 5fXoG6GPp/uY4Q/EazdVNp6h0Ad5+BMAiuRad3KELjk= |
|
.demdex.net/ | Name: demdex Value: 33726384873974857122814781702604803842 |
|
.adsrvr.org/ | Name: TDID Value: 0af96244-d699-40fe-b695-33241c7aa728 |
|
.eyeota.net/ | Name: mako_uid Value: 18a4ecf804b-3fba0000010a4c4e |
|
.eyeota.net/ | Name: SERVERID Value: 19534~DM |
|
.rlcdn.com/ | Name: pxrc Value: CIi4xacGEgUI6AcQABIFCNtOEAA= |
|
.dpm.demdex.net/ | Name: dpm Value: 33726384873974857122814781702604803842 |
|
.adsrvr.org/ | Name: TDCPM Value: CAESFgoHZDB0cm8xahILCJCpwZrRqZU8EAUYBSABKAIyCwjWi_bE56mVPBAFOAE. |
|
.crwdcntrl.net/ | Name: _cc_dc Value: 0 |
|
.crwdcntrl.net/ | Name: _cc_id Value: 5fd60f2e2dba0ec7241206ac02137610 |
|
www.benefitsandpensionsmonitor.com/ | Name: ai_session Value: 7Khy/X1mZvKYM98PBsxM/O|1693539337508|1693539337508 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8ed0dd2807d1214372588a06d9698873.safeframe.googlesyndication.com
c.lytics.io
cdn-res.keymedia.com
cdn.sajari.com
cdnjs.cloudflare.com
dpm.demdex.net
eastus-8.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
in.ml314.com
js.monitor.azure.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
ps.eyeota.net
s3.us-west-2.amazonaws.com
securepubads.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
use.fontawesome.com
www.benefitsandpensionsmonitor.com
www.bpmmagazine.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.17.24.14
104.21.78.22
104.26.15.213
104.26.2.22
104.26.8.198
13.107.253.40
142.250.80.104
172.217.13.130
172.217.13.131
172.217.13.138
172.217.13.161
172.217.13.162
172.217.13.163
172.217.13.193
172.217.13.194
172.217.13.196
172.64.102.11
216.239.32.178
34.111.234.236
35.174.26.129
35.190.50.98
35.190.60.146
44.206.56.174
52.188.247.146
52.218.245.104
52.223.40.198
52.55.144.0
54.236.146.227
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
0832abc08ed189fa1e8cb7edf4829b4c9492ed5249641c4e5db34e3e9f7d5b58
09aa06d6fab5091123ebb092899db977cb61633bbd03e4a3734d4f2251a6e54a
0b2b5c06d11b49f1a09b3c617f06d571638820619a918df7141e86d0157a996c
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0ce5ab2ba42b06635fc31861575b5c6d6c0dfd0408f42dbff8e688f49cb5fd2c
0d31a69f7ae0d174b9e6054ebedb533ffa1c85de012409db3fc16fcdf9cc525b
12807f50ffe0732ac3d06433a7c4b9ff18886679969f2f969140cdcab188a9f1
13cf170da16ee0165056ea7d310e09c8a08abd0359a536f4e253763ef18277cc
155d083e71e7ab6e2eb5da29b26f8913c992b80198db9664167bce6808af23b9
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
1cbc79dcc2e338cfddb918cbbd24ec55f691ad11dadcb4dbaf3febc229a9c036
22f7d96cec1bb8460edaad31832a5a5eb464d5fea528118c7ac2de337dafc2e1
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
278fbba3583522a49245597896e90e2c0f993460684f186255e4ca36fff4fd83
2792fa81d4cca0ba021c36ac27ded96d24a6605cad98262885cf3bbdfa1193a9
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d9139eb008a6920449b04b7f2d0f7a2695867ca922bb43436f48c2eb88a9f70
