![](/screenshots/5ea86974-e280-4a34-8746-191eef615b1d.png)
login.myfairfax.com.au
Open in
urlscan Pro
151.101.194.133
Public Scan
Effective URL: https://login.myfairfax.com.au/signup_newsletter/10112?callback_uri=https%3A%2F%2Fwww.watoday.com.au&channel_key=cWvEleexy48f-P...
Submission: On February 28 via manual from IN — Scanned from AU
Summary
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 6th 2024. Valid for: a year.
This is the only time login.myfairfax.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14340 (SALESFORCE, US)
PTR: click.virt.exacttarget.com
click.email.fairfaxmedia.com.au |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-210-80-39.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-105.syd62.r.cloudfront.net
resources.myfairfax.com.au |
ASN16509 (AMAZON-02, US)
PTR: server-18-67-107-130.syd62.r.cloudfront.net
static.chartbeat.com |
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-167-6.compute-1.amazonaws.com
dpm.demdex.net | |
nd.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-210-82-213.deploy.static.akamaitechnologies.com
z.moatads.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-67-101-202.syd62.r.cloudfront.net
d2uhnetoehh304.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-66.syd1.r.cloudfront.net
au-script.dotmetrics.net |
ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
analytics.google.com |
ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f3.1e100.net
www.google.com.au |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.168.110.34.bc.googleusercontent.com
i.ffx.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-161-197.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com |
ASN29990 (ASN-APPNEX, US)
PTR: 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
pixel.advertising.com | |
ups.analytics.yahoo.com | |
cms.analytics.yahoo.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-210-81-106.deploy.static.akamaitechnologies.com
image5.pubmatic.com |
ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
dmpsync.3lift.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-49-197.compute-1.amazonaws.com
usermatch.krxd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-101-192-21.us-west-1.compute.amazonaws.com
dmp.v.fwmrm.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
myfairfax.com.au
login.myfairfax.com.au resources.myfairfax.com.au |
253 KB |
8 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 245 nd.demdex.net — Cisco Umbrella Rank: 157263 |
9 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
21 KB |
4 |
yahoo.com
3 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 425 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1486 |
1 KB |
4 |
doubleclick.net
2 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 85 cm.g.doubleclick.net — Cisco Umbrella Rank: 264 |
1 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
426 KB |
3 |
moatads.com
z.moatads.com — Cisco Umbrella Rank: 764 mb.moatads.com — Cisco Umbrella Rank: 902 |
89 KB |
3 |
chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1719 mab.chartbeat.com — Cisco Umbrella Rank: 2775 |
22 KB |
3 |
ffx.io
static.ffx.io — Cisco Umbrella Rank: 129965 i.ffx.io — Cisco Umbrella Rank: 131106 |
587 KB |
2 |
3lift.com
2 redirects
dmpsync.3lift.com — Cisco Umbrella Rank: 17437 |
764 B |
2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 259 |
2 KB |
2 |
google.com.au
www.google.com.au — Cisco Umbrella Rank: 29183 |
515 B |
2 |
google.com
analytics.google.com — Cisco Umbrella Rank: 159 www.google.com — Cisco Umbrella Rank: 2 |
667 B |
1 |
fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 15156 |
460 B |
1 |
krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1949 |
82 B |
1 |
pubmatic.com
image5.pubmatic.com — Cisco Umbrella Rank: 77760 |
|
1 |
advertising.com
1 redirects
pixel.advertising.com — Cisco Umbrella Rank: 1902 |
331 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 102 |
185 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1321 |
517 B |
1 |
dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 58337 |
802 B |
1 |
cloudfront.net
d2uhnetoehh304.cloudfront.net |
26 KB |
1 |
evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3649 |
52 KB |
