www.newsletters.news.com.au
Open in
urlscan Pro
13.238.213.94
Public Scan
Submitted URL: https://click.e.newscorpaus.com.au/?qs=2a0af5cbf1475c367cd51a46d7254f0c3de51173ba870dedff6dc41d11305be2a9277e6747231019e449752c74a0...
Effective URL: https://www.newsletters.news.com.au/newscomau
Submission: On July 14 via api from US — Scanned from DE
Effective URL: https://www.newsletters.news.com.au/newscomau
Submission: On July 14 via api from US — Scanned from DE
Summary
This website contacted 39 IPs
in 5 countries
across 25 domains to perform 102 HTTP transactions.
The main IP is 13.238.213.94, located in
Sydney, Australia and
belongs to AMAZON-02, US.
The main domain is www.newsletters.news.com.au.
TLS certificate: Issued by Amazon on October 18th 2021. Valid for: a year.
This is the only time www.newsletters.news.com.au was scanned on urlscan.io!
TLS certificate: Issued by Amazon on October 18th 2021. Valid for: a year.
This is the only time www.newsletters.news.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
13.111.42.15
(United States)
ASN22606 (EXACT-7, US)
PTR: click.e.newscorpaus.com.au
ASN22606 (EXACT-7, US)
PTR: click.e.newscorpaus.com.au
| click.e.newscorpaus.com.au |
1
13.238.213.94
(Sydney, Australia)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-238-213-94.ap-southeast-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-238-213-94.ap-southeast-2.compute.amazonaws.com
| www.newsletters.news.com.au |
3
104.75.88.194
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
| tags.tiqcdn.com |
7
13.32.99.66
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-66.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-66.fra60.r.cloudfront.net
| static-au.newsletters.news.com.au |
9
2a02:26f0:3500:594::2cc4
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| image.e.newscorpaus.com.au |
1
2.18.233.28
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com
| www.news.com.au |
7
2.18.233.169
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com
| tags.news.com.au |
4
104.89.9.110
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-89-9-110.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-89-9-110.deploy.static.akamaitechnologies.com
| login.newscorpaustralia.com |
6
142.250.74.194
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
| securepubads.g.doubleclick.net | |
| www.googleadservices.com |
3
108.138.4.10
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
| c.amazon-adsystem.com |
1
108.138.7.104
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-104.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-104.fra56.r.cloudfront.net
| ats.rlcdn.com |
1
2600:9000:223c:4200:18:1fcd:351:7bc1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| static.chartbeat.com |
3
13.32.121.72
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
| sb.scorecardresearch.com |
3
2a00:1450:4001:80e::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
13.32.99.93
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-93.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-93.fra60.r.cloudfront.net
| au.tags.newscgp.com |
2
96.16.146.7
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-7.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-7.deploy.static.akamaitechnologies.com
| lps.qantas.com | |
| lpx.qantas.com |
1
18.198.200.35
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-200-35.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-200-35.eu-central-1.compute.amazonaws.com
| bs.serving-sys.com |
1
54.66.250.57
(Sydney, Australia)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-250-57.ap-southeast-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-250-57.ap-southeast-2.compute.amazonaws.com
| pixel.roymorgan.com |
3
2600:9000:2315:6c00:2:42d9:3100:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| cdn-gl.imrworldwide.com |
1
52.222.214.5
