urlscan.io logo urlscan.io
SecurityTrails logo

payments.tal.com.au Open in urlscan Pro
13.107.246.31  Public Scan

Go To Rescan Add Verdict Report
URL: https://payments.tal.com.au/TAL?mcode=2024051409270405
Submission Tags: falconsandbox
Submission: On July 01 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 44 HTTP transactions. The main IP is 13.107.246.31, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is payments.tal.com.au.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 23rd 2024. Valid for: 6 months.
This is the only time payments.tal.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 13.107.246.31 8075 (MICROSOFT...)
2 142.250.66.228 15169 (GOOGLE)
7 23.55.11.47 16625 (AKAMAI-AS)
1 203.195.127.34 38859 (PREMIERTE...)
2 35.174.55.74 14618 (AMAZON-AES)
2 157.240.8.23 32934 (FACEBOOK)
3 142.251.221.72 15169 (GOOGLE)
1 172.217.167.99 15169 (GOOGLE)
1 50.17.206.181 14618 (AMAZON-AES)
2 63.140.39.35 14618 (AMAZON-AES)
1 1 52.220.248.45 16509 (AMAZON-02)
1 63.140.38.132 14618 (AMAZON-AES)
2 5 142.250.66.198 15169 (GOOGLE)
1 172.217.167.98 15169 (GOOGLE)
1 2 142.250.76.102 15169 (GOOGLE)
1 4 204.79.197.237 8068 (MICROSOFT...)
2 157.240.8.35 32934 (FACEBOOK)
1 216.239.32.36 15169 (GOOGLE)
1 142.251.175.155 15169 (GOOGLE)
1 142.250.66.195 15169 (GOOGLE)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 52.152.143.207 8075 (MICROSOFT...)
44 22
6    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
payments.tal.com.au
www.clarity.ms
2    142.250.66.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f4.1e100.net
www.google.com
7    23.55.11.47 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-11-47.deploy.static.akamaitechnologies.com
assets.adobedtm.com
1    203.195.127.34 (Australia)

ASN38859 (PREMIERTECH-AU Premier Technologies Pty Ltd, AU)
www.bpoint.com.au
2    35.174.55.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-55-74.compute-1.amazonaws.com
dpm.demdex.net
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
3    142.251.221.72 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f8.1e100.net
www.googletagmanager.com
1    172.217.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f3.1e100.net
www.gstatic.com
1    50.17.206.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-206-181.compute-1.amazonaws.com
talservices.demdex.net
2    63.140.39.35 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-35.data.adobedc.net
talservices.sc.omtrdc.net
1    52.220.248.45 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-248-45.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    63.140.38.132 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-132.data.adobedc.net
tal.tt.omtrdc.net
5    142.250.66.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f6.1e100.net
ad.doubleclick.net
1    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
adservice.google.com
2    142.250.76.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net
10721995.fls.doubleclick.net
4    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    142.251.175.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net
www.google.co.uk
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
Apex Domain
Subdomains		 Transfer
8 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
10721995.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
1 KB
7 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 428
128 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
c.clarity.ms — Cisco Umbrella Rank: 1434
o.clarity.ms — Cisco Umbrella Rank: 12392
28 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
c.bing.com — Cisco Umbrella Rank: 224
16 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 5
adservice.google.com — Cisco Umbrella Rank: 213
region1.analytics.google.com — Cisco Umbrella Rank: 3125
1 KB
4 tal.com.au
payments.tal.com.au
6 MB
3 omtrdc.net
talservices.sc.omtrdc.net
tal.tt.omtrdc.net
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
261 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
talservices.demdex.net
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
71 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3827
63 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1336
517 B
1 gstatic.com
www.gstatic.com
212 KB
1 bpoint.com.au
www.bpoint.com.au
8 KB
44 15
Domain Requested by
7 assets.adobedtm.com payments.tal.com.au
assets.adobedtm.com
5 ad.doubleclick.net 2 redirects
4 payments.tal.com.au payments.tal.com.au
3 bat.bing.com payments.tal.com.au
bat.bing.com
3 www.googletagmanager.com assets.adobedtm.com
www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.facebook.com
2 10721995.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 talservices.sc.omtrdc.net assets.adobedtm.com
2 connect.facebook.net assets.adobedtm.com
connect.facebook.net
2 dpm.demdex.net assets.adobedtm.com
payments.tal.com.au
2 www.google.com payments.tal.com.au
www.gstatic.com
1 o.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 www.google.co.uk
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 adservice.google.com
1 tal.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 talservices.demdex.net assets.adobedtm.com
1 www.gstatic.com www.google.com
1 www.bpoint.com.au payments.tal.com.au
44 24

This site contains no links.