1 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 448 |
22 KB |
1 |
fairfaxmedia.com.au
1 redirects
click.email.fairfaxmedia.com.au |
553 B |
52 | 24 |
Domain | Requested by | |
---|---|---|
10 | login.myfairfax.com.au |
login.myfairfax.com.au
|
6 | dpm.demdex.net |
login.myfairfax.com.au
|
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com login.myfairfax.com.au |
4 | www.googletagmanager.com |
login.myfairfax.com.au
www.googletagmanager.com |
3 | ups.analytics.yahoo.com |
2 redirects
login.myfairfax.com.au
|
2 | dmpsync.3lift.com | 2 redirects |
2 | cm.g.doubleclick.net | 2 redirects |
2 | ib.adnxs.com | 2 redirects |
2 | nd.demdex.net |
login.myfairfax.com.au
|
2 | i.ffx.io |
d2uhnetoehh304.cloudfront.net
|
2 | www.google.com.au |
login.myfairfax.com.au
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | z.moatads.com |
www.googletagmanager.com
z.moatads.com |
2 | static.chartbeat.com |
www.googletagmanager.com
login.myfairfax.com.au |
1 | dmp.v.fwmrm.net |
login.myfairfax.com.au
|
1 | usermatch.krxd.net |
login.myfairfax.com.au
|
1 | cms.analytics.yahoo.com | 1 redirects |
1 | image5.pubmatic.com |
login.myfairfax.com.au
|
1 | pixel.advertising.com | 1 redirects |
1 | www.google.com |
login.myfairfax.com.au
|
1 | www.facebook.com |
login.myfairfax.com.au
|
1 | cm.everesttech.net | 1 redirects |
1 | mb.moatads.com |
z.moatads.com
|
1 | mab.chartbeat.com |
static.chartbeat.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | au-script.dotmetrics.net |
login.myfairfax.com.au
|
1 | d2uhnetoehh304.cloudfront.net |
login.myfairfax.com.au
|
1 | cdn.evgnet.com |
login.myfairfax.com.au
|
1 | resources.myfairfax.com.au |
login.myfairfax.com.au
|
1 | static.ffx.io |
login.myfairfax.com.au
|
1 | assets.adobedtm.com |
login.myfairfax.com.au
|
1 | click.email.fairfaxmedia.com.au | 1 redirects |
52 | 32 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.watoday.com.au |
login.nine.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nine.com.au COMODO RSA Organization Validation Secure Server CA |
2024-02-06 - 2025-02-05 |
a year | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
fairfaxmedia.com.au Amazon RSA 2048 M03 |
2024-01-11 - 2025-02-07 |
a year | crt.sh |
*.chartbeat.com Thawte TLS RSA CA G1 |
2023-05-16 - 2024-06-06 |
a year | crt.sh |
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-02-14 - 2025-02-12 |
a year | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
moatads.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-10-25 - 2024-10-24 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.dotmetrics.net Amazon RSA 2048 M02 |
2023-08-23 - 2024-09-20 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.google.com.au GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-06-20 - 2024-07-20 |
a year | crt.sh |
t.brisbanetimes.com.au GTS CA 1D4 |
2024-01-28 - 2024-04-28 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-07 - 2024-03-06 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-26 - 2024-11-26 |
a year | crt.sh |
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2024-01-30 - 2025-01-28 |
a year | crt.sh |
*.v.fwmrm.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-13 - 2024-12-13 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://login.myfairfax.com.au/signup_newsletter/10112?callback_uri=https%3A%2F%2Fwww.watoday.com.au&channel_key=cWvEleexy48f-PI5-jlBnw&utm_content=SIGN_UP_PROMPT&list_name=676AD2C1-C62F-4712-8A0C-980D9DC04A7B&promote_channel=edmail&utm_campaign=am-watoday&utm_medium=email&utm_source=newsletter&utm_term=2024-02-28&mbnr=MzE1MTgwNjc&instance=2024-02-28-07-00-AWST&jobid=30275119
Frame ID: DFA17D62757ABCE692935D4B911D1497
Requests: 40 HTTP requests in this frame
Frame:
https://z.moatads.com/hd09824092/iframe.html
Frame ID: DA049A2A322C15408B954C2BCABBE289
Requests: 1 HTTP requests in this frame
Frame:
https://nd.demdex.net/dest5.html?d_nsid=0
Frame ID: 7B1B544A11E9A0605124BD41995B7577
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/5ea86974-e280-4a34-8746-191eef615b1d.png)
Page Title
Fairfax Media - My AccountPage URL History Show full URLs
-
http://click.email.fairfaxmedia.com.au/?qs=41e0d82927dba8c58f08cd545198a448c77071c53227f2ae9151fbfa75d67adeecb4597b...
