www.nrma.com.au
Open in
urlscan Pro
104.111.239.143
Public Scan
Submitted URL: https://nrma.com.au/
Effective URL: https://www.nrma.com.au/
Submission: On March 20 via automatic, source alexatop100k
Effective URL: https://www.nrma.com.au/
Submission: On March 20 via automatic, source alexatop100k
Summary
This website contacted 11 IPs
in 4 countries
across 9 domains to perform 66 HTTP transactions.
The main IP is 104.111.239.143, located in
Amsterdam, Netherlands and
belongs to AKAMAI-AS - Akamai Technologies, Inc., US.
The main domain is www.nrma.com.au.
TLS certificate: Issued by Entrust Certification Authority - L1M on February 22nd 2019. Valid for: 2 years.
This is the only time www.nrma.com.au was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1M on February 22nd 2019. Valid for: 2 years.
This is the only time www.nrma.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 168.140.182.58 168.140.182.58 | 10128 (IAG-AS-AP...) (IAG-AS-AP Optus Customer Network) | |
| 1 40 | 104.111.239.143 104.111.239.143 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 35.190.50.98 35.190.50.98 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 10 | 68.232.35.180 68.232.35.180 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 5 | 54.194.25.183 54.194.25.183 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 3 | 13.73.104.83 13.73.104.83 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 2 4 | 172.217.16.166 172.217.16.166 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 52.213.58.51 52.213.58.51 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 | 192.243.245.8 192.243.245.8 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 1 1 | 66.117.28.86 66.117.28.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 2 | 35.186.249.253 35.186.249.253 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 66 | 11 |
40
104.111.239.143
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-239-143.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-239-143.deploy.static.akamaitechnologies.com
| www.nrma.com.au | |
| apps.nrma.com.au |
1
35.190.50.98
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 98.50.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 98.50.190.35.bc.googleusercontent.com
| cdn.sajari.com |
10
68.232.35.180
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| tags.tiqcdn.com |
5
54.194.25.183
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-25-183.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-25-183.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
3
13.73.104.83
(Melbourne, Australia)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| nrma.inq.com |
4
172.217.16.166
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f166.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f166.1e100.net
| 5944274.fls.doubleclick.net |
1
52.213.58.51
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
| iag.demdex.net |
2
192.243.245.8
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: nrma.com.au.ssl.sc.omtrdc.net
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: nrma.com.au.ssl.sc.omtrdc.net
| metrics.nrma.com.au |
1
66.117.28.86
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
| cm.everesttech.net |
2
35.186.249.253
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 253.249.186.35.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 253.249.186.35.bc.googleusercontent.com
| media-aus.inq.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 43 |
nrma.com.au
2 redirects
nrma.com.au www.nrma.com.au apps.nrma.com.au metrics.nrma.com.au |
