![](/screenshots/3c61a776-42f5-456f-a186-0a1ac1801b60.png)
www.newsletters.news.com.au
Open in
urlscan Pro
54.153.229.235
Public Scan
Effective URL: https://www.newsletters.news.com.au/heraldsun/?enc=UWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haOFF3Z2pKYjM3QUgrUHMwR...
Submission: On May 20 via manual from AU
Summary
TLS certificate: Issued by Amazon on October 1st 2019. Valid for: a year.
This is the only time www.newsletters.news.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN22606 (EXACT-7, US)
PTR: pub.s4.sfmc-content.com
fe9515747362007f76.pub.s4.sfmc-content.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-229-235.ap-southeast-2.compute.amazonaws.com
www.newsletters.news.com.au |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-101.ham50.r.cloudfront.net
static-au.newsletters.news.com.au |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-106-223.deploy.static.akamaitechnologies.com
image.exacttarget.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-24.deploy.static.akamaitechnologies.com
tags.news.com.au |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
ad.doubleclick.net |
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-26.ham50.r.cloudfront.net
au.tags.newscgp.com |
ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com |
ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
googleads4.g.doubleclick.net |
ASN16625 (AKAMAI-AS, US)
PTR: a104-85-255-156.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com |
ASN16509 (AMAZON-02, US)
seccdn-gl.imrworldwide.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-106.ham50.r.cloudfront.net
cdn.adsafeprotected.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-132-72.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
adservice.google.de | |
adservice.google.com |
ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net
securepubads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-89-77.compute-1.amazonaws.com
ping.chartbeat.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-238-209.eu-west-1.compute.amazonaws.com
newscorpau.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
newscorpau.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com |
ASN15169 (GOOGLE, US)
db7df266cd10ebbc95cf1777d3b18c2d.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-36-171.deploy.static.akamaitechnologies.com
www.heraldsun.com.au |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-196.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-48-64.eu-west-1.compute.amazonaws.com
secure-dcr.imrworldwide.com |
Domain | Requested by | |
---|---|---|
10 | static-au.newsletters.news.com.au |
www.newsletters.news.com.au
|
8 | tags.news.com.au |
tags.tiqcdn.com
au.tags.newscgp.com |
7 | image.exacttarget.com |
www.newsletters.news.com.au
|
5 | pagead2.googlesyndication.com |
ad.doubleclick.net
securepubads.g.doubleclick.net www.newsletters.news.com.au |
5 | cdn-gl.imrworldwide.com |
www.newsletters.news.com.au
seccdn-gl.imrworldwide.com cdn-gl.imrworldwide.com |
4 | secure-gl.imrworldwide.com |
2 redirects
cdn-gl.imrworldwide.com
www.newsletters.news.com.au |
4 | tags.tiqcdn.com |
www.newsletters.news.com.au
tags.tiqcdn.com |
3 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
3 | dpm.demdex.net |
tags.news.com.au
www.newsletters.news.com.au |
3 | secure-ds.serving-sys.com |
1 redirects
tags.tiqcdn.com
www.newsletters.news.com.au |
2 | newscorpau.sc.omtrdc.net |
tags.news.com.au
www.newsletters.news.com.au |
2 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net |
2 | www.newsletters.news.com.au | 1 redirects |
1 | secure-dcr.imrworldwide.com | |
1 | login.newscorpaustralia.com |
www.heraldsun.com.au
|
1 | www.heraldsun.com.au |
static-au.newsletters.news.com.au
|
1 | db7df266cd10ebbc95cf1777d3b18c2d.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | bs.serving-sys.com |
