www.nationalobserver.com
Open in
urlscan Pro
172.67.26.173
Public Scan
Effective URL: https://www.nationalobserver.com/
Submission: On October 19 via api from GB — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.
This is the only time www.nationalobserver.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 46 | 172.67.26.173 172.67.26.173 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.95.65 104.16.95.65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 142.250.185.72 142.250.185.72 | 15169 (GOOGLE) (GOOGLE) | |
4 | 23.79.131.70 23.79.131.70 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 104.16.240.21 104.16.240.21 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 104.17.186.177 104.17.186.177 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 142.250.186.174 142.250.186.174 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.185.66 142.250.185.66 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.184.194 142.250.184.194 | 15169 (GOOGLE) (GOOGLE) | |
3 | 178.63.13.144 178.63.13.144 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 64.233.166.157 64.233.166.157 | 15169 (GOOGLE) (GOOGLE) | |
81 | 12 |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-131-70.deploy.static.akamaitechnologies.com
cdn.cxense.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
adservice.google.ca | |
adservice.google.com |
ASN24940 (HETZNER-AS, DE)
PTR: de717.cxense.com
p1cluster.cxense.com | |
comcluster.cxense.com | |
id.cxense.com |
ASN15169 (GOOGLE, US)
PTR: wm-in-f157.1e100.net
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
46 |
nationalobserver.com
1 redirects
www.nationalobserver.com |
5 MB |
15 |
tinypass.com
buy.tinypass.com id.tinypass.com |
367 KB |
7 |
cxense.com
cdn.cxense.com p1cluster.cxense.com comcluster.cxense.com id.cxense.com |
64 KB |
4 |
google-analytics.com
www.google-analytics.com |
57 KB |
3 |
doubleclick.net
securepubads.g.doubleclick.net stats.g.doubleclick.net |
123 KB |
3 |
googletagmanager.com
www.googletagmanager.com |
99 KB |
1 |
google.com
adservice.google.com |
570 B |
1 |
google.ca
adservice.google.ca |
853 B |
1 |
piano.io
c2.piano.io |
6 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com |
5 KB |
81 | 10 |
Domain | Requested by | |
---|---|---|
46 | www.nationalobserver.com |
1 redirects
www.nationalobserver.com
buy.tinypass.com static.cloudflareinsights.com |
14 | buy.tinypass.com |
www.nationalobserver.com
buy.tinypass.com |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | cdn.cxense.com |
www.nationalobserver.com
cdn.cxense.com |
3 | www.googletagmanager.com |
www.nationalobserver.com
www.googletagmanager.com |
2 | securepubads.g.doubleclick.net |
www.nationalobserver.com
|
1 | id.cxense.com |
cdn.cxense.com
|
1 | comcluster.cxense.com |
cdn.cxense.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | p1cluster.cxense.com |
cdn.cxense.com
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.ca |
securepubads.g.doubleclick.net
|
1 | id.tinypass.com |
www.nationalobserver.com
|
1 | c2.piano.io |
www.nationalobserver.com
|
1 | static.cloudflareinsights.com |
www.nationalobserver.com
|
81 | 15 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.cxense.com DigiCert SHA2 Secure Server CA |
2021-05-21 - 2022-05-26 |
a year | crt.sh |
*.piano.io Sectigo RSA Domain Validation Secure Server CA |
2021-08-19 - 2022-09-18 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.google.ca GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.nationalobserver.com/
Frame ID: E117EA4EA7236D98499E6B6E0D50970C
Requests: 64 HTTP requests in this frame
Frame:
https://cdn.cxense.com/sp1.html
Frame ID: 4905F9EC4E3618D0C5AEA98BCE3175B3
Requests: 4 HTTP requests in this frame
Frame:
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Z9bvuPACYA&templateId=OTJ63PVKNYJH&offerId=fakeOfferId&experienceId=EXGGRA7P2KJ6&iframeId=offer_53887c5162b6d6b8f152-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.nationalobserver.com
Frame ID: 8061D73B882224D2EEA95F0072417CBA
Requests: 6 HTTP requests in this frame
Frame:
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Z9bvuPACYA&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&experienceId=EX8NZMGWGKII&iframeId=offer_016b323f9b2526ed6855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.nationalobserver.com
Frame ID: 4795568CD849BC36B6941E4FC4265709
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Canada's National Observer: News & AnalysisPage URL History Show full URLs
-
http://www.nationalobserver.com/
HTTP 301
https://www.nationalobserver.com/ Page URL
Detected technologies
Drupal (CMS) ExpandDetected patterns
- <(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: What's COP26?