Subject Issuer Validity Valid
payments.tal.com.au
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-23 -
2024-10-23		 6 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
www.bpoint.com.au
Entrust Certification Authority - L1M		 2024-04-24 -
2025-04-25		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-09 -
2024-07-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-22 -
2024-09-21		 a year crt.sh
*.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.co.uk
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 4 frames:

Primary Page: https://payments.tal.com.au/TAL?mcode=2024051409270405
Frame ID: B35E522305D13AEE96E9BC2C0C002588
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeM0BMnAAAAANF3wUIbyzmUgYBBJY469Pycmroj&co=aHR0cHM6Ly9wYXltZW50cy50YWwuY29tLmF1OjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=c85ihoh56b0z
Frame ID: 8AE87C96847BF6630E25A692D95A61B2
Requests: 1 HTTP requests in this frame

Frame: https://talservices.demdex.net/dest5.html?d_nsid=0
Frame ID: DA41E603914DD8AF921E9D52F3205258
Requests: 1 HTTP requests in this frame

Frame: https://10721995.fls.doubleclick.net/activityi;dc_pre=CNGn7eqHhYcDFdWG6QUdQMkCcA;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405
Frame ID: 1DC0C37C6FD030CFDEEFF9B21D0ED922
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TAL: Make a Payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

24
Subdomains

22
IPs

4
Countries

7233 kB
Transfer

8616 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://cm.everesttech.net/cm/dd?d_uuid=34958291738011413580022234419370763166 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoI4JwAAAL4nnQN-
Request Chain 24
  • https://ad.doubleclick.net/activity;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CPPn6uqHhYcDFXFbDwIdAXkO9g;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CPPn6uqHhYcDFXFbDwIdAXkO9g;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=*;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405
Request Chain 28
  • https://10721995.fls.doubleclick.net/activityi;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405 HTTP 302
  • https://10721995.fls.doubleclick.net/activityi;dc_pre=CNGn7eqHhYcDFdWG6QUdQMkCcA;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405
Request Chain 44
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=052C49B09D4A4B86A88A3E8CA01F518B&RedC=c.clarity.ms&MXFR=0666AFE7C64B6EC91497BB48C24B60EB HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=052C49B09D4A4B86A88A3E8CA01F518B&MUID=31FDEB44DBF7696707B6FFEBDA6668B1

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request TAL
payments.tal.com.au/ 		894 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.tal.com.au/TAL?mcode=2024051409270405
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
384a938f0fe9525bc808a6c3cc86301856a24bbf37cfbc81dc876bc5022f9c20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
894
content-md5
XFA/ziLn5H23Hs0O4iOn9w==
content-type
text/html
date
Mon, 01 Jul 2024 05:01:25 GMT
etag
"0x8DC904A0C0278A7"
last-modified
Wed, 19 Jun 2024 10:24:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
CONFIG_NOCACHE
main.js
payments.tal.com.au/static/js/ 		6 MB
6 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.tal.com.au/static/js/main.js
Requested by
Host: payments.tal.com.au
URL: https://payments.tal.com.au/TAL?mcode=2024051409270405
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9c7b933bff2847cb36379c5c0134ae72d229562bd70c5c5bf7c2f0f49b2f75a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/TAL?mcode=2024051409270405
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 19 Jun 2024 10:24:48 GMT
content-md5
dXTQtXWlL6pKiP+1Ol1jPw==
etag
"0x8DC904A0C5C7261"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
accept-ranges
bytes
content-length
6551796
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95d5217ea83a65ccd8b3ff2ee57f7790cad3d553dfe591856e3f8b77fe5b5831

Request headers

Referer
Origin
https://payments.tal.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8522d73dcbb6165657108895bb4b60bbb128be2b3c626b64897fdededc09e728

Request headers

Referer
Origin
https://payments.tal.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4de38505ed65194c0e730984dc89b933fe7bce34de812f722d33739635801524