secure-ds.serving-sys.com
|
1 | pixel.adsafeprotected.com |
cdn.adsafeprotected.com
|
1 | cm.everesttech.net | 1 redirects |
1 | newscorpau.demdex.net |
tags.news.com.au
|
1 | ping.chartbeat.net |
www.newsletters.news.com.au
|
1 | adservice.google.com |
www.googletagservices.com
|
1 | adservice.google.de |
www.googletagservices.com
|
1 | cdn.adsafeprotected.com |
tags.news.com.au
|
1 | seccdn-gl.imrworldwide.com |
tags.news.com.au
|
1 | googleads4.g.doubleclick.net |
ad.doubleclick.net
|
1 | au.tags.newscgp.com |
tags.tiqcdn.com
|
1 | www.googletagservices.com |
tags.tiqcdn.com
|
1 | static.chartbeat.com |
tags.tiqcdn.com
|
1 | ad.doubleclick.net |
tags.tiqcdn.com
|
1 | image.s4.sfmc-content.com |
www.newsletters.news.com.au
|
1 | image.e.newscorpaus.com.au |
www.newsletters.news.com.au
|
1 | fe9515747362007f76.pub.s4.sfmc-content.com | 1 redirects |
73 | 34 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.heraldsun.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
newsletters.news.com.au Amazon |
2019-10-01 - 2020-11-01 |
a year | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2020-03-17 - 2022-06-17 |
2 years | crt.sh |
akamai-san25.exacttarget.com DigiCert SHA2 Secure Server CA |
2018-09-04 - 2020-08-12 |
2 years | crt.sh |
akamai-san4.exacttarget.com DigiCert SHA2 Secure Server CA |
2018-10-01 - 2020-07-26 |
2 years | crt.sh |
akamai-san24.exacttarget.com DigiCert SHA2 Secure Server CA |
2020-03-02 - 2021-03-25 |
a year | crt.sh |
news.com.au GeoTrust RSA CA 2018 |
2020-02-05 - 2021-03-04 |
a year | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
*.chartbeat.com Gandi Standard SSL CA 2 |
2020-04-04 - 2021-04-04 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
au.tags.newscgp.com Amazon |
2020-02-08 - 2021-03-08 |
a year | crt.sh |
*.imrworldwide.com DigiCert SHA2 Secure Server CA |
2020-01-21 - 2021-02-24 |
a year | crt.sh |
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA |
2020-01-03 - 2021-04-03 |
a year | crt.sh |
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA |
2018-08-20 - 2020-09-17 |
2 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.google.de GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2019-12-16 - 2020-12-30 |
a year | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-02-28 - 2022-03-04 |
2 years | crt.sh |
fw.adsafeprotected.com Amazon |
2020-03-14 - 2021-04-14 |
a year | crt.sh |
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2 |
2020-01-07 - 2022-03-08 |
2 years | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.newsletters.news.com.au/heraldsun/?enc=UWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haOFF3Z2pKYjM3QUgrUHMwRng5V3doRUUzSisyeFVNcUhwRmNBUWNuZE42S0NsdVVDeTdnUEY5Y3pUNmVWYlU9
Frame ID: 40E97F22B68EDD686CBAFBF5ADEA549E
Requests: 68 HTTP requests in this frame
Frame:
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: DE3CA36A9D7F23117737D6F8B3A67F91
Requests: 1 HTTP requests in this frame
Frame:
https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 1DB463E806C185A84D222467B5B5B431
Requests: 1 HTTP requests in this frame
Frame:
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 0A6BDEBD0BB0374F00BB7C9A6D82DD3D
Requests: 1 HTTP requests in this frame
Frame:
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.newsletters.news.com.au%2Fauth%2Fcallback&state=J6vHF6UqrcEOxsVc46QeZiqJZOTzA70V&nonce=4UqJAH~Kl1qKo1Yvs0m6R04NSi44z~9B&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMi4yIn0%3D
Frame ID: 79878630CDAF23C048A472D8F5B5B89A
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A5C3C40EA1BAD17C20780B1EFCA02902
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/3c61a776-42f5-456f-a186-0a1ac1801b60.png)
Page URL History Show full URLs
-
https://fe9515747362007f76.pub.s4.sfmc-content.com/iezskfklocg?enc=eUh1Zm9DbjBxKzZybm1DWEJVQVRYMFZWa2VkRkszWUIrem9VWEpHQkorU1h4...