Search URL Search Domain Scan URL
Title: Reserve a place
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: Partner
Search URL Search Domain Scan URL
Title: VO
Search URL Search Domain Scan URL
Title: CCJ
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.nationalobserver.com/
HTTP 301
https://www.nationalobserver.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
81 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.nationalobserver.com/ Redirect Chain
|
77 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-extrabold.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-regular.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-bold.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__UxBgib5HUxRcBak7LaxfcYlfscLRN2gpshvs8MvhA2U__1K_FLXKGyHk7sooakol4NarpnrP18KxwB3ywSjHvWlY__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__I-6ri1KwjnT3zv9PjcRRyK58IekpGu4HKcKb_bWOXVw__Rg0zI004BKPp3kpGWym6jCXNyhnEqOxqY8FUdhJNVB0__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
264 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__9s9P0PQgm1CAcRaVMuEvDtgPS53n14PMyl7d-cYCTVw__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
79 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__uYYRdpRbD6lXn1bVwtL42BLc8NTk48rvG6-F_Ftk--8__hDEly17JjUcEQWHIOsD4jSFcStjpDZ_qHpxFi9Yv54Y__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
412 KB 137 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__dHVmL6-XkUFuXhEDRgTS2ns8C9lwMBpw-RBYvtHOjik__9LAPdnj5uSm6g-nfVFoZF63ELP_lQ6He1_D0CryeHjE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cop26-banner-desktop-02.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/img/2021/10/18/ |
358 KB 358 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
racc_episode_image_370x250_02.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2021/10/12/ |
628 KB 629 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__aStMQM3iUFCkbJq9FY8aIesIcPj-89MaJ7zMhQs-XBg__MSqvSoXHtcGlHLnj9FpuTa9ZUCnBmcWiDJvxLYzLkms__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
369 B 392 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__uT2V2kit4OxUn0xI7C4UWCWdRyPUroxotAG8P9paj9o__L2UzhNiES62aosgBBJAwNa3rlBkwMy28gYsMHN_0NRU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
166 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__2SmPBejOqNfyHBCEF-s0TVOXFxmVQZKdedl8RfrQRu0__-b2fSlapSCOtO-WibTr48WKUJEgjQ5JrafwTjY49kl0__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
81 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js___BQ49rcasJ1L0knCFgjgbDRg0GxFKOeIH0dhcnsWafQ__WU7EPSVTX3IFMwHrMHt-eyo8U6Jd6LYgdluLJF8ie2g__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__7ZOWISuDz7fXCBBrX-7LEEGRYX4eIknTBMw9zLtD7Fo__vW5d_W9mjgDrnSd1pwHeb0SBOYffvQnTKzRYLu4hmsI__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
37 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js
static.cloudflareinsights.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.svg
www.nationalobserver.com/sites/all/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photo_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2021/10/12/ |
460 KB 461 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redo-collage.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/18/ |
126 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2021101615104-616b22c19cda26903a9da003jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/18/ |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10152021-jason-kenney-maxcolumn-albertanewsroom-flickr.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/15/ |
88 KB 88 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23844247378_e26c7a070f_k.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/14/ |
141 KB 142 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
columnist-jesse-firempong-01.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/img/2021/08/24/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
columnist-sandy-garossino-01.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/img/2021/08/24/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
columnist-camilla-bains-01.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/img/2021/08/24/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
columnist-julian-noisecat-01.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/img/2021/08/24/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_footer.svg