HTTP 302
https://login.myfairfax.com.au/signup_newsletter/10112?callback_uri=https%3A%2F%2Fwww.watoday.com.au&channe... Page URL
Detected technologies
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- moatads\.com
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Conditions of Use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://click.email.fairfaxmedia.com.au/?qs=41e0d82927dba8c58f08cd545198a448c77071c53227f2ae9151fbfa75d67adeecb4597b4aee1dddb5d9b11b8d024199203fabe6c57354d5
HTTP 302
https://login.myfairfax.com.au/signup_newsletter/10112?callback_uri=https%3A%2F%2Fwww.watoday.com.au&channel_key=cWvEleexy48f-PI5-jlBnw&utm_content=SIGN_UP_PROMPT&list_name=676AD2C1-C62F-4712-8A0C-980D9DC04A7B&promote_channel=edmail&utm_campaign=am-watoday&utm_medium=email&utm_source=newsletter&utm_term=2024-02-28&mbnr=MzE1MTgwNjc&instance=2024-02-28-07-00-AWST&jobid=30275119 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://cm.everesttech.net/cm/dd?d_uuid=41050828183778280963044126264643051875 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zd7KOwAAALBEaAN1
- https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
- https://dpm.demdex.net/ibs:dpid=358&dpuuid=1018619662357045841
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDEwNTA4MjgxODM3NzgyODA5NjMwNDQxMjYyNjQ2NDMwNTE4NzU= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDEwNTA4MjgxODM3NzgyODA5NjMwNDQxMjYyNjQ2NDMwNTE4NzU=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIn7NXi_Xsne3sQzP8mLan0&google_cver=1?gdpr=0&gdpr_consent=
- https://pixel.advertising.com/ups/28/sync?uid=41050828183778280963044126264643051875&_origin=1&redir=true HTTP 301
- https://ups.analytics.yahoo.com/ups/28/sync?uid=41050828183778280963044126264643051875&_origin=1&redir=true HTTP 302
- https://ups.analytics.yahoo.com/ups/28/sync?uid=41050828183778280963044126264643051875&_origin=1&redir=true&verify=true
- https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=41050828183778280963044126264643051875&gdpr=0&gdpr_consent= HTTP 302
- https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=41050828183778280963044126264643051875&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-GKk.82ZE2pHAuF4GCWRjt3z.ndK0W.mx__Q-~A
- https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
- https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
- https://dpm.demdex.net/ibs:dpid=72352&dpuuid=1666531740140533835767&gdpr=0&gdpr_consent=
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
10112
login.myfairfax.com.au/signup_newsletter/ Redirect Chain
|
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons-ae880314dba618dc0005f1f6a525c41e.css
login.myfairfax.com.au/assets/lite/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop-825afb914c3210832a8326f55bdf593b.css
login.myfairfax.com.au/assets/lite/ |
68 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
digital_data_helper-6dd9838e445247f270dd130a325748ee.js
login.myfairfax.com.au/assets/ |
1 KB 559 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-fc35eab6559a121532bab25bb77b90e6a30892b9.js
assets.adobedtm.com/7d5ea80d054b96730162d0905d59678c4d2bf30c/ |
72 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm_helper-8940b3c9a37d48891a8ab19ab83a8e25.js
login.myfairfax.com.au/assets/ |
478 B 486 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pm_edition_signup.png
static.ffx.io/image/upload/v1599805467/newsletter/metro/signup/ |
586 KB 587 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lite-305f62bdda86278b558639ce651daa4a.js
login.myfairfax.com.au/assets/ |
110 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsletter_analytics-6253e2cf5c06fa8a808fce8392ca5a3e.js
login.myfairfax.com.au/assets/ |
1000 B 717 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
581 KB 160 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
