www.nationalobserver.com
Open in
urlscan Pro
2606:4700:10::6816:4d72
Public Scan
Submission: On October 21 via manual from US — Scanned from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.
This is the only time www.nationalobserver.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
id.tinypass.com | |
buy.tinypass.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com | |
id.tinypass.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-112.iad55.r.cloudfront.net
static.hotjar.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN54825 (PACKET, US)
p1cluster.cxense.com | |
comcluster.cxense.com | |
id.cxense.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-41.iad89.r.cloudfront.net
script.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
nationalobserver.com
www.nationalobserver.com |
2 MB |
10 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250 |
94 KB |
10 |
tinypass.com
id.tinypass.com — Cisco Umbrella Rank: 15120 buy.tinypass.com — Cisco Umbrella Rank: 7378 |
68 KB |
7 |
cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5598 p1cluster.cxense.com — Cisco Umbrella Rank: 10775 comcluster.cxense.com — Cisco Umbrella Rank: 5196 id.cxense.com — Cisco Umbrella Rank: 11611 |
81 KB |
6 |
piano.io
api-esp.piano.io — Cisco Umbrella Rank: 15109 c2.piano.io — Cisco Umbrella Rank: 5898 |
19 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
305 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187 |
88 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101 |
60 KB |
2 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 |
133 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
157 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 116 |
185 B |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113 |
7 KB |
77 | 12 |
Domain | Requested by | |
---|---|---|
32 | www.nationalobserver.com |
www.nationalobserver.com
buy.tinypass.com static.cloudflareinsights.com |
10 | cdnjs.cloudflare.com |
buy.tinypass.com
|
8 | buy.tinypass.com |
www.nationalobserver.com
buy.tinypass.com |
5 | api-esp.piano.io |
www.nationalobserver.com
|
4 | cdn.cxense.com |
www.nationalobserver.com
cdn.cxense.com |
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | connect.facebook.net |
www.nationalobserver.com
connect.facebook.net |
2 | securepubads.g.doubleclick.net |
www.nationalobserver.com
|
2 | id.tinypass.com |
www.nationalobserver.com
|
2 | www.googletagmanager.com |
www.nationalobserver.com
|
1 | www.facebook.com |
www.nationalobserver.com
|
1 | id.cxense.com |
cdn.cxense.com
|
1 | comcluster.cxense.com |
cdn.cxense.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | p1cluster.cxense.com |
cdn.cxense.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | c2.piano.io |
www.nationalobserver.com
|
1 | static.cloudflareinsights.com |
www.nationalobserver.com
|
77 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
reddit.com |
www.linkedin.com |
wa.me |
nationalpost.com |
www.twitter.com |
static.nationalobserver.com |
www.youtube.com |
instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
piano.io Cloudflare Inc ECC CA-3 |
2023-03-27 - 2024-03-26 |
a year | crt.sh |
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-14 - 2024-04-13 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-07-31 - 2023-10-29 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.nationalobserver.com/2023/10/19/opinion/petulance-point-pierre-poilievre-Liberals-Trudeau
Frame ID: 00703F93C0E36B1B5645BC5B46D72680
Requests: 53 HTTP requests in this frame
Frame:
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Z9bvuPACYA&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&experienceId=EX8NZMGWGKII&iframeId=offer_016b323f9b2526ed6855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.nationalobserver.com
Frame ID: 3D0F50B6FB3FC8868498414250BA01EC
Requests: 18 HTTP requests in this frame
Frame:
https://cdn.cxense.com/sp1.html
Frame ID: 706871D2E8BA751346FCE6D02AC43F50
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Petulance is the point for Pierre Poilievre | Canada's National Observer: News & AnalysisDetected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
- \bangular.{0,32}\.js
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: already announced that it's suspended
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: @maxfawcett
Search URL Search Domain Scan URL
Title: Advertise
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
petulance-point-pierre-poilievre-Liberals-Trudeau
www.nationalobserver.com/2023/10/19/opinion/ |
72 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header_sm.svg
www.nationalobserver.com/sites/all/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-extrabold.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-regular.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-bold.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noto-serif-700.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/noto_serif/font/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noto-serif-500.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/noto_serif/font/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screenshot_2023-10-18_5.28.24_pm.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2023/10/18/ |
823 KB 824 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__kc6kl0ObzriGX5O1gvkndAAoh9opfvKq44q8P4nm1Tk__M2yrNHCo3KTFuaZHcGzl0iV7j7x2HlnRsGxyM36Oklc__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