HTTP 302
https://www.newsletters.news.com.au/api/mcLink?enc=UWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haO... HTTP 302
https://www.newsletters.news.com.au/heraldsun/?enc=UWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haO... Page URL
Detected technologies
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Detected patterns
- script /googlesyndication\.com\//i
![](/vendor/wappa/icons/Prebid.png)
Detected patterns
- script /\/prebid\.js/i
![](/vendor/wappa/icons/Sizmek.png)
Detected patterns
- script /serving-sys\.com\//i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fe9515747362007f76.pub.s4.sfmc-content.com/iezskfklocg?enc=eUh1Zm9DbjBxKzZybm1DWEJVQVRYMFZWa2VkRkszWUIrem9VWEpHQkorU1h4ZFFVNWxUQzl2WGlHU2pxUTNVTlRNTUd5RjJPdmwxSnJuZ2R6cHg0WHBQeHdXSjhrSGdBZ1B3cEdET0ZFRTFDbllOOXBmK0Z5SzBUTnBKUVdaRHhJRGFwRkhtWHZaRndWeiswZ2g1d1ZNSUtUZnF3VDRCNGF5ZVFHc2xIVkNaQzRJZTVrYm1nenNTTzNOT2p3L2VLcVZ5YVE1VVMyWTQyeVFlSzhQWm5lUT09
HTTP 302
https://www.newsletters.news.com.au/api/mcLink?enc=UWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haOFF3Z2pKYjM3QUgrUHMwRng5V3doRUUzSisyeFVNcUhwRmNBUWNuZE42S0NsdVVDeTdnUEY5Y3pUNmVWYlU9 HTTP 302
https://www.newsletters.news.com.au/heraldsun/?enc=UWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haOFF3Z2pKYjM3QUgrUHMwRng5V3doRUUzSisyeFVNcUhwRmNBUWNuZE42S0NsdVVDeTdnUEY5Y3pUNmVWYlU9 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://secure-gl.imrworldwide.com/v60.js HTTP 301
- https://cdn-gl.imrworldwide.com/v60.js
- https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630 HTTP 302
- https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
- https://cm.everesttech.net/cm/dd?d_uuid=43465912008086166994075544505447159145 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XsU3xgAAAXynNxTJ
- https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1589983174220&ci=newscorp&js=1&cg=0&ts=utag.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.newsletters.news.com.au%2Fheraldsun%2F%3Fenc%3DUWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haOFF3Z2pKYjM3QUgrUHMwRng5V3doRUUzSisyeFVNcUhwRmNBUWNuZE42S0NsdVVDeTdnUEY5Y3pUNmVWYlU9&sr=1600x1200&id=lstrg-0b33ce58e26e2d5d05efdc2b8421c825&tz=2 HTTP 302
- https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1589983174220&ci=newscorp&js=1&cg=0&ts=utag.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.newsletters.news.com.au%2Fheraldsun%2F%3Fenc%3DUWNMa095M3pwaVBuWHNxL0RiYkluRWh5RjRKYVlTYXQ3d3dONXllY01iU3haOFF3Z2pKYjM3QUgrUHMwRng5V3doRUUzSisyeFVNcUhwRmNBUWNuZE42S0NsdVVDeTdnUEY5Y3pUNmVWYlU9&sr=1600x1200&id=lstrg-0b33ce58e26e2d5d05efdc2b8421c825&tz=2&ja=1
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.newsletters.news.com.au/heraldsun/ Redirect Chain
|
168 KB 169 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.85f4f337e94b40a6c472.js
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/dist/heraldsun/ |
828 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.2a991ac770ad01a003cc.js
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/dist/heraldsun/ |
340 KB 102 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.92385bd8831925820bc8.js
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/dist/heraldsun/ |
128 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/newsltd/news/prod/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.92385bd8831925820bc8.css
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/dist/heraldsun/ |
39 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heraldsun.svg
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/public/logos/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cccbcf94-ce55-4863-9c95-a7cb94aabe50.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/4/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heraldsun-white.svg
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/public/logos/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
98218bce-d885-4ac1-ad35-ee2140e48c38.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ |
113 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
36328b5a-fa5e-4495-ae15-f9fd1bcde2d8.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3dfddd11-e521-4c45-aff6-9a75fd02b275.jpg
image.s4.sfmc-content.com/lib/fe9715747362037d75/m/1/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f127ab1-59c3-4941-887b-66cd622cddf7.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
77e2228f-4010-4a47-89c7-2c3d5e0fb1d4.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1af998c1-70c8-44d9-9d41-fed06daff6ac.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f0d76b01-303a-4be5-ab0f-47c28a05438c.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a894ca9c-007c-410a-b8f1-c7318aea79ba.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ |
215 KB 216 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
leader-white.svg
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/public/logos/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/public/fonts/Roboto-Regular-export/ |
9 KB 10 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RobotoCondensed-Bold.woff
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/public/fonts/RobotoCondensed-Bold-export/ |
9 KB 9 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Merriweather-Light.woff