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-5.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-5.fra56.r.cloudfront.net
| cdn.adsafeprotected.com |
1
34.239.29.88
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-29-88.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-29-88.compute-1.amazonaws.com
| ping.chartbeat.net |
1
18.202.89.159
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-89-159.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-89-159.eu-west-1.compute.amazonaws.com
| pixel.adsafeprotected.com |
4
2a00:1450:4001:810::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net | |
| adservice.google.com |
4
2a00:1450:4001:828::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
52.222.236.129
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-129.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-129.fra56.r.cloudfront.net
| pagestates-tracking.crazyegg.com |
1
18.66.248.47
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-47.dus51.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-47.dus51.r.cloudfront.net
| assets-tracking.crazyegg.com |
1
34.250.171.64
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-171-64.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-171-64.eu-west-1.compute.amazonaws.com
| tracking.crazyegg.com |
2
54.246.16.130
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-16-130.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-16-130.eu-west-1.compute.amazonaws.com
| secure-sdk.imrworldwide.com |
1
2600:9000:2016:5400:1d:667e:2a40:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d1jiuqw5pin8v9zunb4cvnv1i1pyt1657762680.nuid.imrworldwide.com |
1
35.241.45.82
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
| udc-neb.kampyle.com |
| Domain | Requested by | |
|---|---|---|
| 9 | image.e.newscorpaus.com.au |
www.newsletters.news.com.au
|
| 7 | tags.news.com.au |
tags.tiqcdn.com
|
| 7 | static-au.newsletters.news.com.au |
www.newsletters.news.com.au
|
| 5 | www.google.com |
1 redirects
www.newsletters.news.com.au
tpc.googlesyndication.com |
| 5 | securepubads.g.doubleclick.net |
1 redirects
tags.tiqcdn.com
securepubads.g.doubleclick.net |
| 4 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
www.newsletters.news.com.au tpc.googlesyndication.com |
| 4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com www.newsletters.news.com.au |
| 4 | www.google.de |
www.newsletters.news.com.au
|
| 4 | script.crazyegg.com |
tags.tiqcdn.com
script.crazyegg.com |
| 4 | login.newscorpaustralia.com |
www.news.com.au
www.newsletters.news.com.au login.newscorpaustralia.com |
| 3 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
| 3 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
| 3 | cdn-gl.imrworldwide.com |
tags.news.com.au
cdn-gl.imrworldwide.com |
| 3 | www.googletagmanager.com |
tags.tiqcdn.com
www.googletagmanager.com |
| 3 | sb.scorecardresearch.com |
1 redirects
www.newsletters.news.com.au
|
| 3 | c.amazon-adsystem.com |
tags.tiqcdn.com
c.amazon-adsystem.com |
| 3 | tags.tiqcdn.com |
www.newsletters.news.com.au
tags.tiqcdn.com |
| 2 | secure-sdk.imrworldwide.com |
www.newsletters.news.com.au
|
| 2 | nebula-cdn.kampyle.com |
tags.tiqcdn.com
nebula-cdn.kampyle.com |
| 1 | marketingplatform.google.com |
www.newsletters.news.com.au
|
| 1 | m.doubleclick.net | 1 redirects |
| 1 | adservice.google.com |
securepubads.g.doubleclick.net
|
| 1 | adservice.google.de |
securepubads.g.doubleclick.net
|
| 1 | udc-neb.kampyle.com | |
| 1 | d1jiuqw5pin8v9zunb4cvnv1i1pyt1657762680.nuid.imrworldwide.com |
www.newsletters.news.com.au
|
| 1 | tracking.crazyegg.com |
script.crazyegg.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | assets-tracking.crazyegg.com |
script.crazyegg.com
|
| 1 | pagestates-tracking.crazyegg.com |
script.crazyegg.com
|
| 1 | pixel.adsafeprotected.com |
cdn.adsafeprotected.com
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | lpx.qantas.com |
au.tags.newscgp.com
|