32 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__I-6ri1KwjnT3zv9PjcRRyK58IekpGu4HKcKb_bWOXVw__xlBBmxHE8g9aMk1ZMm0oWJo7srBky8ot8RWzAExOZmk__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
308 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__336VHsIAzRFsU0A1lZsHHUYOIneY6PG4VlBOMlvpHW4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
89 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__uYYRdpRbD6lXn1bVwtL42BLc8NTk48rvG6-F_Ftk--8__WrJWA-fOV8669lrs5sq1iyWLJ8EmpiCzHQJn8mHpXvg__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
356 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__LOTzmTjOEyBYTRa73tu6Fj3qY7yfNxJxX3y1JUwojnc__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__E3u8USQplSZ5KJ7H1a04va3fLnxx2SBJ-VuwgI4-0Sk__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__aStMQM3iUFCkbJq9FY8aIesIcPj-89MaJ7zMhQs-XBg__MSqvSoXHtcGlHLnj9FpuTa9ZUCnBmcWiDJvxLYzLkms__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
369 B 446 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__uT2V2kit4OxUn0xI7C4UWCWdRyPUroxotAG8P9paj9o__3yGVNNgDpQtHtxbo25x4HH9__KRUBNUkZB7lvQdJGW4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
166 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__2SmPBejOqNfyHBCEF-s0TVOXFxmVQZKdedl8RfrQRu0__-b2fSlapSCOtO-WibTr48WKUJEgjQ5JrafwTjY49kl0__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
95 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__iIopoO5Rr_BirohDYggQ6ry6eWnS0V8gZhYmFtbD18w__nACi_HASQonujQ9dA_qm_EvyrKNeiSRV4wT_QpJ2YDY__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
82 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__GyfQ5MxtMu8LxLRTeNDWgAUb1EZGM64HpQNuri2YZTo__HMBPa-bRReowew9Zd34FNb8ufCz5NR_Tddh2_i7oGmA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
90 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_footer.svg
www.nationalobserver.com/sites/all/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.svg
www.nationalobserver.com/sites/all/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screenshot_2023-10-18_5.28.24_pm.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/article_header_xl/public/img/2023/10/18/ |
945 KB 946 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15493e4838f73d8e8c3b6b95999b2962810f5428f24a7b54d2c371f66b073621.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2023/10/18/ |
85 KB 86 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6g5a2783.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_thumbnail_small/public/img/2023/01/31/ |
884 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top-image.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2023/10/16/ |
92 KB 92 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charlie_angus_nr_committee_oct_16.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2023/10/17/ |
45 KB 45 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
200 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
api-esp.piano.io/public/sdk/v04/ |
43 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
256 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cx.cce.js
cdn.cxense.com/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verify
id.tinypass.com/id/api/v1/identity/token/ |
206 B 975 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ |
421 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
46 B 582 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
509
api-esp.piano.io/publisher/fusion/lucid/data/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
509
api-esp.piano.io/publisher/fusion/lucid/data/ |
606 B 551 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cx.js
cdn.cxense.com/ |
110 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
execute
c2.piano.io/xbuilder/experience/ |
12 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ |
588 B 667 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-black.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-black/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cacheableShow
buy.tinypass.com/checkout/template/ Frame 3D0F |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
newsletter-signup-form
www.nationalobserver.com/ajax/ |
7 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp1.html
cdn.cxense.com/ Frame 7068 |
672 B 747 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3336217.js
static.hotjar.com/c/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
199 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 260 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cx.js
cdn.cxense.com/ Frame 7068 |
110 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 3D0F |
26 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-cta.css
www.nationalobserver.com/sites/all/themes/custom/nat/piano/ Frame 3D0F |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 3D0F |
95 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 3D0F |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3D0F |
104 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3D0F |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3D0F |
825 B 751 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3D0F |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 3D0F |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 3D0F |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 3D0F |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 3D0F |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 3D0F |