static-au.newsletters.news.com.au/gpc/prodAU/1583885402/public/fonts/Merriweather-Light-export/ |
76 KB 76 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ |
68 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utrack.js
tags.news.com.au/prod/utrack/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mitas.js
tags.news.com.au/prod/mitas/ |
666 B 898 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ |
63 B 295 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
B7670439;dcadv=4149947;sz=1x2;ord=231159675327.04663
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ |
21 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat_video.js
static.chartbeat.com/js/ |
69 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics.js
tags.news.com.au/prod/metrics/ |
173 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tad.js
tags.news.com.au/prod/tad/ |
75 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
42 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid.js
tags.news.com.au/prod/prebid/ |
309 KB 93 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ncg.js
au.tags.newscgp.com/prod/ncg/ |
124 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nielsen.js
tags.news.com.au/prod/nielsen/ |
21 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v60.js
cdn-gl.imrworldwide.com/ Redirect Chain
|
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20200514/r20110914/elements/html/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
view
googleads4.g.doubleclick.net/pcs/ |
0 832 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ |
52 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 125 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ggcmb510.js
seccdn-gl.imrworldwide.com/novms/js/2/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iasPET.1.js
cdn.adsafeprotected.com/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020050602.js
securepubads.g.doubleclick.net/gpt/ |
243 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 168 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneTagDefaultConfig.json
secure-ds.serving-sys.com/BurstingCachedScripts/ Redirect Chain
|
11 B 217 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ |
63 B 295 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() newscorpau.demdex.net/ Frame DE3C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
newscorpau.sc.omtrdc.net/ |
2 B 327 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=XsU3xgAAAXynNxTJ
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storageframe.html
secure-gl.imrworldwide.com/ Frame 1DB4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ |
180 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub
pixel.adsafeprotected.com/services/ |
254 B 496 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 120 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
secure-gl.imrworldwide.com/cgi-bin/ Redirect Chain
|
44 B 489 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Serving
bs.serving-sys.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s03183013074128
newscorpau.sc.omtrdc.net/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/ |
43 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
335 B 561 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
db7df266cd10ebbc95cf1777d3b18c2d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ |
31 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ |
238 KB 75 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ |
169 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 0A6B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
login.newscorpaustralia.com/ Frame 7987 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A5C3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gn
secure-dcr.imrworldwide.com/cgi-bin/ |
44 B 524 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
153 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| FontFaceObserver object| utag_data string| vuePublicPath object| __INITIAL_STATE__ function| isMobileDevice function| webpackJsonp object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag object| _gaq object| pageTracker number| _sf_startpt object| _sf_async_config object| _cbq function| Nielsen_Event object| trac function| httpGetAsync function| _tealium_old_error object| nb function| Krux object| sectionData number| _sf_endpt object| ads_api number| gptPluginLoaded object| newskey object| m function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc object| nn object| ads_core object| ads_extra object| googletag function| ad_tl_cb object| __iasPET object| kw_ignore object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts function| pbjsChunk object| pbjs object| _pbjsGlobals object| __core-js_shared__ function| AppNexusPrebidAnalytics function| omrhp object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| NOLCMB object| diagPixSentCodes object| __iasAdRefreshConfig function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE string| localstorageframe number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_image_requests object| ads_ready function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_show_companion_ad function| google_show_companion_ad_in_slot function| google_get_companion_slot_params function| google_companion_error function| google_companion_loaded function| google_increment_num_ad_mouseovers string| google_ad_output string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country string| ptclString string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| setImmediate function| clearImmediate function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents function| Rampart function| webpackHotUpdateRampart object| rampart object| authy object| GoogleGcLKhOms2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: dextp Value: 144237-1-1589983175885 |