416 KB |
| 10 |
tiqcdn.com
tags.tiqcdn.com |
156 KB |
| 6 |
demdex.net
2 redirects
dpm.demdex.net iag.demdex.net |
3 KB |
| 5 |
inq.com
nrma.inq.com media-aus.inq.com |
166 KB |
| 4 |
doubleclick.net
2 redirects
5944274.fls.doubleclick.net |
1 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
18 KB |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net |
527 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
24 KB |
| 1 |
sajari.com
cdn.sajari.com |
23 KB |
| 66 | 9 |
| Domain | Requested by | |
|---|---|---|
| 39 | www.nrma.com.au |
1 redirects
www.nrma.com.au
nrma.inq.com |
| 10 | tags.tiqcdn.com |
www.nrma.com.au
tags.tiqcdn.com |
| 5 | dpm.demdex.net |
2 redirects
www.nrma.com.au
|
| 4 | 5944274.fls.doubleclick.net |
2 redirects
www.googletagmanager.com
|
| 3 | nrma.inq.com |
tags.tiqcdn.com
www.nrma.com.au media-aus.inq.com |
| 2 | media-aus.inq.com |
nrma.inq.com
|
| 2 | metrics.nrma.com.au |
tags.tiqcdn.com
|
| 2 | www.google-analytics.com |
tags.tiqcdn.com
www.nrma.com.au |
| 1 | cm.everesttech.net | 1 redirects |
| 1 | iag.demdex.net |
tags.tiqcdn.com
|
| 1 | apps.nrma.com.au |
www.nrma.com.au
|
| 1 | www.googletagmanager.com |
tags.tiqcdn.com
|
| 1 | cdn.sajari.com |
www.nrma.com.au
|
| 1 | nrma.com.au | 1 redirects |
| 66 | 14 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.nrma.com.au Entrust Certification Authority - L1M |
2019-02-22 - 2020-09-08 |
2 years | crt.sh |
| *.sajari.com COMODO RSA Domain Validation Secure Server CA |
2018-06-09 - 2020-06-11 |
2 years | crt.sh |
| *.tiqcdn.com DigiCert SHA2 Secure Server CA |
2017-10-25 - 2020-05-13 |
3 years | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| *.inq.com GeoTrust RSA CA 2018 |
2018-02-14 - 2019-12-01 |
2 years | crt.sh |
| *.doubleclick.net Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
| metrics.nrma.com.au Entrust Certification Authority - L1M |
2017-11-27 - 2020-02-26 |
2 years | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.nrma.com.au/
Frame ID: A40AEA06C1E4A412CE8053BAC9D1B415
Requests: 58 HTTP requests in this frame
Frame:
https://5944274.fls.doubleclick.net/activityi;dc_pre=CKO21tGqkeECFYTIdwodVFsNlg;src=5944274;type=rtgexp;cat=retar0;ord=1;num=4124894428091;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product-undefined;u8=0;u9=;u11=1553105977313;u12=;u13=0;u14=;u15=;u17=Tealium-Gtag-Fire;u20=;~oref=https%3A%2F%2Fwww.nrma.com.au%2F
Frame ID: DB8552439305E0DA8EBEC4966857938D
Requests: 1 HTTP requests in this frame
Frame:
https://5944274.fls.doubleclick.net/activityi;dc_pre=COu21tGqkeECFYm8dwods2MMwg;src=5944274;type=prod0;cat=nrmah0;ord=1;num=9595606281711;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product-undefined;u8=0;u9=;u11=1553105977313;u12=;u13=0;u14=;u15=;u17=Tealium-Gtag-Fire;u20=;~oref=https%3A%2F%2Fwww.nrma.com.au%2F
Frame ID: 52C21CBE1BB13C702D09D5DB9C2C76CB
Requests: 1 HTTP requests in this frame
Frame:
https://iag.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 1765E3FC2CD39F8DE73943776F62C37F
Requests: 1 HTTP requests in this frame
Frame:
https://www.nrma.com.au/static/nuance/nuanceChat.html?IFRAME
Frame ID: 8BBFA996A809B9818B2B16804CCC27AF
Requests: 4 HTTP requests in this frame
Frame:
https://nrma.inq.com/tagserver/postToServer.min.htm
Frame ID: D71D399236E01F17C0A62D79B9660A7B
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://nrma.com.au/
HTTP 301
http://www.nrma.com.au/ HTTP 301
https://www.nrma.com.au/ Page URL
Detected technologies
Drupal