| 1 | ping.chartbeat.net |
www.newsletters.news.com.au
|
| 1 | cdn.adsafeprotected.com |
tags.news.com.au
|
| 1 | pixel.roymorgan.com |
www.newsletters.news.com.au
|
| 1 | bs.serving-sys.com |
www.newsletters.news.com.au
|
| 1 | lps.qantas.com |
tags.tiqcdn.com
|
| 1 | au.tags.newscgp.com |
tags.tiqcdn.com
|
| 1 | static.chartbeat.com |
tags.tiqcdn.com
|
| 1 | ats.rlcdn.com |
tags.tiqcdn.com
|
| 1 | www.news.com.au |
static-au.newsletters.news.com.au
|
| 1 | www.newsletters.news.com.au | |
| 1 | click.e.newscorpaus.com.au | 1 redirects |
| 0 | 630d521d2ac3e673f3a4459773b33d77.safeframe.googlesyndication.com Failed |
securepubads.g.doubleclick.net
|
| 0 | dpm.demdex.net Failed |
tags.news.com.au
|
| 102 | 45 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.news.com.au |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| newsletters.news.com.au Amazon |
2021-10-18 - 2022-11-16 |
a year | crt.sh |
| *.tiqcdn.com DigiCert SHA2 Secure Server CA |
2022-02-27 - 2023-02-28 |
a year | crt.sh |
| akamai-san25.exacttarget.com DigiCert SHA2 Secure Server CA |
2020-06-15 - 2022-09-16 |
2 years | crt.sh |
| news.com.au DigiCert SHA2 Secure Server CA |
2022-02-07 - 2023-02-06 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
| c.amazon-adsystem.com Amazon |
2022-05-09 - 2023-04-18 |
a year | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
| *.chartbeat.com Thawte RSA CA 2018 |
2022-05-06 - 2023-06-03 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
| au.tags.newscgp.com Amazon |
2022-01-11 - 2023-02-08 |
a year | crt.sh |
| qantasloyalty.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-06-28 - 2023-03-01 |
8 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-04-08 - 2023-04-08 |
a year | crt.sh |
| *.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-02-22 - 2023-03-26 |
a year | crt.sh |
| bs.serving-sys.com Amazon |
2022-04-10 - 2023-05-09 |
a year | crt.sh |
| *.scorecardresearch.com Amazon |
2022-01-29 - 2023-02-27 |
a year | crt.sh |
| pixel.roymorgan.com Go Daddy Secure Certificate Authority - G2 |
2021-09-29 - 2022-10-31 |
a year | crt.sh |
| *.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-04 - 2023-02-03 |
a year | crt.sh |
| *.adsafeprotected.com Amazon |
2022-06-21 - 2023-07-20 |
a year | crt.sh |
| *.chartbeat.net Thawte RSA CA 2018 |
2021-12-01 - 2022-12-30 |
a year | crt.sh |
| fw.adsafeprotected.com Amazon |
2022-04-28 - 2023-05-27 |
a year | crt.sh |
| crazyegg.com Amazon |
2022-06-27 - 2023-07-26 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.crazyegg.com DigiCert SHA2 Secure Server CA |
2020-07-26 - 2022-07-23 |
2 years | crt.sh |
| *.nuid.imrworldwide.com Amazon |
2022-05-12 - 2023-06-10 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.newsletters.news.com.au/newscomau
Frame ID: DEC6648683F46C29273610A35B8FF590
Requests: 90 HTTP requests in this frame
Frame:
https://login.newscorpaustralia.com/authorize?client_id=4kpLW1s8YHsjoFv70uRwHdOjIg3sE85A&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.newsletters.news.com.au%2Fauth%2Fcallback&state=ULZNZBGAJ8JM9ZjfUDP2uOSJIaASR77A&nonce=Y2u_jL8Fwp3Hi5NKtPuBRo2TdFeCRQyR&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 8C97BDE12F17120E953EDA73E61DC47E
Requests: 3 HTTP requests in this frame
Frame:
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: A443A9C9B3D1DBDB75DFB8881E58C177
Requests: 3 HTTP requests in this frame
Frame:
https://630d521d2ac3e673f3a4459773b33d77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B7A475B60AF9710CB9A8751A11A1F4AA
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83E188CAD7E04D7CFC8B69A78DFCCC5F
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D3933A76E0DC6ED30AA2E56E2A02B20
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
NewslettersPage URL History Show full URLs
-
https://click.e.newscorpaus.com.au/?qs=2a0af5cbf1475c367cd51a46d7254f0c3de51173ba870dedff6dc41d11305be2a9277e67...