www.nationalobserver.com/sites/all/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen_shot_2021-09-21_at_10.59.26_am.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2021/09/21/ |
185 KB 185 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merran_smith.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2021/09/28/ |
155 KB 156 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dale_beugin.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2021/09/21/ |
84 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
david_mckie-crop.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/06/04/ |
118 KB 118 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tailpipe-exhaust-top.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/09/27/ |
84 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
betty_riffel_in_kitchencropped3_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/06/15/ |
115 KB 115 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_dsf4558_use_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2021/10/01/ |
326 KB 327 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13625394_10154314108921226_910660304929283154_n.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/01/ |
85 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
doug_ford_2019_cabinet_shuffle.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/06/15/ |
90 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
canada_anti_vaccine4-2.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/09/18/ |
224 KB 224 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
211018_pexels-rodnae-productions-8363044.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/18/ |
117 KB 118 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2021101615104-cp-kamloops.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/18/ |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20211017081052-616c1cd94015d0a994f52316jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/18/ |
108 KB 108 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20211017141024-616c6b0c4015d0a994f53447jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2021/10/18/ |
98 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
141 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cx.cce.js
cdn.cxense.com/ |
22 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
execute
c2.piano.io/xbuilder/experience/ |
27 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get.js
buy.tinypass.com/api/v3/anon/captcha/ |
153 B 701 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cx.js
cdn.cxense.com/ |
116 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verify
id.tinypass.com/id/api/v1/identity/token/ |
208 B 978 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
124 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ |
361 KB 122 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
86 B 739 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.google-analytics.com/gtm/ |
93 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp1.html
cdn.cxense.com/ Frame 4905 |
1 KB 880 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ |
553 B 868 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cacheableShow
buy.tinypass.com/checkout/template/ Frame 8061 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ |
553 B 833 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cacheableShow
buy.tinypass.com/checkout/template/ Frame 4795 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.ca/adsid/ |
107 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 570 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cx.js
cdn.cxense.com/ Frame 4905 |
116 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p1.js
p1cluster.cxense.com/ Frame 4905 |
45 B 634 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 466 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 4795 |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-cta.css
www.nationalobserver.com/sites/all/themes/custom/nat/piano/ Frame 4795 |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 4795 |
32 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 4795 |
58 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 4795 |
515 KB 155 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 8061 |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 8061 |
32 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 8061 |
58 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 8061 |