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^Drupal$/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^Drupal$/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
Tealium
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /^\/\/tags\.tiqcdn\.com\//i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^jQuery$/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
URL: https://www.mynrma.com.au/customerselfservice/renew/index
Title: Membership
Title: Membership
Search URL Search Domain Scan URL
URL: https://www.insuranceonline.nrma.com.au/insurance-quotes/retrieve/saved-quote.do?theme=nrma
Title: Retrieve a quote
Title: Retrieve a quote
Search URL Search Domain Scan URL
URL: http://thehub.nrma.com.au/
Title: The Hub
Title: The Hub
Search URL Search Domain Scan URL
URL: https://www.facebook.com/nrmainsurance
Title: Facebook
Title: Facebook
Search URL Search Domain Scan URL
URL: https://twitter.com/nrmainsurance
Title: Twitter
Title: Twitter
Search URL Search Domain Scan URL
URL: https://www.instagram.com/nrmainsurance/
Title: Instagram
Title: Instagram
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/nrmainsurance
Title: Youtube
Title: Youtube
Search URL Search Domain Scan URL
URL: https://plus.google.com/+NRMAInsuranceSocial/posts
Title: Google Plus
Title: Google Plus
Search URL Search Domain Scan URL
URL: https://www.insuranceonline.nrma.com.au/insurance-quotes/retrieve/saved-quote.do
Title: Retrieve a quote
Title: Retrieve a quote
Search URL Search Domain Scan URL
URL: https://www.insuranceonline.nrma.com.au/insurance-quotes/retrieve/saved-quote.do?theme=nrmaqld
Title: Retrieve a quote
Title: Retrieve a quote
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/au/app/nrma-insurance/id667318376
Title: App Store
Title: App Store
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.iaglimited.mobile.android.dicustomerapp.nrma
Title: Google Play
Title: Google Play
Search URL Search Domain Scan URL
URL: http://www.sgio.com.au/
Title: SGIO
Title: SGIO
Search URL Search Domain Scan URL
URL: http://www.sgic.com.au/
Title: SGIC
Title: SGIC
Search URL Search Domain Scan URL
URL: http://www.moneysmart.gov.au/
Title: Money Smart
Title: Money Smart
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nrma.com.au/
HTTP 301
http://www.nrma.com.au/ HTTP 301
https://www.nrma.com.au/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 48- https://dpm.demdex.net/id?d_visid_ver=2.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A47356C53E9D4D70A490D44%40AdobeOrg&d_nsid=0&ts=1553105977391 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=2.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A47356C53E9D4D70A490D44%40AdobeOrg&d_nsid=0&ts=1553105977391
- https://5944274.fls.doubleclick.net/activityi;src=5944274;type=rtgexp;cat=retar0;ord=1;num=4124894428091;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product-undefined;u8=0;u9=;u11=1553105977313;u12=;u13=0;u14=;u15=;u17=Tealium-Gtag-Fire;u20=;~oref=https%3A%2F%2Fwww.nrma.com.au%2F HTTP 302
- https://5944274.fls.doubleclick.net/activityi;dc_pre=CKO21tGqkeECFYTIdwodVFsNlg;src=5944274;type=rtgexp;cat=retar0;ord=1;num=4124894428091;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product-undefined;u8=0;u9=;u11=1553105977313;u12=;u13=0;u14=;u15=;u17=Tealium-Gtag-Fire;u20=;~oref=https%3A%2F%2Fwww.nrma.com.au%2F
- https://5944274.fls.doubleclick.net/activityi;src=5944274;type=prod0;cat=nrmah0;ord=1;num=9595606281711;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product-undefined;u8=0;u9=;u11=1553105977313;u12=;u13=0;u14=;u15=;u17=Tealium-Gtag-Fire;u20=;~oref=https%3A%2F%2Fwww.nrma.com.au%2F HTTP 302