HTTP 302
https://www.newsletters.news.com.au/newscomau Page URL
Detected technologies
Vue.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Crazy Egg
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Prebid
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /prebid\.js
Sizmek
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- serving-sys\.com/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://www.news.com.au/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.e.newscorpaus.com.au/?qs=2a0af5cbf1475c367cd51a46d7254f0c3de51173ba870dedff6dc41d11305be2a9277e6747231019e449752c74a0a235cfce7c5e706f3634
HTTP 302
https://www.newsletters.news.com.au/newscomau Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://sb.scorecardresearch.com/c2/6390601/cs.js HTTP 302
- https://sb.scorecardresearch.com/internal-c2/default/cs.js
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970140527/?random=1657762680566&cv=9&fst=1657762680566&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa7d0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.newsletters.news.com.au%2Fnewscomau&tiba=Newsletters&hn=www.googleadservices.com&async=1 HTTP 302
- https://www.google.com/pagead/1p-user-list/970140527/?random=1657762680566&cv=9&fst=1657760400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa7d0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.newsletters.news.com.au%2Fnewscomau&tiba=Newsletters&async=1&is_vtc=1&random=1229164030&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-user-list/970140527/?random=1657762680566&cv=9&fst=1657760400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa7d0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.newsletters.news.com.au%2Fnewscomau&tiba=Newsletters&async=1&is_vtc=1&random=1229164030&resp=GooglemKTybQhCsO&ipr=y
- https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7g1fVGjYZsuDTdaLIuGIFLenD9Fl-EtfJcqkXvIoH4l3n_u5_W-Y77QlDv3lUWYG-oVDyoqwSHoir6aIKdcKkmrXse21h-lvU-JU5-ReR_dDnPtcmrHDOjQV-BNfi92cDC4tNrEdLklc_9ASer0FbTC3tnWpIQ6tckj6wS3ZVNWYNBZxdyRUct1MuRV7KHLm2_W_YLpOy6f2-0zrcqQ_RFAPTmbEzBNgofl09IjXhJ6QbHAAeXtDhqum6F91fQbwBv799qq9zZ3ykF9AT4haLG0B8HFhkxcrym1cvTl6oeP7R7EcVjfW_MfnuYIcfBjzES0zGGHdBXzDT-3jWlJ_Z&sig=Cg0ArKJSzKaNYpILm6apEAE&uach_m=[UACH]&urlfix=1&adurl=http://m.doubleclick.net HTTP 302
- https://m.doubleclick.net/ HTTP 301
- https://marketingplatform.google.com/about/enterprise/
102 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
newscomau
www.newsletters.news.com.au/ Redirect Chain
|
226 KB 226 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/newsltd/news/prod/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
manifest.85f4f337e94b40a6c472.js
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/nca/ |
828 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor.2a991ac770ad01a003cc.js
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/nca/ |
340 KB 101 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.f63f23ebd1dcfccd2abc.js
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/nca/ |
134 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.f63f23ebd1dcfccd2abc.css
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/nca/ |
39 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nca.svg
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/logos/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1e53bc9f-daca-4221-b7a8-e479230ddf38.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/8/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nca-white.svg
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/logos/ |
13 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1a8f5258-f5fd-42e1-880c-3606db9728eb.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/8/ |
109 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
14289412-21ed-40bb-b4af-18478f053817.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/11/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b9687ee0-db20-4187-ad23-5918ca30d5d5.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/7/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
c34c8d10-985e-4a26-b0c5-56ac9c69417f.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/7/ |
85 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
c7896b21-82db-4b16-9394-ebb7803b4c25.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/6/ |