Request headers

Referer
Origin
https://payments.tal.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
api.js
www.google.com/recaptcha/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeM0BMnAAAAANF3wUIbyzmUgYBBJY469Pycmroj
Requested by
Host: payments.tal.com.au
URL: https://payments.tal.com.au/static/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f4.1e100.net
Software
GSE /
Resource Hash
9fc5ebf39fa2380a83323140702462bac322e46c83145401813d7508f8abcc32
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jul 2024 05:01:26 GMT
launch-519bfc930a09.min.js
assets.adobedtm.com/3236b84eee38/5dafd12ae923/ 		389 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Requested by
Host: payments.tal.com.au
URL: https://payments.tal.com.au/static/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
013833399d48d35e56b478f8ef26ff10ef5f6b82f3fefe44068b0fc74f1b6935

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:25 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 06:36:11 GMT
server
AkamaiNetStorage
etag
"b17649ce0fd6c2cdfe4ec50b9b187e77:1716964571.780361"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://payments.tal.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
112769
expires
Mon, 01 Jul 2024 06:01:25 GMT
api.js
www.bpoint.com.au/rest/clientscripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bpoint.com.au/rest/clientscripts/api.js
Requested by
Host: payments.tal.com.au
URL: https://payments.tal.com.au/static/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.195.127.34 , Australia, ASN38859 (PREMIERTECH-AU Premier Technologies Pty Ltd, AU),
Reverse DNS
Software
/
Resource Hash
022c753247f5520e5d444dc05d8eecbe5b3a8f85a57a1561addc7b672ddc94a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://ci-mpsnare.iovation.com https://mpsnare.iesnare.com https://*.klarna.com https://*.klarnacdn.net https://*.klarnaevt.com https://*.aexp-static.com https://*.americanexpress.com https://hcaptcha.com https://*.hcaptcha.com; img-src blob: data: *; font-src data: *; style-src 'unsafe-inline' *; frame-src *; object-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://ci-mpsnare.iovation.com https://mpsnare.iesnare.com https://*.klarna.com https://*.klarnacdn.net https://*.klarnaevt.com https://*.aexp-static.com https://*.americanexpress.com https://hcaptcha.com https://*.hcaptcha.com; img-src blob: data: *; font-src data: *; style-src 'unsafe-inline' *; frame-src *; object-src 'none'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Mon, 01 Jul 2024 05:01:24 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
private,no-store,no-cache,must-revalidate,proxy-revalidate
Content-Length
7366
X-XSS-Protection
1; mode=block
tal-logo.svg
payments.tal.com.au/img/ 		378 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.tal.com.au/img/tal-logo.svg
Requested by
Host: payments.tal.com.au
URL: https://payments.tal.com.au/TAL?mcode=2024051409270405
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4823c1be22acd987257964d740bab7716a4925904df67e9ddc36f225e789395f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/TAL?mcode=2024051409270405
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 19 Jun 2024 10:24:48 GMT
content-md5
QbKv7ErQc82WHnfASR+CLg==
etag
"0x8DC904A0C691ABD"
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
accept-ranges
bytes
content-length
378
id
dpm.demdex.net/ 		370 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=CCB543A1559C51027F000101%40AdobeOrg&d_nsid=0&ts=1719810086054
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.174.55.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-55-74.compute-1.amazonaws.com
Software
/
Resource Hash
9750c75e3df7412c59a1dac89b1c5b7a16067575e475273f2da6f01c05aba4ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-1-v060-03e04977d.edge-va6.demdex.com 1 ms
pragma
no-cache
date
Mon, 01 Jul 2024 05:01:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
QoRgythzTXc=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://payments.tal.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
312
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:26 GMT
content-encoding
gzip
last-modified
Mon, 04 Mar 2024 18:51:30 GMT
server
AkamaiNetStorage
etag
"964f8cb588092ac645368e7307eb73ac:1709578290.803919"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://payments.tal.com.au
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12938
expires
Mon, 01 Jul 2024 06:01:26 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:26 GMT
content-encoding
gzip
last-modified
Mon, 04 Mar 2024 18:51:31 GMT
server
AkamaiNetStorage
etag
"9cf185793291692f744c78c75da01dd8:1709578291.795602"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://payments.tal.com.au
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1599
expires
Mon, 01 Jul 2024 06:01:26 GMT
fbevents.js
connect.facebook.net/en_US/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Jul 2024 05:01:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58251
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1380, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
NJgHOV7zOIn71a0Q84HjNdhDnsXvV7EHZcauWUVvkvZ/K1saA2Uq74aO/rmcLuFsZEFyIVxxwfQ++xkDeuBcrg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
RCbc2773f67bcc41a2ba0ff22113324aea-source.min.js
assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/ 		823 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/RCbc2773f67bcc41a2ba0ff22113324aea-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e320bb5e8ec3389f3ff8d107d92b5e2098d85b84a192fea88fbfdbfc8f6beaba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:26 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 06:36:13 GMT
server
AkamaiNetStorage
etag
"8b8fc624fbab5ff389aed938f38095a7:1716964573.897201"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://payments.tal.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
473
expires
Mon, 01 Jul 2024 06:01:26 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10721995
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fcc895da917517742614be6c7d675d8318544b1e3a3108831efd41111cb5d759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75854
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Jul 2024 05:01:26 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		534 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeM0BMnAAAAANF3wUIbyzmUgYBBJY469Pycmroj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Origin
https://payments.tal.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 03:28:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216123
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Jul 2025 03:28:40 GMT
568651121747163
connect.facebook.net/signals/config/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/568651121747163?v=2.9.159&r=stable&domain=payments.tal.com.au&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
995d1c894d60387c3f1e8511f4b9f596d33a37444cbee650f134135571b15564
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Jul 2024 05:01:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12223
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=61, mss=1380, tbw=63762, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
hxVYNTi01bPYsAWFHqA7mkSp97TI0+v49g6zm8wcB1Ib/tAwY2XAU+3FjT30SJgWt/9WmpYNZ936KOJmThnakQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8AE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeM0BMnAAAAANF3wUIbyzmUgYBBJY469Pycmroj&co=aHR0cHM6Ly9wYXltZW50cy50YWwuY29tLmF1OjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=c85ihoh56b0z