- https://5944274.fls.doubleclick.net/activityi;dc_pre=COu21tGqkeECFYm8dwods2MMwg;src=5944274;type=prod0;cat=nrmah0;ord=1;num=9595606281711;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product-undefined;u8=0;u9=;u11=1553105977313;u12=;u13=0;u14=;u15=;u17=Tealium-Gtag-Fire;u20=;~oref=https%3A%2F%2Fwww.nrma.com.au%2F
- https://cm.everesttech.net/cm/dd?d_uuid=35835073179969983471360515644429410038 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XJKEOQAAEcz8ihN_ HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XJKEOQAAEcz8ihN_
66 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.nrma.com.au/ Redirect Chain
|
133 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~OM6lEiwewg399q8rzCRC6mrluopTcn9KV9FPwcvLmjU.js
www.nrma.com.au/feo-cdn/O/M/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~7irjTz3t7AtUPf3AxDEh73PPKH3YEKo-mIQYjLAVxyw.js
www.nrma.com.au/feo-cdn/7/i/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~ayZXYlBqW890_Le6q2zdf0Je4eLBqZvi-bBCWO5XoU4.js
www.nrma.com.au/feo-cdn/a/y/ |
544 B 581 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~36ZZ8cy9dq8WBTSssM15F9V-M8MYCchrWMSpWN1MbA0.js
www.nrma.com.au/feo-cdn/3/6/ |
692 B 644 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~ep3flqMf3FNUzNGNivgbIKPJQ4ExJOJHxT2R7zpH840.js
www.nrma.com.au/feo-cdn/e/p/ |
895 B 738 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~cw0yQbGDFnd4YpMqkr9RdeSt7rwZ82H1NQ1PZJVaAKA.js
www.nrma.com.au/feo-cdn/c/w/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~3_7dMthT9FNEMAvR_kBducegIIYO2D786tZPWb53QdI.js
www.nrma.com.au/feo-cdn/3/_/ |
472 B 562 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~mARFeoYRrsYpZe35qv9HS7wYWsfBYqHtLxRytdU6nEA.js
www.nrma.com.au/feo-cdn/m/A/ |
145 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~H-bqgDc_mb9eqhSVfBxmbgvSdUf32C0EXgLzNxdVnvE.js
www.nrma.com.au/feo-cdn/H/-/ |
442 B 528 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~I8aPFcAdoH5tCGV1lUUFs43G1mc-xd5uJmq0hDJ5MHM.js
www.nrma.com.au/feo-cdn/I/8/ |
1 KB 893 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~Ys05pay2P5x31aWzZPG6fJBtV-NNBFhg9XMNGi-ceV4.js
www.nrma.com.au/feo-cdn/Y/s/ |
2 KB 961 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~5YQ7TDf9pzOMRfuOFvrgSNexsOVeOlZF12ZVjPbv7cc.js
www.nrma.com.au/feo-cdn/5/Y/ |
1 KB 915 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~uDgFgf9uNf0P0UgzubTKu97H0Z2ZHw8YDnxikYRh1UA.js
www.nrma.com.au/feo-cdn/u/D/ |
1 KB 827 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~E30T-APnu_uwqiinMEJB-uHMn7rtuuVPbKBTaCGEIlo.js
www.nrma.com.au/feo-cdn/E/3/ |
5 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~Z6V-QBtxMqVhS_9gDaeG2IqPBLLEPhWxzZOvtqthHpM.js
www.nrma.com.au/feo-cdn/Z/6/ |
14 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~1Mzcnp-wHUcQC0d4G0jTSnlKuycJFe69U1l79xDo8UQ.js
www.nrma.com.au/feo-cdn/1/M/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~UXZ9zHiZBL0UNK_o9DZHvIayFnlZgPUL7cEeWhio_MU.js
www.nrma.com.au/feo-cdn/U/X/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~S1AGs83Lt-zCO29I6Evj9JxM7sKaZkFUG-VGUFICBLc.js
www.nrma.com.au/feo-cdn/S/1/ |
989 B 769 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~kSthCIsS7pHyb2QlImgyD_tUxGwLPEz2ZoByg3-fpiI.js
www.nrma.com.au/feo-cdn/k/S/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~N4cFDjl67qqUvnxJuy2Sj9Ka5Bc6FStT0Cvu3tKSf4E.js
www.nrma.com.au/feo-cdn/N/4/ |
100 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~EHC4m-mFZ8XnShc_Czo3QV9_2orkvyWhNxwEmLK-m74.js