resources.myfairfax.com.au/watoday/images/login/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pt_sans-regular.woff
login.myfairfax.com.au/assets/lite/fonts/ |
60 KB 61 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pt_sans-bold.woff
login.myfairfax.com.au/assets/lite/fonts/ |
63 KB 64 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merriweathersans-regular.woff
login.myfairfax.com.au/assets/lite/fonts/ |
26 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat_mab.js
static.chartbeat.com/js/ |
24 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
evergage.min.js
cdn.evgnet.com/beacon/fairfaxmediapublications/production_watoday/scripts/ |
200 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
268 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
268 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
242 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moatheader.js
z.moatads.com/fairfaxheader492510264302/ |
249 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.js
d2uhnetoehh304.cloudfront.net/2.18.2/ |
77 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
door.js
au-script.dotmetrics.net/ |
69 B 802 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 137 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 47 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.au/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subscriptions.js
static.chartbeat.com/js/ |
32 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ |
403 B 681 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2
mb.moatads.com/yi/ |
220 B 399 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
z.moatads.com/hd09824092/ Frame DA04 |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ |
2 B 375 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 71 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
8 B 358 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
nd.demdex.net/ Frame 7B1B |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
nd.demdex.net/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=411&dpuuid=Zd7KOwAAALBEaAN1
dpm.demdex.net/ Redirect Chain
|
42 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Frame 7B1B |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.au/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=358&dpuuid=1018619662357045841
dpm.demdex.net/ Frame 7B1B Redirect Chain
|
42 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=771&dpuuid=CAESEIn7NXi_Xsne3sQzP8mLan0&google_cver=1
dpm.demdex.net/ Frame 7B1B Redirect Chain
|
42 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/28/ Frame 7B1B Redirect Chain
|
0 17 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 7B1B |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=30646
dpm.demdex.net/ Frame 7B1B Redirect Chain
|
42 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=72352&dpuuid=1666531740140533835767&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 7B1B Redirect Chain
|
42 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2
usermatch.krxd.net/um/ Frame 7B1B |
2 B 82 B |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u
dmp.v.fwmrm.net/ad/ Frame 7B1B |
0 460 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