515 KB 155 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
racc-popup-021.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/uploaded-files/2021/10/13/ Frame 8061 |
416 KB 417 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rep.gif
comcluster.cxense.com/Repo/ Frame 4905 |
43 B 468 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
id.cxense.com/public/user/ |
117 B 690 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 4795 |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-bold.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ Frame 4795 |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
www.nationalobserver.com/cdn-cgi/ |
0 217 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a
www.googletagmanager.com/ |
0 17 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| fonts object| font number| pos number| current_time undefined| key object| googletag object| tp function| advagg_mod_1 function| advagg_mod_1_check object| Drupal undefined| $ function| jQuery object| jQuery110209198848332183265 object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| _typeof function| setImmediate function| clearImmediate function| advagg_run_check function| advagg_run_check_inner function| advagg_font_add_font_classes_on_load function| advagg_font_check function| FontFaceObserver number| pnInitPerformance function| ___tp string| __tpVersion object| jQuery112403559177758478347 object| SWG function| Cookies function| fitvids function| Waypoint object| dataLayer object| __cfBeacon string| waypointContextKey object| cX function| cxCCE_callQueueExecute object| cxTest object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| ggeac object| google_js_reporting_queue object| gaGlobal function| onYouTubeIframeAPIReady object| PianoESPConfig object| gaplugins object| gaData object| cXNative function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_optimize undefined| cXJsonpCBkuxnc1hlopyfgebi20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.nationalobserver.com/ | Name: has_js Value: 1 |
|
www.nationalobserver.com/ | Name: _pc_nat_brief Value: nosub |
|
.piano.io/ | Name: __cf_bm Value: pridbwMZLNUdjjCEoEI0IuHdfTpNcAst6oV7egjMCU0-1634621328-0-AUaWXJA9g6Qevs0VUNuE0q+rfmYXfu7uCtfT851e474hikvsyJuyM/+wsYoXbGZk6yzqa4GFCiJM8VhCZXnoSn8= |
|
.nationalobserver.com/ | Name: _ga_TNN7SJH0J9 Value: GS1.1.1634621328.1.0.1634621328.0 |
|
.nationalobserver.com/ | Name: __tbc Value: %7Bjzx%7Di4cQEliGphDucRXKRMu_I7GFrQ5EYfJox2S2aoRJ6SxSxAvdlba9yv8lJJRzkKbRY7_82fMJmHh_nKOexJkNWv9DGCmRFRq9bTIT-A8bHMI |
|
.nationalobserver.com/ | Name: __pat Value: -18000000 |
|
.nationalobserver.com/ | Name: __pvi Value: %7B%22id%22%3A%22v-kuxnc0pzgeloqted%22%2C%22domain%22%3A%22.nationalobserver.com%22%2C%22time%22%3A1634621328341%7D |
|
.nationalobserver.com/ | Name: xbc Value: %7Bjzx%7DnNUMjcPuw4ZPNz9yZPzSOb6tmKWDj1d-MwUWKluRMrLmygzaZmkTo6AulWfb8b0CI0umAC7IHvVmhG6eQFUITdcgMp2EWcd8QkE5yOvjJZbM9Dyl-uMU-67unfsIjPwtO31WIrxwVm9G5ByJ78K6PbcKkZOzwZXXtp7ggaJenhfi6A6KDHs400aiMtpEjMeDwhTydUERXuOh1Ei16zpbB1n4SbJnou9Cj8JVM-EvMMIABxSJJDq_nRz9J7F57rBiB-2nMvX4HsYYng2TcZSjhRcK48DTerl5QY3PPBAHdbTomHHtVDGlgq8ppZXxZD_aVDDOMNsGb1_I5bP1K7L615TFuJbnu_GORBtS_8alq37LEv1IqHUhcFxVzKDw-j0kEPFxRL8wggFV28ZcOBAMNu0XeNjeMAZO7_MfLEffx0_87Ap7WsYbuXFUWj0U9iz5PI52vc1qcaOeLRUeSaEQuRSThDX4TL__jdl8UDL7T4n-zpRaZMRfCZ76y9SnU_nd |
|
www.nationalobserver.com/ | Name: _pc_racc_ad Value: ep01 |
|
.tinypass.com/ | Name: JSESSIONID Value: 1C5A7DE8A0D6DBAA7E754EDAF86AB314 |
|
id.tinypass.com/ | Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862FFD8DC0100DB03DE8A35C665837989736E1031C5BF0C0A0DD7960FC2B078B108F76BA18347AEE1EE66FE94B12E35163F |
|
.nationalobserver.com/ | Name: _ga Value: GA1.2.1254079693.1634621328 |
|
.nationalobserver.com/ | Name: _gid Value: GA1.2.1771133337.1634621328 |
|
.nationalobserver.com/ | Name: cX_S Value: kuxnc16yw6hdg3rc |
|
.nationalobserver.com/ | Name: _gat_UA-59182232-1 Value: 1 |
|
.tinypass.com/ | Name: LANG Value: en_US |
|
.cxense.com/ | Name: cX_T Value: kuxnc1ehm78snpuo |
|
.cxense.com/ | Name: gckp Value: 3iu7b0a0wsmpb3iavwtzurvhix |
|
.nationalobserver.com/ | Name: cX_G Value: cx%3Auorsu6d2d5do3hrryglpearc3%3A3bbdsij1conm5 |
|
.tinypass.com/ | Name: LANG_CHANGED Value: en_US |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.ca
adservice.google.com
buy.tinypass.com
c2.piano.io
cdn.cxense.com
comcluster.cxense.com
id.cxense.com
id.tinypass.com