www.nrma.com.au/feo-cdn/E/H/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~geHuCxscRUv_crKtzslIEOUeIHaLtSnTzBaS4YdPdvg.js
www.nrma.com.au/feo-cdn/g/e/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~L3yAEmdbA6f6L9B5ttzOrqdmlRY6Y1dUJK0JpjYcW5Q.js
www.nrma.com.au/feo-cdn/L/3/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~XV4NbRXfKrr1DHrp5kpy5jNIeORXipzASjKF7yvBUoE.js
www.nrma.com.au/feo-cdn/X/V/ |
836 B 687 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JsStore-UTF-8~yFZx7HZ3o_Ky8Va12CG3RrkNbjWMfzPHLlTDoKyQcA0.js
www.nrma.com.au/feo-cdn/y/F/ |
11 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.min.css
www.nrma.com.au/sites/nrma/themes/bravo/css/ |
147 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
www.nrma.com.au/sites/nrma/themes/bravo/ |
10 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mum_daughter_desktop_2.jpg
www.nrma.com.au/sites/nrma/files/nrma/carousel/desktop/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sj.js
cdn.sajari.com/js/ |
73 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/iag/main/prod/ |
160 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/iag/main/prod/ |
261 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header-bg.png
www.nrma.com.au/sites/nrma/themes/bravo/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FSJoeyWeb-Regular.woff
www.nrma.com.au/sites/nrma/themes/bravo/fonts/fs_joey/regular/ |
25 KB 25 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons.woff
www.nrma.com.au/sites/nrma/themes/bravo/fonts/icons/ |
42 KB 43 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
messages
www.nrma.com.au/iag/ajax/ |
5 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
getgeo
www.nrma.com.au/js/geo_location/ |
65 B 368 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
iag-state
www.nrma.com.au/iag/geo-location/ |
68 B 369 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
koala_blue_bottle_hero.jpg
www.nrma.com.au/sites/nrma/files/styles/hero_large_desktop/public/styles/hero_large_desktop_x2/public/nrma/hero_headers/ |
103 KB 103 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
63 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.4.js
tags.tiqcdn.com/utag/iag/main/prod/ |
395 B 397 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.5.js
tags.tiqcdn.com/utag/iag/main/prod/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.7.js
tags.tiqcdn.com/utag/iag/main/prod/ |
57 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.65.js
tags.tiqcdn.com/utag/iag/main/prod/ |
23 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.66.js
tags.tiqcdn.com/utag/iag/main/prod/ |
1014 B 731 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.124.js
tags.tiqcdn.com/utag/iag/main/prod/ |
2 KB 983 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.13.js
tags.tiqcdn.com/utag/iag/main/prod/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
track.gif
apps.nrma.com.au/si/ |
0 156 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
inqChatLaunch10005960.js
nrma.inq.com/chatskins/launch/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 114 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CKO21tGqkeECFYTIdwodVFsNlg;src=5944274;type=rtgexp;cat=retar0;ord=1;num=4124894428091;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product...
5944274.fls.doubleclick.net/ Frame DB85 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=COu21tGqkeECFYm8dwods2MMwg;src=5944274;type=prod0;cat=nrmah0;ord=1;num=9595606281711;gtm=2od3b2;auiddc=2022004631.1553105977;u1=nrma;u2=%2Fhome;u3=;u6=product-undefined;u7=product-...