100 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| DigitalDataHelper object| digitalData object| _satellite function| GTMHelper object| dataLayer number| dcOrd function| getAdCookie string| val object| analyticsData function| FastClick function| setCookie function| $ function| jQuery object| enquire function| PluginClass object| GigyaHelper object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _sf_async_config object| _cbq boolean| cb_first string| GoogleAnalyticsObject function| ga object| s function| e function| Visitor function| DIL object| s_c_il number| s_c_in object| nineFfxDil string| navAgent undefined| darkSocial object| facebookArguments function| retry function| isIE10OrLater function| detectPrivateMode string| key object| GlobalSnowplowNamespace function| snowplow object| _conf object| nineDM object| dm function| onYouTubeIframeAPIReady object| gaGlobal object| _cb_shared function| chartbeat undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_25544039 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedfairfaxheader492510264302 object| moatPrebidApi object| __wpcc object| Snowplow object| gaplugins object| gaData object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr object| StatType function| justDebounceIt object| CustomEvents object| ItemAction function| sendMessageToEvergageLauncher function| shouldInit function| setDeveloperOptions function| enableDebugTools function| enableProductionTesting function| handleDevQueryString function| shouldInitRule function| matchesPath function| debounce function| handleEvent number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render object| _is object| _cbm31 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.myfairfax.com.au/ | Name: production_hagrid_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFjZTE4ZGVjODY0MzA1N2Q4NGU5OWFmOTQ3NmY5OWYwBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMWRiZXBNK0Q2ek5aZmVCQ2UzaWJXMVRTTGgrTFhXZmV4cHhORFBPYlNSd0k9BjsARg%3D%3D--0ac77fa252b9da0292cae70e6f43717232141cde |
|
.myfairfax.com.au/ | Name: _gcl_au Value: 1.1.1026595284.1709099578 |
|
login.myfairfax.com.au/ | Name: s_u_chnl Value: none |
|
login.myfairfax.com.au/ | Name: _bsMode Value: true |
|
.dotmetrics.net/ | Name: DotMetrics.DeviceKey Value: DeviceID= |
|
.dotmetrics.net/ | Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=92898974-a1d3-4f84-b986-67243dfe9389&Created=02/28/2024 05:52:57&UserMode=0&guid=989fb126-bcd3-4f25-9ca2-9f9377fb2742&ver=1 |
|
.myfairfax.com.au/ | Name: _ga_RZK75Y5YFW Value: GS1.1.1709099577.1.1.1709099577.0.0.0 |
|
.myfairfax.com.au/ | Name: _ga_EX7TW0S5WR Value: GS1.1.1709099577.1.0.1709099577.60.0.0 |
|
.myfairfax.com.au/ | Name: _sp_ses.9604 Value: * |
|
.myfairfax.com.au/ | Name: _sp_id.9604 Value: c27c9bb5-fe64-40c0-9165-cf869dd503c3.1709099578.1.1709099578.1709099578.301c6d31-b53b-4754-9243-e933d8a3b6f3 |
|
.myfairfax.com.au/ | Name: _ga Value: GA1.3.379558109.1709099578 |
|
.myfairfax.com.au/ | Name: _gid Value: GA1.3.2098256745.1709099578 |
|
.myfairfax.com.au/ | Name: _gat_ffxTracker Value: 1 |
|
.login.myfairfax.com.au/ | Name: _sfid_7fca Value: {%22anonymousId%22:%22cee6d4e1368f4139%22} |
|
.login.myfairfax.com.au/ | Name: _evga_ad64 Value: {%22uuid%22:%22cee6d4e1368f4139%22} |
|
.demdex.net/ | Name: demdex Value: 41050828183778280963044126264643051875 |
|
login.myfairfax.com.au/ | Name: AMCVS_50AB0C3A53DB1B290A490D4D%40AdobeOrg Value: 1 |
|
.login.myfairfax.com.au/ | Name: aam_uuid Value: 41050828183778280963044126264643051875 |
|
.adnxs.com/ | Name: XANDR_PANID Value: 82JoWlD9G8qL1-V0ctMKVjhvvgbjO7dwbDFowVeJyOWXRKG8nu5O0iagQpaGRsn9tXwku31P44fjB8MuSWy-94HnRe8kdhnYd_ZLXP58NeU. |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: uuid2 Value: 1018619662357045841 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmaw9bjnaigyv6Nh5hb0R30dRhOSd1L40_eCHk3L0bNHpSUFllWuvvLL5_m1qE |
|
.dpm.demdex.net/ | Name: dpm Value: 41050828183778280963044126264643051875 |
|
.advertising.com/ | Name: A3 Value: d=AQABBDvK3mUCELa1x5xUQ6ynowpYMEd3WgIFEgEBAQEb4GXoZdww0iMA_eMAAA&S=AQAAArHjCKRd9kddYtMYvk0Uxfs |
|
.demdex.net/ | Name: dextp Value: 358-1-1709099578526|771-1-1709099578627|6835-1-1709099578728|19566-1-1709099578829|30646-1-1709099578929|72352-1-1709099579030|66757-1-1709099579131|796-1-1709099579232 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Zd7KOwAAALBEaAN1 |