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YYmaaolvqTT8y2DYmuZQUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://payments.tal.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YYmaaolvqTT8y2DYmuZQUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 05:01:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dest5.html
talservices.demdex.net/ Frame DA41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://talservices.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.17.206.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-206-181.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://payments.tal.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 01 Jul 2024 05:01:27 GMT
dcs
dcs-prod-va6-1-v060-00e079c6b.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 9 May 2024 10:50:12 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
JrKlPORaRIM=
id
talservices.sc.omtrdc.net/ 		2 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://talservices.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=CCB543A1559C51027F000101%40AdobeOrg&mid=34770703784738295750039504476491207479&ts=1719810086729
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-35.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://payments.tal.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZoI4JwAAAL4nnQN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=34958291738011413580022234419370763166
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoI4JwAAAL4nnQN-
42 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoI4JwAAAL4nnQN-
Requested by
Host: payments.tal.com.au
URL: https://payments.tal.com.au/TAL?mcode=2024051409270405
Protocol
H2
Server
35.174.55.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-55-74.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://payments.tal.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v060-01f6a99ee.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
xiqkgOqQQoU=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZoI4JwAAAL4nnQN-
Date
Mon, 01 Jul 2024 05:01:27 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
tal.tt.omtrdc.net/rest/v1/ 		346 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tal.tt.omtrdc.net/rest/v1/delivery?client=tal&sessionId=950c697fc9e743f6bedd537b22129d0f&version=2.11.4
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.132 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-132.data.adobedc.net
Software
jag /
Resource Hash
a0c692018cf739f087fa49b911c3d795302ba647dd9b77949b8a273b861306a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://payments.tal.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
fbcd7b01-e041-4757-a422-f6ca5ab8c7cd
faviconTAL.ico
payments.tal.com.au/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://payments.tal.com.au/faviconTAL.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f86091c43b65f1626b6c1319c627aa2f84cd324b522f3ec26279371aaa3d795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/TAL?mcode=2024051409270405
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 19 Jun 2024 10:24:48 GMT
content-md5
DkaMNUnbc06rCvLkkCPXuQ==
etag
"0x8DC904A0BFB9BD9"
x-cache
CONFIG_NOCACHE
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
15086
js
www.googletagmanager.com/gtag/ 		271 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1CP572CXG7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10721995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6db63b4c1c1c0250273ae234ed0cf1a6292bc255af03f28f4312ea39c4e26438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95350
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 05:01:27 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1CP572CXG7&l=dataLayer
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
053a6a48e1a3beb12152fbe93d53968d068260193038dcd90d59be198b02a69d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95274
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 05:01:27 GMT
dc_pre=CPPn6uqHhYcDFXFbDwIdAXkO9g;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=*;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0....
  • https://ad.doubleclick.net/activity;dc_pre=CPPn6uqHhYcDFXFbDwIdAXkO9g;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=380620194;uaa=x86;uab...
  • https://adservice.google.com/ddm/fls/z/dc_pre=CPPn6uqHhYcDFXFbDwIdAXkO9g;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=*;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPPn6uqHhYcDFXFbDwIdAXkO9g;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=*;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://payments.tal.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=CPPn6uqHhYcDFXFbDwIdAXkO9g;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=*;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;register_conversion=1;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CC...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10721995;type=quote0;cat=talc-00;ord=1;num=9356895224056;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=380620194;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"17849139566950915964"}],"aggregatable_trigger_data":[{"filters":[{"14":["11537600"]}],"key_piece":"0xa560f22805cabb1b","source_keys":["12","13","14","15","16","17","18","19","20","21","628740392","628740393","628740394","628740395","628795612","628795613","628795614","628795615","634902964","634902965","634902966","634902967","634934472","634934473","634934474","634934475"]},{"key_piece":"0x9a1a90205ba74876","not_filters":{"14":["11537600"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628740392","628740393","628740394","628740395","628795612","628795613","628795614","628795615","634902964","634902965","634902966","634902967","634934472","634934473","634934474","634934475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628740392":131,"628740393":131,"628740394":131,"628740395":12713,"628795612":655,"628795613":655,"628795614":655,"628795615":63569,"634902964":109,"634902965":109,"634902966":109,"634902967":10594,"634934472":65,"634934473":65,"634934474":65,"634934475":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2484532835108530214","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17849139566950915964","filters":[{"14":["11537600"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17849139566950915964","filters":[{"14":["11537600"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17849139566950915964","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17849139566950915964","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10721995"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RC8e373df2aa174c88b72d014150a758c7-source.min.js
assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/ 		326 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/RC8e373df2aa174c88b72d014150a758c7-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aa61e7f6d836a826b82630e9f0feffbc3fbe477ab4dcf81fd9e5dbb0d583235c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 06:36:13 GMT
server
AkamaiNetStorage
etag
"8b8fc624fbab5ff389aed938f38095a7:1716964573.897201"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://payments.tal.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
204
expires
Mon, 01 Jul 2024 06:01:27 GMT
RC8aee3247005049439c69e1a1838a4972-source.min.js
assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/ 		987 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/RC8aee3247005049439c69e1a1838a4972-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
27fe02eab5befc2b5ee40ad3611878694bf194406f9574c6ebb2bab96e1a7231