110 KB 111 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
735e5970-3f6d-4f98-8871-f06a52e56a58.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/7/ |
77 KB 78 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a282d959-3eb6-4f1a-8574-156935c68687.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/6/ |
139 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f7716d56-dfa4-41d0-bd98-f0e0d182302e.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/11/ |
115 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
EvaBold.woff
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/EvaBold-export/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EvaBold.ttf
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/EvaBold-export/ |
60 KB 60 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/newsltd/news/prod/ |
201 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rampart.js
www.news.com.au/remote/identity/rampart/latest/ |
276 KB 82 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utrack.js
tags.news.com.au/prod/utrack/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mitas.js
tags.news.com.au/prod/mitas/ |
666 B 905 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ |
63 B 409 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
authorize
login.newscorpaustralia.com/ Frame 8C97 |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tad.js
tags.news.com.au/prod/tad/ |
89 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
81 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
140 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid.js
tags.news.com.au/prod/prebid/ |
362 KB 111 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ats.js
ats.rlcdn.com/ |
109 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nielsen.js
tags.news.com.au/prod/nielsen/ |
25 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chartbeat_video.js
static.chartbeat.com/js/ |
70 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
metrics.js
tags.news.com.au/prod/metrics/ |
182 KB 62 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cs.js
sb.scorecardresearch.com/internal-c2/default/ Redirect Chain
|
0 368 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ncg.js
au.tags.newscgp.com/prod/ncg/ |
155 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sp.js
lps.qantas.com/ |
2 B 378 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2988.js
script.crazyegg.com/pages/scripts/0018/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 202 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ActivityServer.bs
bs.serving-sys.com/Serving/ |
0 105 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b
sb.scorecardresearch.com/ |
0 189 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Tress.php
pixel.roymorgan.com/stats_v2/ |
0 354 B |
Image
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PA29B4FFF-94A8-4A65-AA29-3329DFE3AEC3.js
cdn-gl.imrworldwide.com/conf/ |
32 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iasPET.1.js
cdn.adsafeprotected.com/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
csp-reports
login.newscorpaustralia.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4296db97
login.newscorpaustralia.com/akam/13/ Frame 8C97 |
26 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HxUQCs
login.newscorpaustralia.com/nR6tI_/x74ysb/C/hEl/h-9xsWo1/ic5EhQthXY/BUYyEwh-WAY/F2xYY/ Frame 8C97 |
84 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
id
dpm.demdex.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl_2022071101.js
securepubads.g.doubleclick.net/gpt/ |
375 KB 128 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
214 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ping
ping.chartbeat.net/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2988.json
script.crazyegg.com/pages/data-scripts/0018/ |
29 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
tp2
lpx.qantas.com/com.snowplowanalytics.snowplow/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
tp2
lpx.qantas.com/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
40 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
103 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
103 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11.1.458.js
script.crazyegg.com/pages/versioned/common-scripts/ |