|
.3lift.com/ | Name: tluid Value: 1666531740140533835767 |
|
login.myfairfax.com.au/ | Name: AMCV_50AB0C3A53DB1B290A490D4D%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19782%7CMCMID%7C41033936248111234593041312270563677536%7CMCAAMLH-1709704378%7C7%7CMCAAMB-1709704378%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1709106778s%7CNONE%7CMCSYNCSOP%7C411-19789%7CvVersion%7C3.3.0 |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 19cu~2h05 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBDvK3mUCEMyvgtnuTR8Fs6Ii4XheinkFEgEBAQEb4GXoZdww0iMA_eMAAA&S=AQAAAqbwFVZP0opcRLBDUZnkc2o |
|
.fwmrm.net/ | Name: _uid Value: umk963c_7340544680605995200 |
84 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; report-to csp-endpoint |
Strict-Transport-Security | max-age=300 |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
assets.adobedtm.com
au-script.dotmetrics.net
cdn.evgnet.com
click.email.fairfaxmedia.com.au
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
d2uhnetoehh304.cloudfront.net
dmp.v.fwmrm.net
dmpsync.3lift.com
dpm.demdex.net
i.ffx.io
ib.adnxs.com
image5.pubmatic.com
login.myfairfax.com.au
mab.chartbeat.com
mb.moatads.com
nd.demdex.net
pixel.advertising.com
resources.myfairfax.com.au
static.chartbeat.com
static.ffx.io
stats.g.doubleclick.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
z.moatads.com
103.43.90.114
13.35.147.66
142.250.204.14
142.250.204.8
142.251.221.78
151.101.192.114
151.101.194.133
151.101.66.202
152.69.170.131
157.240.8.35
172.217.167.66
172.217.24.35
172.217.24.36
172.253.118.156
175.41.161.197
18.143.106.89
18.67.101.202
18.67.107.130
18.67.111.105
23.210.80.39
23.210.81.106
23.210.82.213
3.101.192.21
3.225.167.6
34.110.168.46
34.192.49.197
52.223.2.229
66.231.91.47
02aac23024f33366a2a0b2c3e51673745f223fdc04c07d4f4ef55dd8f8e67b0a
09af2f4332a1d19b16808957a1bb602857ba76a039d0347850444e20bffcf74d
09e55ff8e3cfe41a10b944fd186a971f0431119d27a317a5305b6978bfba2f4f
0eced38a76a01c85f987b869c9598d5a97d1c3d05a9c78149415f03cee96a6e7
1497bf5b1aedbd7e6711a2200b950773ac98adc352d7cd1f03aaf08211191334
1641db71923258d4d2e12da9776fec74c32a19c772f34a17b93f5dc9312139fd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26f6c88bf67dd4bc4835e6cc3c4931436be3d7f7d8a904aeb63be9655150c1f5
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
3d6541ce896631c6e58b9d30b47f38299e2fde23a825588d4f623a0169f2c838
3f2489867ca7b3417c280bd89960d3eddcc20a563d7c1c5b4379e7dc31879071
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b444424f081c38d0bd8b100e2eca1b30472b5a5ccecd5e87a0678d27ac46e53
743715a434f33b8ba2bd56ff7fd6edfdf5a66c97a60060e4a73656e9116eecb3
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861718e76a3d97e8ff7955b7bdcd9f7a5926bde125193de5166e66a252b0e483
8fb499fb2d09d40ca833f2d7c123fa0d646744977e72eea31b1a69b4ce45194a
926ca92e76d9cb6649be691192fbe984dd23c4dbad037f17606179ce000f5f67
a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab
a6ba5629fe2c7c8365b0b5409e42034e5bfc69a4378abe8b664e90744181b71b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b24b33dc0c3acf1974f5a6c54a248fae147180b2fe0457ddcc1606091a6d3082
b3753e52f16a42882b7e08459c71c8db982a22a0bed2510dfc40f0d2973ad8e4
c45d9b26fa2b7f039fe58fd06f5e855ef56005d0b0ed9a4022239122ca652704
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95
d32e9846fa41ecf9a4904563959ce2876ee5c2c64d91a6f1e15c21424855e8eb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60566140391e341c2fb0139d6a36214cc68a132acfb259cfbeabe5fc5c3790f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f312a4f1d5b7adff5121ee08ca1f4050343c7420e7c55c10bad3c98026f1043f
fbda239d5b8a0ab41b8a76580e284f2290e39d5cd27de73e5b866dc5f29abafb
ff160f2a689c66543f5f81529982792568b22de45066ab28521afb87a5a80ce1
ff6975a03367ff6f70cd63cd3e5e94ef682034136382563d5ae5f851bd8a75cd