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 06:36:13 GMT
server
AkamaiNetStorage
etag
"8b8fc624fbab5ff389aed938f38095a7:1716964573.897201"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://payments.tal.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
608
expires
Mon, 01 Jul 2024 06:01:27 GMT
activityi;dc_pre=CNGn7eqHhYcDFdWG6QUdQMkCcA;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%...
10721995.fls.doubleclick.net/ Frame 1DC0
Redirect Chain
  • https://10721995.fls.doubleclick.net/activityi;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Bra...
  • https://10721995.fls.doubleclick.net/activityi;dc_pre=CNGn7eqHhYcDFdWG6QUdQMkCcA;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10721995.fls.doubleclick.net/activityi;dc_pre=CNGn7eqHhYcDFdWG6QUdQMkCcA;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10721995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://payments.tal.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 05:01:27 GMT
expires
Mon, 01 Jul 2024 05:01:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 05:01:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10721995.fls.doubleclick.net/activityi;dc_pre=CNGn7eqHhYcDFdWG6QUdQMkCcA;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CC...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10721995;type=quote0;cat=talc-00;ord=1;num=3320916559510;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=320722264;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"17849139566950915964"}],"aggregatable_trigger_data":[{"filters":[{"14":["11537600"]}],"key_piece":"0xa560f22805cabb1b","source_keys":["12","13","14","15","16","17","18","19","20","21","628740392","628740393","628740394","628740395","628795612","628795613","628795614","628795615","634902964","634902965","634902966","634902967","634934472","634934473","634934474","634934475"]},{"key_piece":"0x9a1a90205ba74876","not_filters":{"14":["11537600"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628740392","628740393","628740394","628740395","628795612","628795613","628795614","628795615","634902964","634902965","634902966","634902967","634934472","634934473","634934474","634934475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628740392":131,"628740393":131,"628740394":131,"628740395":12713,"628795612":655,"628795613":655,"628795614":655,"628795615":63569,"634902964":109,"634902965":109,"634902966":109,"634902967":10594,"634934472":65,"634934473":65,"634934474":65,"634934475":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2797150086926281628","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17849139566950915964","filters":[{"14":["11537600"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17849139566950915964","filters":[{"14":["11537600"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17849139566950915964","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17849139566950915964","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10721995"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;src=10721995;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=101304185;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;u...
ad.doubleclick.net/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;src=10721995;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=101304185;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;register_conversion=1;src=10721995;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=101304185;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B1...
ad.doubleclick.net/ 		0
0
RCa6ae9861b55e426b8cdbf4ef5231c5c7-source.min.js
assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/ 		946 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/fcb049b344ea/RCa6ae9861b55e426b8cdbf4ef5231c5c7-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3236b84eee38/5dafd12ae923/launch-519bfc930a09.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b99f083a4d909977487ba3fb9ed2b3b5788fe7486db9077c429519e2b3c46d73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:27 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 06:36:13 GMT
server
AkamaiNetStorage
etag
"8b8fc624fbab5ff389aed938f38095a7:1716964573.897201"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://payments.tal.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
517
expires
Mon, 01 Jul 2024 06:01:27 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: payments.tal.com.au
URL: https://payments.tal.com.au/TAL?mcode=2024051409270405