|
.news.com.au/ | Name: s_ppv Value: hs%257Cnewsletters%257Cindex%257Cnewsletters%2C44%2C44%2C1200 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
adservice.google.de
au.tags.newscgp.com
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cm.everesttech.net
db7df266cd10ebbc95cf1777d3b18c2d.safeframe.googlesyndication.com
dpm.demdex.net
fe9515747362007f76.pub.s4.sfmc-content.com
googleads4.g.doubleclick.net
image.e.newscorpaus.com.au
image.exacttarget.com
image.s4.sfmc-content.com
login.newscorpaustralia.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static-au.newsletters.news.com.au
static.chartbeat.com
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
www.googletagservices.com
www.heraldsun.com.au
www.newsletters.news.com.au
104.111.237.196
104.85.255.156
15.188.31.119
152.199.23.241
172.217.18.6
172.217.22.66
172.217.23.98
176.34.132.72
198.245.89.192
2.21.36.171
2.21.37.24
23.45.106.223
2600:9000:2016:1400:2:42d9:3100:93a1
2600:9000:2016:4400:1e:a43d:b640:93a1
2600:9000:2016:a400:2:42d9:3100:93a1
2600:9000:2016:c600:18:1fcd:34e:a8e1
2a00:1450:4001:815::2001
2a00:1450:4001:815::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2002
2a00:1450:4001:821::2001
2a02:26f0:6c00:285::416d
2a02:26f0:6c00:2be::2cc4
34.250.155.46
52.17.238.209
52.222.182.101
52.222.182.26
52.222.190.106
54.153.229.235
54.175.89.77
54.76.48.64
66.117.28.86
80.252.91.52
046eb8080f683ff17a435d051496e89c48df6b8b9de927359a046d4137863248
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0862e5425138d57892f03941277a685f111fab3f2f0cd22401b05a85106aa6d3
1ef28eb3a5159951fdaf5a05c1b17d855daaeca96aa769576a9b68a0c8021622
217ed39fce003a763daeec9689fa20df1d9f1dcdc7daed0839b8f0343711d7d7
352d155b35a8a061d94e1c034c6f759ac21c962bc247f5c0a59e36d684466278
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
3dd3d0a0ceb91652dd23ba76fe88a12f9f708848817e4050c776ce205683de95
3e97704a5d4f157c60f585a98c68231e053604ef02fa65608955fcb9612d86bf
3ebdb3586c163ff47d41dd2743f528a2592fa31054fece708552350baff72c4f
4353b5e1bb568c2005f7778cda77c52b1c2eb4c026ba698549780e0306b0532e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4904292d085a573ede0750f3afcf9464ed7e70a8e4a899f7db0ce333d2c7d6af
4a8f29fdb67201ecf85720a911a4630c039e89b10d55eb4f1b39303338389394
4d210627b2694be7700dbb84faa912e3def3f473e9c075b4d0a8b1104641c7e8
5427a071442289068b6cf03b32cb42b5cc5bd239e77a56bab51f6572eb5ca222
58d3930bbaae7733a1093a45d9ba6c9cb5fed22bf5f6cd637b1b7c9740a29651
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ef474f7db9cb41de4997387ec7ddab515197bee943693f037efbd5b622e22cb
685dafbf199cacfef533aca38267760bac630c28d929275b14b2b6648150e394
6bd271b26b0af4886cb1897213e0bdd66f7d6aa8632768c45717bc56d2a5a039
728c49a2c9cae48f12242565437f2e0f7b3edffb1085ab28b28c03cb123561ae
769aad2df62fab24da6910b5a5f66c574faa53eb43b1add8308933a75880c06e
8554306ee7b44ad5db70ff716dac4263d624a509732ef966db35698249ae95f8
85f5e6482120d851fce126c20cfd012e013840d6de7334098022f9594034e02a
98b3047cca6c09036e718abed042ca3cd035918616aa43ed0c4ae4ab317809e5
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9c92914afc7ed42e9d1e05898a526b8630539bc200357dc860fd666995849bc2
a03cc33f564b847b96e8a6581e03fa42229f29d66ea15cc27ceac5df34ab96f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a47482cd31d523dfe7fd97fb81bc52bee79271cb44e447b3bce8e200ac55df51
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a53bf0b895b33fc2c5353bba34251f3ae688029be67ba0a15b57edbfd11af0d2
aa7dab132b05ebf0e9a76dc9267863cc6886e8ce51c0b8c82a43e661a08d0f22
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aea6a1cba8f14ad8d11b44f1ab102831768abefa9f33e8dbb496450df730537a
b75efe1a8318f911b83345076b89a01f052b05cf3f758e9f5f58d21ebf601405
ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d
bd98ec75ecb4237642097925dd846923f8d912ef4a92309338b4eb17fbdf1798
bea6be2680910caef37e6a779123e5ac51fae157a69a01ec483422ebdbcf4f72
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
c54480f6184a8f381845b87a735bb89f8f934f267c04fd1011046890b734d6e0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d18926d69ab05e21163360e69c7d0790bffabe477d44acfdb2791119069abb26
d509eee04d205f8c442f7c21105fc3496b1d74c16212180341800c5ca093f79d
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
de388573b3a0ef4038005433c02bffdbc02c8e57818673adf28747589a0c0c2b
df495c6a055b3616e655e1347387b18afd04a61cd2061cbd8e9a2713c7823e13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73f1ecf7e599e41fda11ec5529eeb63c37081d86488af13c51aa39ea19c52bd
edbd4e1158da209902d5d90eef94f40af28482f57b23e76f33e1dddbf26015ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09dd473f4126e9cf75463a14793001cff9cb65beab2ed1781ecd11cb43b4506
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d