3db368eb2198fb7fabd18447ec5818684af2d37c2d278147e382dd9091908f49
4650d312f8c19f7d298668d579d9fbfebbd6617ec6adf053fc6b1b981ff37295
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d5b1ac53005189384f74813e302b0a37aecef86ed8ebad03303f66c39e3642f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57831e5d0327296d6be29fdbff260ba2d9293e42046ec3dba7b47237c8121bba
58ba5232b0e1a8b412486138c17d3ca160883ff364a4bb78d638c5975c8e112a
5b11731cad9b522e095aa57c5323bc4e60bf5c5ec3ca537507708dc6e4c6596a
60af7613cf5b70b4cd558546dd7ecab78792b7ed6b8effa9545dac4d3aa1fed3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
780ab4a7c1c3d4f6a0f184d02da6b7a1f40d7f6c66de3eaeb98eebd4298f6247
785c1f4b0f336168b4c4a5a048fbdb936d8b0c2c2eac51aed8413c143c41ac37
7db9b9e9c0c8b1e3044085f6c1b663396441f9a9fa64f68dc3bc805add9d3877
7e756ecacf63174d7c0a2b5642afbb213e3a0d420982030bd0ff7625664dd6f2
81b2a42fe9601870364f23ee6cfb94073cfdd6a03a70802a54bd242b88cce769
81f3524a047e935982417031e51ea8b28a6bb30e47d65a65d0c94b88178453ab
821967e98729d5564ad48944dd2434f34a262f13c70ffd886ba9befc7aabced0
9144bec734c58e9d3572af36cff4da4bf48e51fb34480657a8991191ac1d33b1
986234269574843718b280cee20a2027b06a5a4d4ed4a2109e4702c91980ee81
99ae26c1a22048b879b145ace32446b3b92cae268ade305cd6e89bb885b5bcc4
a0f10243baaa03371733f0c4561496cc856b69af89611f4967ae5af94c3c1873
a3944e77604c3af0b15334cfddc46ab697ef0bf9c323f50b7186c90e8b5c13b0
ac449f31778db9344bb6418a7c6508c4e2ca63758ecb1a981c7ff1e3f850e026
aebf9956840a795c31489aa11afd8f9ae40e6b39805e04b6e43c9b57165dca8c
af068428232286206e3d84b7772b98ca92f2a631c7a24834c6f336759964ec8d
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
aff5c482161de24d68eaddba9e083af6a0c933fbfe8a019e8cd9a84fbe5d4786
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3672e8f53d4cd14250c0d76315fa94c7311da3ce7235696d1aa6fa39388dcb6
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bba85d52f419bb9365d86381e26312d66637098838f5a2a5aba5a2a50bd0babe
bef2c56ac4dc5ac6175e313afae36e5ea0f1a1a4e5f717ec0ff66a6f5c8fb74f
c2715bb49acac0e05315dc77f23865fedfdece501545159ef31567892fe5e9f4
c758a5543c7690899adf42a579f60ed96110e2af132187b42ea17dba62c506ef
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d5e0a1dad05d86085ed016e1fba682639854b9a4ba10a755f3392d294666a223
dc765890aaaca37c31fb572ff9db7356e17cb243265b78533e19d97f32752b42
dd9999fadf0bb627e2350c27cdc9e2e9eaf4054833b7431a2a4df092ae3554c9
de5cd45cccf973d02676e44e13c0209769eb7d8cfce2fcf8139238ee982f47ab
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81b1fabcad383b9a055d05d4c601c353872536aa6cd7f83be4e44cebef904f2
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ebfeecc910237be4bc8eb2b537298f796b2ebe688d6f11d11a9cde5c1cc3ec62
ecc48c5d07bc999ce015cb02d037832476425803ebb65d21392c34f8c827121c
ed88c46660034c43015d10f6267203692a277a5bcb4f130a8175f4f0828d53c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1
fdba2f4a459517b25d2cb5d52122aa87296fcbde18c53a2303fd62db13e8db53