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 01 Jul 2024 05:01:27 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 48F2BCBDE0F74D649451D5BC577BFEF1 Ref B: SYD03EDGE2017 Ref C: 2024-07-01T05:01:27Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=568651121747163&ev=PageView&dl=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405&rl=&if=false&ts=1719810087501&sw=1600&sh=1200&v=2.9.159&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.2.1719810087499.827732440698145201&ler=empty&cdl=API_unavailable&it=1719810086134&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=2808, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 Jul 2024 05:01:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=568651121747163&ev=PageView&dl=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405&rl=&if=false&ts=1719810087501&sw=1600&sh=1200&v=2.9.159&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.2.1719810087499.827732440698145201&ler=empty&cdl=API_unavailable&it=1719810086134&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xfa53e12bd614910e","source_keys":["1","2"]},{"key_piece":"0xc7b63671ba624763","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 01 Jul 2024 05:01:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7386528079627504599", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=3125, tp=-1, tpl=-1, uplat=250, ullat=0
pragma
no-cache
x-fb-debug
ThHDr5IAeknWk+8obh110QMfA7bqvHxk50qCkaBhLX2PWOTj5XjMAmx6dVob8zgYj84VmuBa+vi3J6gwWa5Inw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7386528079627504599"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
s19078366203323
talservices.sc.omtrdc.net/b/ss/tal-global-prd/1/JS-2.26.0-LDQM/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://talservices.sc.omtrdc.net/b/ss/tal-global-prd/1/JS-2.26.0-LDQM/s19078366203323?AQB=1&ndh=1&pf=1&t=1%2F6%2F2024%2013%3A1%3A27%201%20-480&sdid=67067EF2E6749DFD-38D050E7DE0CC123&mid=34770703784738295750039504476491207479&aamlh=7&ce=UTF-8&ns=talservices&cdp=3&pageName=%3Aexternal%3Apayment%20home&g=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405&c.&inList=3.0&apl=4.0&.c&cc=AUD&events=event69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=TAL%20Payments&v2=%3Aexternal%3Apayment%20home&v4=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405&v23=D%3Dmid&v25=%2FTAL&c40=2024-05-29T06%3A35%3A32Z%7CP%7C27.5.0%7CTAL%20Direct%20AP%7C5.5.0%7C2.26.0%7Cat2.11.4&c45=Form%20Start%7CQuote%20Start%20-%20Floodlight&v76=https%3A%2F%2Fpayments.tal.com.au%2FTAL&v82=2024051409270405&v96=external&v97=payment%20home&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=CCB543A1559C51027F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-35.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Jul 2024 05:01:27 GMT
server
jag
etag
3693264040070479872-4618489576378460080
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 30 Jun 2024 05:01:27 GMT
97043026.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97043026.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fcee1f5bc16582341e345763cbb63718136adbd733d568e94ae40042729e174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Mon, 01 Jul 2024 05:01:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BAD58E67CDC745C69F63DA72787D3C43 Ref B: SYD03EDGE2017 Ref C: 2024-07-01T05:01:27Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97043026&Ver=2&mid=27d23c74-ff8c-48ad-a7b4-81b21167a617&sid=f910a790376611ef96b36fff53234553&vid=f910b280376611efb2b2c771abe7cdaf&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=TAL%3A%20Make%20a%20Payment&p=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405&r=&lt=2421&evt=pageLoad&sv=1&rn=412730
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 01 Jul 2024 05:01:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A810E55D4A7441A6A7B35EF2D68EB92B Ref B: SYD03EDGE2017 Ref C: 2024-07-01T05:01:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1CP572CXG7&gtm=45je46q0v897007681za200&_p=1719810086467&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1873790047.1719810088&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719810087&sct=1&seg=0&dl=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405&dt=TAL%3A%20Make%20a%20Payment&en=form_start&_fv=1&_nsi=1&_ss=1&_ee=1&ep.brand=TAL%20Payments&ep.mcode=2024051409270405&ep.page_name=%3Aexternal%3Apayment%20home&ep.page_url=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405&ep.sbkey=&ep.form_name=external&tfd=2747&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1CP572CXG7&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.tal.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1CP572CXG7&cid=1873790047.1719810088&gtm=45je46q0v897007681za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1CP572CXG7&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.tal.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1CP572CXG7&cid=1873790047.1719810088&gtm=45je46q0v897007681za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=141117062
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
97043026
www.clarity.ms/tag/uet/ 		827 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97043026?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97043026.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6917b0a1fd29c903b75806658d39c927a27c92844a158bb35aa1b771b6da0264