86 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
0 320 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pub
pixel.adsafeprotected.com/services/ |
254 B 497 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ |
195 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2988.json
script.crazyegg.com/pages/sampling-data-scripts/0018/ |
2 KB 636 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/970140527/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/970140527/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/970140527/ Redirect Chain
|
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
healthcheck
pagestates-tracking.crazyegg.com/ |
19 B 460 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
healthcheck
assets-tracking.crazyegg.com/ |
19 B 460 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
350d2f54-4491-4738-9655-a1069b825e10
https://www.newsletters.news.com.au/ |
53 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame A443 |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/970140527/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/970140527/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/970140527/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/970140527/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 451 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clock
tracking.crazyegg.com/ |
28 B 135 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame A443 |
44 B 721 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
d1jiuqw5pin8v9zunb4cvnv1i1pyt1657762680.nuid.imrworldwide.com/ Frame A443 |
35 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
f05a3c7e-0b9d-4a16-b5f6-0c4388dfe342
https://www.newsletters.news.com.au/ |
218 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic1657703026981.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ |
497 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gn
secure-sdk.imrworldwide.com/cgi-bin/ |
44 B 597 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
5 KB 3 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
14 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
container.html
630d521d2ac3e673f3a4459773b33d77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7A4 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
marketingplatform.google.com/about/enterprise/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83E1 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
aframe
www.google.com/recaptcha/api2/ Frame 5D39 |
783 B 535 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 5D39 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js
pagead2.googlesyndication.com/bg/ Frame 83E1 |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 83E1 |
0 9 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static-au.newsletters.news.com.au
- URL
- https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/EvaBold-export/EvaBold.woff
- Domain
- dpm.demdex.net
- URL
- https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1657762680344
- Domain
- lpx.qantas.com
- URL
- https://lpx.qantas.com/com.snowplowanalytics.snowplow/tp2
- Domain
- 630d521d2ac3e673f3a4459773b33d77.safeframe.googlesyndication.com
- URL
- https://630d521d2ac3e673f3a4459773b33d77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Verdicts & Comments Add Verdict or Comment
159 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| FontFaceObserver object| utag_data string| vuePublicPath object| __INITIAL_STATE__ function| isMobileDevice function| webpackJsonp function| setImmediate function| clearImmediate boolean| utag_condload boolean| isAsync function| httpGetAsync function| parseResponse object| utag object| _gaq object| pageTracker number| _sf_startpt object| _sf_async_config object| _cbq object| ns_ object| ns_p function| udm_ function| ns_order function| ns_onclick boolean| __tealium_twc_switch object| utag_cfg_ovrd string| gtagRename object| dataLayer function| gtag object| newskey object| m object| nb function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| rampart object| authy object| loginStatusPromise object| ads_api number| gptPluginLoaded object| apstag number| gcTicker boolean| cb_ad_run object| sectionData number| _sf_endpt number| c object| GlobalSnowplowNamespace