p1cluster.cxense.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.nationalobserver.com
104.16.240.21
104.16.95.65
104.17.186.177
142.250.184.194
142.250.185.66
142.250.185.72
142.250.186.174
172.67.26.173
178.63.13.144
23.79.131.70
64.233.166.157
00da5beaded736e13582326e950f13199f4171345b1bf5012dd63e1c3497c903
033791636d1af02f8280763205c4fae69abfa8f3084cd8874f773d1f29262dae
118d246fa1a171fdea765c5e60594474744d24a7b51068d8e76b9bb9346515e3
175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777
176bfe7cb36687664cc83949f5d712047e4c4eb4980c9576fac83b0e489667f4
1d373a76804e73d4307beb520f0d03d366feb1b3407ec08d701f17320ba19546
1da4ec5de8c4f8be7c49bb4ff4dcc779f1704a145a40774bf21bde97913c9827
240240ef6d9a00026c0b2923edabd1fd4f0c08322b61e765fe0e01a1a652c2e5
25fa17a4e304f12ec992c0517f00ffd863eb6c7bcff9d8eabf3e7be179f41012
2679f55ab2375f6497e5018505565f7eb6f9357aa8b2898cc1703f14e93882ce
2b010c0af311f1e86c8787808377c72490935168839248532f54559cca7bd88d
2f42046a4b140494aeb325b877773bb63b96c6ba51d322553f8e748521b4fa6d
355d98dd5eef6f01c79e586b10038db6ce9f108afe7f4eb002b8837b445488bd
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
3688d5a46564d505149b46dc042124d7fc2e9522a977b7b3d9699d72d06cb3e8
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
3fbfc254aa7f778844576dfbf52adad4f3b4e26fce5215f715747259a4c7e146
43ac65a5fb9278ea0895c65fca6d26e537ea041cb82a78f16411ecf8c152b2dc
4c22b6f656365ec3d38db4469c4bfccb020d1ac33ff23cc6636c7a6c09ba2e93
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54dae53c2ef2a3d9664c43b21c1870c4a7fbdfb93355d07bd07593b36d66731a
554193657d8bfeade0cfe6498ffbc85c38b52f5d0ad7a103606de96ef4a6e04d
5e13fdbd40ae83d0900acd15cae1587d6900954e551ce5e116e53dea08754528
670da6057324c35a6a225b69a0f86a10dcb66822817c190d0076023bb881e3ab
678d514175bcdc14e9034fa404383fe512a79e5a8b5edcf27db5edcf400163c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
74050988831abb5b6a81d72f79bffd1557a847c055bd075bcd1be61ee43728c6
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7ada61037c66d48d66e9ca321fcc7bc9eca75f890719b023d7b27c978972ffd6
802689f09d6f9f086f9a0f64b823e5dcffdb1d61ab3f8a0632b9470dc61dbbaf
8bc2bfe2546578ded9f094ce4f3b3ed10b6fcf420e0864b90c2c72085bdd653e
98097dc58980a592ab685d186a763cb6b9a2535b9cdaa843c70c8b2310b4aad7
9bc1f4c0d1874da67cc6df454c4f6c8ec9210afede7cc3ad8274b8f5309c46e8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a96b33cb7b288e30650e9e9a67c9fb5dd2a00ab3daed7be3801063ffb832ec34
aa94e5578f01dac545232f9913a16745c2a354aeec4899c8e889447617878be0
ac128959e09c9d5725e6ea014b2a8bb5bf6411666034c3a9590741ddc7f0cd99
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
af9ed735699b2c89a445cbc8475f14e140d1eab8b7bb5a9d64cecf71dc9efdc5
b34a571f05f5d1f4f413da624877502d4df696d7584c718bea4d09acd20ab75d
b38250218516fc16f40802dd5f6a2aeaff51737a52c6189dcfdd1edfbdd3769a
b3da617a1551ba7c821ca009b983b1ee0572d722934986bb4e5c835e6d7a4808
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
bd7e53ddcb7343d6ac15803f17eacc350511a1d3ad4b86d81edc44587ec6e5e7
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c4eb3789b30cb3d93898f683dd8b4e2f3b461be4e749f11ae7013d87afd4a930
c4f1be09662921ddeea6dc561b5771a0457dff6587edeac46a26e6f049fd6330
c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004
cbca01ad934f7f7a1d464bd6443302a277b2375fb04c980aea6d7f06367b7d94
cc1f585f48b63cbb941ff28d3889e90404aeb1c61a3a486c6c1e69117bfe4660
d7033af9e04d653d666fd47a6215e0b73df5620e7af6c47bf330f3077a739e3c
da22a7a7d42d0bb5a380f6e9bb8d9775f0937b5bc6148d1eabf1266ff0e1c85d
da451bd198088895acc87169a1e864fa238e560e4e37021febbdc501a50be8e3
db2bf739894d967c9c67daef813f4d538f45ae1d626c234cc17ce34ae6635f77
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ccecf8c8b87400d9ea7bbe69a109811deffaf4cf6f7f0a22c9eb334ff4f266
e1e335883e6bc39e6d4d8d1cad52de0fdd71c777d492979729af976fff0d1975
e2ca57732f2615c3d28a07ee1ce293c55183bac4fac215a6644c2fe5def35855
e2cdfe9a31f99c281157d07eef858cceffafd593aed90770ea56bf4fbb0e38d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b2f9264e3df7d0c91d5f292e0d5883e9dd681099e7b424dd82ddb1b5f4689d
e96b90ee9347459521de590a2a440f76210688449beeee1c686424660a61e9ed
f292f7118ab57a29a16b441c1041399048c314dcd2199f78f612d19f5a972c9a
f2e2a4ac990ceeffadd255548eaf3a4d9ccfbe29dd1210248626655f0a6926c3
f4c2c288f582e400faf54b4c912fabb2d9964e55b6a4c1344d40672bcd5eaa83
f74a50c793fbc388c4b01a022f6f1065e1b7dabe5abf9857bfe9e7efbac05095
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62