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Mon, 01 Jul 2024 05:01:28 GMT
x-azure-ref
20240701T050127Z-17b8d4f8bc7kj2wgxbxxs2pwt40000000eu000000000q28u
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
827
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97043026?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:01:28 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240701T050128Z-17b8d4f8bc7kj2wgxbxxs2pwt40000000eu000000000q294
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0b7537da-501e-0029-5c60-c510af000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=052C49B09D4A4B86A88A3E8CA01F518B&RedC=c.clarity.ms&MXFR=0666AFE7C64B6EC91497BB48C24B60EB
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=052C49B09D4A4B86A88A3E8CA01F518B&MUID=31FDEB44DBF7696707B6FFEBDA6668B1
42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=052C49B09D4A4B86A88A3E8CA01F518B&MUID=31FDEB44DBF7696707B6FFEBDA6668B1
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://payments.tal.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:28 GMT
last-modified
Tue, 25 Jun 2024 17:30:33 GMT
server
Microsoft-IIS/10.0
etag
"3190236225c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 01 Jul 2024 05:01:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 34AD2F36DA684433BF13661FEDB32384 Ref B: SYD03EDGE2017 Ref C: 2024-07-01T05:01:28Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=052C49B09D4A4B86A88A3E8CA01F518B&MUID=31FDEB44DBF7696707B6FFEBDA6668B1
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
o.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://payments.tal.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://payments.tal.com.au
Date
Mon, 01 Jul 2024 05:01:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10721995;npa=0;auiddc=1854862761.1719810086;ps=1;pcor=101304185;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fpayments.tal.com.au%2FTAL%3Fmcode%3D2024051409270405?