5944274.fls.doubleclick.net/ Frame 52C2 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ |
527 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
dest5.html
iag.demdex.net/ Frame 1765 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
metrics.nrma.com.au/ |
49 B 545 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Redirect Chain
|
42 B 769 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FSJoeyWeb-Medium.woff
www.nrma.com.au/sites/nrma/themes/bravo/fonts/fs_joey/medium/ |
26 KB 26 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nuanceChat.html
www.nrma.com.au/static/nuance/ Frame 8BBF |
319 B 563 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
inqChatLaunch10005960.js
nrma.inq.com/chatskins/launch/ Frame 8BBF |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
site_10005960_default.js
media-aus.inq.com/media/launch/ Frame 8BBF |
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tcFramework.min.js
media-aus.inq.com/media/launch/ Frame 8BBF |
498 KB 143 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
postToServer.min.htm
nrma.inq.com/tagserver/ Frame D71D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s63193087336394
metrics.nrma.com.au/b/ss/iag-di-prd,iag-global-prd/1/JS-2.4.0/ |
43 B 610 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| BlzCache object| blzBase64 function| blzRemoveCurrentScript function| BlzJsCache object| blzJsCache boolean| wrapEmbeddedScriptInCData boolean| aFeoApplied string| setName string| blzKey object| _sj object| utag_data object| tmsloader object| visitor object| domainSplit undefined| targetPageParamsAll object| _tmsHelper function| Visitor object| s_c_il number| s_c_in number| sp object| domainArray object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate object| _AT undefined| $ function| jQuery object| Drupal object| jQuery110201001420654351497 object| picturefillCFG function| picturefill object| picturefillBackgroundOptions function| picturefillBackground function| Waypoint object| IAG object| utag_err boolean| utag_condload object| utag function| _tealium_old_error function| t$ object| dataLayer string| __pageId object| __trackedFields function| __dataLayerPush object| load object| dcDataLayer function| gtag string| GoogleAnalyticsObject function| ga object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq object| trafficSourceDetector object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| isSameOriginSafe object| elm undefined| host undefined| url undefined| params undefined| src undefined| href undefined| query undefined| qs object| v3LanderConfig object| v3Lander object| inqFrame function| BlockingDetector object| blockingDetector object| Inq object| InqSaleMgr object| div object| s_i_iag-di-prd_iag-global-prd1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: IDE Value: AHWqTUl47YSX76_MQKEuqhE1rTeqaMdyG9jiPTcaXkbJDvIQhX_qcBkixBY9laA5 |
40 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5944274.fls.doubleclick.net
apps.nrma.com.au
cdn.sajari.com
cm.everesttech.net
dpm.demdex.net
iag.demdex.net
media-aus.inq.com
metrics.nrma.com.au
nrma.com.au
nrma.inq.com
tags.tiqcdn.com
www.google-analytics.com
www.googletagmanager.com
www.nrma.com.au
104.111.239.143
13.73.104.83
168.140.182.58
172.217.16.166
192.243.245.8
2a00:1450:4001:808::2008
2a00:1450:4001:816::200e
35.186.249.253
35.190.50.98
52.213.58.51
54.194.25.183
66.117.28.86
68.232.35.180
060ccf4b7963cb10ce0f3270fda1ecd8de0ce9fb124ff4a90b0a6b683cd1bc82
074d35189c0dc0eb69fc622ee49d30d364c35fbf8659897a4334ad5f0034f9fd
0770aa448b1b60da219c16637791a5d832066806c04b1d73a8dacb956190c2a1