function| launchpad object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| ads_core object| ads_extra object| googletag function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET number| AMAZON_APS_TIMEOUT object| kw_ignore object| mready object| ats object| metrics object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| ggeac object| google_tag_data object| google_js_reporting_queue object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| pbjsChunk object| pbjs object| _pbjsGlobals object| KAMPYLE_EMBED object| google_tag_manager boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL boolean| apstagLOADED object| ncg_data function| _ncg_snowplow object| Snowplow string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL undefined| google_measure_js_timing object| ads_ready object| diagPixSentCodes object| __iasAdRefreshConfig object| CE2BH function| CE_URL_FINGERPRINT function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| gaplugins object| gaGlobal object| gaData object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .news.com.au/ | Name: utag_main Value: v_id:0181fa5b087a00077147680c56bc03073002d06b00b08$_sn:1$_se:1$_ss:1$_st:1657764478907$ses_id:1657762678907%3Bexp-session$_pn:1%3Bexp-session |
|
| login.newscorpaustralia.com/ | Name: did Value: s%3Av0%3A983af2b0-0315-11ed-b5c0-e54bc1c14408.pf8b3tLLgH1pQtrQSkRNVLPtRlUOeNoluykRCy%2BGY%2Bo |
|
| .news.com.au/ | Name: nc_eu Value: y |
|
| .news.com.au/ | Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C19188%7CvVersion%7C5.1.1 |
|
| .news.com.au/ | Name: _cb Value: Dgr-GDBRcCV07MEU7 |
|
| .news.com.au/ | Name: _chartbeat2 Value: .1657762680384.1657762680384.1.BW7O68Bc2mL-sYiy_DroCtQB2ByoR.1 |
|
| .news.com.au/ | Name: _cb_svref Value: null |
|
| .news.com.au/ | Name: _sp_ses.2a92 Value: * |
|
| .news.com.au/ | Name: _sp_id.2a92 Value: 0092023e-a9c8-410f-87d2-91b0bfc2c79f.1657762681.1.1657762681.1657762681.19b1f9e8-d6fe-4b2d-a909-89a37c96479f |
|
| .news.com.au/ | Name: _gcl_au Value: 1.1.1995726465.1657762681 |
|
| .news.com.au/ | Name: cebs Value: 1 |
|
| .news.com.au/ | Name: _ce.s Value: v~b1c84e19161e00e52f2900338e5bc0847f74e9c2~vpv~0 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .news.com.au/ | Name: nol_fpid Value: vqkwoc1io9wjnmooc4jg1dqasborl1657762680|1657762680624|1657762680624|1657762680624 |
|
| .news.com.au/ | Name: _ga Value: GA1.3.1918028015.1657762681 |
|
| .news.com.au/ | Name: _gid Value: GA1.3.872968116.1657762681 |
|
| .news.com.au/ | Name: _gat_gtag_UA_31428401_1 Value: 1 |
|
| .news.com.au/ | Name: _gat_gtag_UA_3922003_31 Value: 1 |
|
| .news.com.au/ | Name: cebsp Value: 1 |
|
| .imrworldwide.com/ | Name: IMRID Value: 98a24000-0315-11ed-b0fa-699f6f67dc1a |
|
| www.newsletters.news.com.au/ | Name: mdLogger Value: false |
|
| www.newsletters.news.com.au/ | Name: kampyle_userid Value: 262e-2d61-37be-b50c-0f8e-2789-31e6-9e07 |
|
| www.newsletters.news.com.au/ | Name: kampyleUserSession Value: 1657762681512 |
|
| www.newsletters.news.com.au/ | Name: kampyleUserSessionsCount Value: 1 |
|
| www.newsletters.news.com.au/ | Name: kampyleSessionPageCounter Value: 1 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
630d521d2ac3e673f3a4459773b33d77.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
assets-tracking.crazyegg.com
ats.rlcdn.com
au.tags.newscgp.com
bs.serving-sys.com
c.amazon-adsystem.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
click.e.newscorpaus.com.au
d1jiuqw5pin8v9zunb4cvnv1i1pyt1657762680.nuid.imrworldwide.com
dpm.demdex.net
googleads.g.doubleclick.net
image.e.newscorpaus.com.au
login.newscorpaustralia.com
lps.qantas.com
lpx.qantas.com
m.doubleclick.net
marketingplatform.google.com
nebula-cdn.kampyle.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.roymorgan.com
sb.scorecardresearch.com
script.crazyegg.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
static-au.newsletters.news.com.au
static.chartbeat.com
stats.g.doubleclick.net
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
tracking.crazyegg.com
udc-neb.kampyle.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.news.com.au
www.newsletters.news.com.au
630d521d2ac3e673f3a4459773b33d77.safeframe.googlesyndication.com
dpm.demdex.net
lpx.qantas.com
static-au.newsletters.news.com.au
104.75.88.194
104.89.9.110
108.138.4.10