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage string| brandName object| link function| setImmediate function| clearImmediate object| regeneratorRuntime object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in number| cookieDomainPeriods function| fbq function| _fbq object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| BPOINT object| recaptcha object| closure_lm_752636 object| google_tag_manager object| google_tag_data object| dataLayer function| gtag object| uetq object| s_i_tal-global-prd function| UET function| UET_init function| UET_push object| ueto_13c4a85913 object| gaGlobal function| clarity object| clarityuetq

28 Cookies

Domain/Path Name / Value
.tal.com.au/ Name: at_check
Value: true
.tal.com.au/ Name: _gcl_au
Value: 1.1.1854862761.1719810086
.demdex.net/ Name: demdex
Value: 34958291738011413580022234419370763166
.tal.com.au/ Name: AMCVS_CCB543A1559C51027F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZoI4JwAAAL4nnQN-
.dpm.demdex.net/ Name: dpm
Value: 34958291738011413580022234419370763166
.tal.com.au/ Name: AMCV_CCB543A1559C51027F000101%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19906%7CMCMID%7C34770703784738295750039504476491207479%7CMCAAMLH-1720414886%7C7%7CMCAAMB-1720414886%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1719817287s%7CNONE%7CMCSYNCSOP%7C411-19913%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.tal.com.au/ Name: mbox
Value: session#950c697fc9e743f6bedd537b22129d0f#1719811948|PC#950c697fc9e743f6bedd537b22129d0f.34_0#1783054888
.tal.com.au/ Name: _fbp
Value: fb.2.1719810087499.827732440698145201
.tal.com.au/ Name: s_cc
Value: true
.tal.com.au/ Name: _uetsid
Value: f910a790376611ef96b36fff53234553
.tal.com.au/ Name: _uetvid
Value: f910b280376611efb2b2c771abe7cdaf
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.tal.com.au/ Name: _ga
Value: GA1.1.1873790047.1719810088
.tal.com.au/ Name: _ga_1CP572CXG7
Value: GS1.1.1719810087.1.1.1719810087.60.0.0
.bing.com/ Name: MUID
Value: 31FDEB44DBF7696707B6FFEBDA6668B1
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnq_4n4nfZVlc6p4pAttO-Jrr3HsPQa22z6uvUNXGVrxR8jboZhh1KbPNS1Skg
www.clarity.ms/ Name: CLID
Value: 47024522ea0944939898b61e5f0d1bfe.20240701.20250701
.tal.com.au/ Name: _clck
Value: 10uyu9w%7C2%7Cfn3%7C0%7C1643
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 31FDEB44DBF7696707B6FFEBDA6668B1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 31FDEB44DBF7696707B6FFEBDA6668B1
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.tal.com.au/ Name: _clsk
Value: 1dj01xm%7C1719810089642%7C1%7C1%7Co.clarity.ms%2Fcollect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10721995.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
assets.adobedtm.com
bat.bing.com
c.bing.com
c.clarity.ms
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
o.clarity.ms
payments.tal.com.au
region1.analytics.google.com
stats.g.doubleclick.net
tal.tt.omtrdc.net
talservices.demdex.net
talservices.sc.omtrdc.net
www.bpoint.com.au
www.clarity.ms
www.facebook.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
ad.doubleclick.net
13.107.246.31
142.250.66.195
142.250.66.198
142.250.66.228
142.250.76.102
142.251.175.155
142.251.221.72
157.240.8.23
157.240.8.35
172.217.167.98
172.217.167.99
203.195.127.34
204.79.197.237
216.239.32.36
23.55.11.47
35.174.55.74
50.17.206.181
52.152.143.207
52.220.248.45
52.231.230.148
63.140.38.132
63.140.39.35
013833399d48d35e56b478f8ef26ff10ef5f6b82f3fefe44068b0fc74f1b6935
022c753247f5520e5d444dc05d8eecbe5b3a8f85a57a1561addc7b672ddc94a3
053a6a48e1a3beb12152fbe93d53968d068260193038dcd90d59be198b02a69d
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
27fe02eab5befc2b5ee40ad3611878694bf194406f9574c6ebb2bab96e1a7231
384a938f0fe9525bc808a6c3cc86301856a24bbf37cfbc81dc876bc5022f9c20
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4823c1be22acd987257964d740bab7716a4925904df67e9ddc36f225e789395f
4de38505ed65194c0e730984dc89b933fe7bce34de812f722d33739635801524
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
6917b0a1fd29c903b75806658d39c927a27c92844a158bb35aa1b771b6da0264
6db63b4c1c1c0250273ae234ed0cf1a6292bc255af03f28f4312ea39c4e26438
6f86091c43b65f1626b6c1319c627aa2f84cd324b522f3ec26279371aaa3d795
7fcee1f5bc16582341e345763cbb63718136adbd733d568e94ae40042729e174
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8522d73dcbb6165657108895bb4b60bbb128be2b3c626b64897fdededc09e728
95d5217ea83a65ccd8b3ff2ee57f7790cad3d553dfe591856e3f8b77fe5b5831
9750c75e3df7412c59a1dac89b1c5b7a16067575e475273f2da6f01c05aba4ae
995d1c894d60387c3f1e8511f4b9f596d33a37444cbee650f134135571b15564
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c7b933bff2847cb36379c5c0134ae72d229562bd70c5c5bf7c2f0f49b2f75a2
9fc5ebf39fa2380a83323140702462bac322e46c83145401813d7508f8abcc32
a0c692018cf739f087fa49b911c3d795302ba647dd9b77949b8a273b861306a4
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa61e7f6d836a826b82630e9f0feffbc3fbe477ab4dcf81fd9e5dbb0d583235c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
b99f083a4d909977487ba3fb9ed2b3b5788fe7486db9077c429519e2b3c46d73
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e320bb5e8ec3389f3ff8d107d92b5e2098d85b84a192fea88fbfdbfc8f6beaba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
fcc895da917517742614be6c7d675d8318544b1e3a3108831efd41111cb5d759