1396d83d8e43b19a91f5d3a6b496260a41131b7d96e9152d1ea4c43a7d1dd2fa
16891a9379ee1af22b7b4bedf97bc15340fe0262708950a158ac21662fb1eea7
1a00d86b4efb51d9a5067f37b9adb28c362762407fb3976e09fbed8b2b2056a9
1dc397d2db09417f13b55079c76029c5a9b454229bc07108d18a992192264504
1f8b5e4fc7306701813137bd16ea1ce04f541629c2350dd2a68050afee296507
23fd760652723f8c439eb8f41fe1297e8aabd0e5823f270151628c5311d314f4
245e9d9afbad3ce542ef8e2d184f61f699a18537158e55c8731d19f3cf90b9dc
24c18b212199e324680d0ce6cee83fe3ae22dfc2b2fafd64d11a81be5ed60920
254f994ca7010fce46a36b601ff0bf2206fc2335b70ed213cdb0b9982779ba70
2dbf04dfd7e2b52534a7b0be0641f999b9441554d1ce01c98eaa1775a313ad63
3a9cafc17ed32b3bf7012e4d7a8e3777f7d4a23571c755e812e6e03f62f97e2c
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
403adf2be5411c860bc9a2d60b0fb41b01606e135fd9f66365beb1e772fbe8ed
413857e51ecafdc1ba256b247e7431ac8222b5ae64e8ce868e7d2757ef1e464c
4856cabe34fe37919fcb5af85509111583b198aafaa923c0517b2e7791d9916c
4b9175b93392087b1384991df8f2dab2d19804cac179b9924e8b33876e6935d0
51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4
52a77d149d92b60edb49a2e14f110ac7ae0933cee0b3b1ffd51de1ddad3326b3
53838c999ea8f76fb294d5f17907c50b5ad7c609aaf4ccfd4c14dbf8c312e2fd
5458c17b4e142ecd59ac0923fe39fc5642ccaeee83e731233a81194875129100
55b1438eba819f4a5b1ae24f9ae0a7e828b9ab597958ca547a0760571cdf7281
56c600d366e04cafef9be064fc64787034a8d5e071925271c5d35989a2db6ff8
5a0a98666d4c8e59623a0db57aa37399bfd28285af97782c05c254d149affced
62562165fbeb37f8e88ee387f13350f1ee0f8a6058194518976717ab76dab600
63d247ef0b96116ae8b7d59f95566552f87faeddf4fa5ffac07f25072d6887e4
6cdc5588f9cd81acc4a513652460cac1249590b813997f78d62d2ef5eeca016c
6e2314719dadaffdc40016748c87dcd6de98e7e174ba49bdda22e5f14b69cecf
720b773d2235629de364b60c366f0e291e8a2af6d055ff47b31e88d29c2a7f61
7b9669046e0c338e85ac567636a734d154da61f47531fbf65cc8bc95ddb52171
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
884f453a9d810819cc348969dcaeeac210865f50de2f30526724d3d9c824fe9d
89ee2c9a4e02770f0c633e011a4994e7e8f95e152e9f6479b0283baf74a409e5
89f241a9bc8709f08f3d7ee3777d7d9c1e86d63524aa66c79614d890a6e1f31b
931a924da0e9274959fe199f9e091c5909da9390eb61da6b5e75ba1f91ad06c2
93bfeeb5c69dc2ff8a6e3054ca6a7e2774ca6637f7924c335bf3f164de0f5a34
95df6756d323ee35c009467bc1ba5c2809269216eae95f0ee679acd26029065b
962b0f734dc54206de216898a966a0d39800e4f20d2130296328882361f8c617
97afe9a42a114cf36cef7b37e9ba1fa880ac3675467ff961549760931028ad8a
986ac52b38b9bf86743b574b5d9f1b7551fae1150ecd038377611773c82f9701
9ba1f370f9a9f3764ad0790b93a7538214e8a4cb83a53bd1838f8ac1ba887dc3
9e3689e86862c52bdc7eb7747bfda218abb44a363da091874b81e10446743c60
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3696d628f5dda0247b5b985b27fd3ca6f28b61eae60a64fd7260d993954bb38
a3e313196ac64518a265410f5d9994b2cf5d3709247b08fa25309cea7cfbaa7e
ab25e33f8bb22f4470f639dbc5e65c463623eba49f7124ed04b5beac88d263d7
ad686077f709ada73a68b8fed1374f588a15df8a48168f82117e501028deb496
b75ec3d3d20e68b102755f2f2ba01224331d863d588f4233a705c763ba600c87
c52d44d56bf34e3e3087db973223745357686ad70ebe66b2f192d3a9bf8273f9
d699905a17d0389d6c1563cda1f7aabd66a13e0125137107ce570f4cf208704c
d76b1070f4f3ec7deb3c3c2c939fca73694f7d3c24ebb86e529a5ad0abbad6b8
d8e5bc122e706b4a868da9e583ebd105a308e1a7876fe32f6fc7a31771bdcad6
dd7f20a2f60505005073cc3a885e9516d6cc1335c0913680540aed50a6092ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64fba0172f452eb7d9c8099e8810df8fb5b05356f38808f657bcf028fe3da62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0194564ca4cf47e69899b4f18219328977d6b99f6440e4695faac6d0fdee507
f9bbd8151d79b6322169072f5fb8dd0f435cec991d549dd8abd8c6805b043f5c