108.138.7.104
13.111.42.15
13.238.213.94
13.32.121.72
13.32.99.66
13.32.99.93
142.250.74.194
151.101.65.175
18.198.200.35
18.202.89.159
18.66.248.47
2.18.233.169
2.18.233.28
2600:9000:2016:5400:1d:667e:2a40:93a1
2600:9000:223c:4200:18:1fcd:351:7bc1
2600:9000:2315:6c00:2:42d9:3100:93a1
2606:4700::6813:9308
2a00:1450:4001:802::2006
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9c
2a02:26f0:3500:594::2cc4
34.239.29.88
34.250.171.64
35.241.45.82
52.222.214.5
52.222.236.129
54.246.16.130
54.66.250.57
96.16.146.7
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ca4fed8b7af25e772216a63d615c13c506a834410030227d0c88e05104e913e
0d68d26abc07bb5f9752dedf291177e9d7b80e89907d59cdf119d14e456f62fe
14e7bcf1c9efc74e5d4c8e62e47427e327092df9f6e1e6c8673a0972ff3fd5d7
18f9608125b428ccdb0482bf5f0640d4c7a4f30f4c1a4917acebaa4e6c0f3d0a
24a531bee9ddb9cfbc7d574c5f291761117adda0f1234dc6c1524e0d43ff28f0
28dc339a708fff82a0c823c71d4eb234310aa11f9f20a424bcbca346fa687490
29c2f64b4510a543a0b3eebe54169182b6498f4dfa34137bf7ed16d6a49402bf
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
306dc78e5fdc74e2ab81abe2277389088e4e37de2d944d28a7e4df43b9cc8e19
31031d8e89cb1b7397456fc89cd2b0e0890205aa3adb579aa6eb9102de92de91
3c9fc1dffd313c3b6c7795380a9bd3bdf90c224b0d2ae255bc8a0beedc5dabd5
3ef0089e5465f031423616b70462848ad61e5d45ec785f6e1fecc1ba5a73ced3
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12
45a9ec54fa8801b82f40f8027a1fd651ce046db120b23614c7cf28a345ec3b47
4911c03bf676a1f0458bb95220fb44f62a6206bd0ba244b5014da8d69968960f
49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4bae930404c6a7b5cca2ae3896f06c564a363f9ff1b8457ecadf5607544dd011
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c536427c8bf34e26e7c7b0eb7a9d9451053ba58fd941bbb6b4ac0ab84b2b41
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ecea56d7942b6727e7cf4b3af161fb9a498ffba739bfe54a7929fc0fec1fd7
679f6c87cc2e48d7a3049c879beab6c6f028c1f85c688adb246c2854dc5f911f
682992e24e17194e62b22c3d0cbd761221a2ec6ba3111bbd6c4fbd1b95e8a65f
6a3146cf345f1df4ab8e3d765da96f540b1b32e5d4888528246a3b4548f44242
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
715a04e3152423b14cb30eaea1ccdd290099a301d990ec3dca85cc7983210576
799175eadef91f466c5a4865be0da9a4ee3657db47e8a0432e96ce68ded50d5a
7f36781534389f6eb47fd07af5b1a68ccb1ff801593b3ba8304e5a06ac16813b
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fc4889a5290d2fc59cd913c5194170e50baca560d57e6cec25c4ad3b8880983
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
90c4c427938478774a6fa999f9b8ebcb06239bf770b070c6fc52e1e18724f47b
94521fc002ff489934490aeb53bd0441a7fe61bdb23c8c16ae3c32a53daaab0a
9c94aa07493e96bfc18ced06b4e54efa364c5f82c4b4b94bd3dfd6165a8e0cf8
9e0aa3fdf1421f1e2d9534c599c12bc5056f1441c293cba07add3b2b80811007
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2af01613c61301f3c1307b136a19cff3fadbd22f37f3df5bdd85d18e5758cc8
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a481224d71bdfa7d8eb04be3f729f485a1ed42e6c3904a1ece87919363bfe1
a5df78ae95a37eebd832cef6eb446a51549c9913016d5bd34b78a5cd1a103346
af308c755c8e6c66b90a656aab9ec88ebd6fc319f465c0876ef28ba7fa0310a3
b2d86070fb3339b5f71592d7d5d655c3dcaff1210e8ed6e47cfde3001f29b89a
b50f1fcbe5e65b5a4374060b57a1d7713205661c72f4020fdae76b20a0f09205
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d5a56223ad20fafe755a68fb064d84f0a8f43c3375339ed5173e8c2c869dc0fe
d9d57dd334f4028caf4e67e84a42f79dc6c584dec3f165746084de82f1dbab91
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df495c6a055b3616e655e1347387b18afd04a61cd2061cbd8e9a2713c7823e13
e12f93ac383bf590936d5f9e4f18618cd9c4ab8ef6303ee78ca565b5e2a889b2
e36cd7df70c1e2237b3fcaa33e81c267663a22829eec32ff9320e099441ff6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c842ef3d3c7782c87a138232ec9eb1151c312075036d03da300a0d61e8472a
e45e5e36aa9728fb4e80ddea56241e81f075498656e2d6c81e1d53a2f9abc97a
edbd4e1158da209902d5d90eef94f40af28482f57b23e76f33e1dddbf26015ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a21ef6d5f3dfc5d04d4dbbde5998504b73c7c13783b2090bcac4e218e7975f
f270f24bc218342b7704aa359f208608552a3bcdddecb3d2acad634d93dbd46a
f9a88cf0479e55583c2dad64849e4a462ac3d5a74177df936b4187031b3384b2
fd806cec4a8bd60df37fd32825d8037906c9e5d2179ff127c17007a3dd83ea73
feab7a873c42e81f5def90df81ffd06f0970fdc088ad0632559e03e32e32d038