32 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 3D0F |
66 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 3D0F |
120 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p1.js
p1cluster.cxense.com/ Frame 7068 |
47 B 638 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-regular-italic.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular-italic/ |
21 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.e1dfa7708b9d9a8bea71.js
script.hotjar.com/ |
228 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
verify
id.tinypass.com/id/api/v1/identity/token/ |
206 B 575 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 3D0F |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-bold.woff2
www.nationalobserver.com/sites/all/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ Frame 3D0F |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
862
api-esp.piano.io/tracker/lucid/visit/ |
65 B 730 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
862
api-esp.piano.io/tracker/lucid/visit/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
161351677799122
connect.facebook.net/signals/config/ |
133 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rep.gif
comcluster.cxense.com/Repo/ Frame 7068 |
43 B 468 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
id.cxense.com/public/user/ |
102 B 675 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
www.nationalobserver.com/cdn-cgi/ |
0 168 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
gaAccount
buy.tinypass.com/api/v3/anon/assets/ |
52 B 192 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| dataLayer object| fonts object| font number| pos number| current_time undefined| key object| googletag object| PianoESPConfig object| tp function| advagg_mod_1 function| advagg_mod_1_check object| Drupal undefined| $ function| jQuery object| jQuery110202569328576402128 object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| _typeof function| Cookies function| Popper function| Tooltip function| fitvids function| Waypoint function| advagg_run_check function| advagg_run_check_inner function| advagg_font_add_font_classes_on_load function| advagg_font_check function| FontFaceObserver boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| __cfBeacon function| gtag function| setGoogleTagConfig string| waypointContextKey object| ggeac object| google_tag_data object| google_js_reporting_queue object| PianoESP object| cX function| cxCCE_callQueueExecute object| cxTest object| ari object| google_tag_manager function| hj object| _hjSettings function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal function| modalEventHandler function| modalTabTrapHandler function| modalContentClose function| modalEventEscapeCloseHandler function| modalContentResize undefined| google_measure_js_timing object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules undefined| cXJsonpCB126 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nationalobserver.com/ | Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmATgHZu-AKwdeADmHiADACYAbLOn8QAXyA |
|
www.nationalobserver.com/ | Name: _pc_nat_brief Value: nosub |
|
.nationalobserver.com/ | Name: _pcid Value: %7B%22browserId%22%3A%22lo09lv4blpmnizxi%22%7D |
|
.nationalobserver.com/ | Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9 |
|
id.tinypass.com/ | Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862274343263B441C07542FF48E5D6C7E069396FD8CE98F5F53CCD59D12D0C0A7BDEAF1669B7F0778462878CDFCE74EA6E4 |
|
.nationalobserver.com/ | Name: __pid Value: .nationalobserver.com |
|
.nationalobserver.com/ | Name: __tbc Value: %7Bkpex%7DCTwSlrXvJpUDjJeBGrnn4PzXb_q0SwlEYIUAzxyb9pTQgxdTTeFfrKlyD5gAL3f- |
|
.nationalobserver.com/ | Name: __pat Value: -14400000 |
|
.nationalobserver.com/ | Name: __pvi Value: eyJpZCI6InYtbG8wOWx2NGozaWdvcmw2NSIsImRvbWFpbiI6Ii5uYXRpb25hbG9ic2VydmVyLmNvbSIsInRpbWUiOjE2OTc5MDYzNTkxNjZ9 |
|
.nationalobserver.com/ | Name: xbc Value: %7Bkpex%7DF3B67bCc8ILP-yH13i1gDy_ycm6vMgXxrLe3A-vwzt2VoyTFXxcccpe0Lhq_AH7vP0N6pnTX-NcYaragJgSAN2sFLplAOTTqXdh-p9NL2nJ3SYCXpo6tlNVxF6S2mfgPtoycvWHb84E2IJfsH6BZ7CAN5GQxjAcP4I5rnMt6AfRiNwq6Av2rwutVJsHAe7LaQ-szOiT0Yuc-hn0rluQDgOS6V99rukZbcdNyPrY3rPWn8_n9TcfMQsLzNSki-QU7aTDPWy-_VeHGOArCe6oLFw |
|
.nationalobserver.com/ | Name: cX_P Value: lo09lv4blpmnizxi |
|
www.nationalobserver.com/ | Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1697906359230%2C%22visitNumber%22%3A1%7D |
|
www.nationalobserver.com/ | Name: pnespsdk_visitor Value: le15gmqcgh0vdtn7 |
|
.nationalobserver.com/ | Name: _ga Value: GA1.1.857047286.1697906359 |
|
.nationalobserver.com/ | Name: _ga_TNN7SJH0J9 Value: GS1.1.1697906359.1.1.1697906359.0.0.0 |
|
.tinypass.com/ | Name: LANG Value: en_US |
|
.tinypass.com/ | Name: LANG_CHANGED Value: en_US |
|
.nationalobserver.com/ | Name: _fbp Value: fb.1.1697906359693.442578798 |
|
.piano.io/ | Name: __cf_bm Value: 9gS4uwl8CLzcvxpkxH7MBiyj.OsT2p3V79i72xbirns-1697906359-0-AQfL4yuPVk/qL3D9CMXpJu8aXdsBeIRTfD2z/XA0vhNNPth9wErrVW3iXUZlzLAhKrIzZlEY/NQpu9GojbO6rX0= |
|
.nationalobserver.com/ | Name: _hjSessionUser_3336217 Value: eyJpZCI6IjdkODE3YjI4LTg4ZjMtNTBiNC1hODExLWQ0MDg0YzMzNzdhYSIsImNyZWF0ZWQiOjE2OTc5MDYzNTk3NDUsImV4aXN0aW5nIjpmYWxzZX0= |
|
.nationalobserver.com/ | Name: _hjFirstSeen Value: 1 |
|
.nationalobserver.com/ | Name: _hjIncludedInSessionSample_3336217 Value: 0 |
|
.nationalobserver.com/ | Name: _hjSession_3336217 Value: eyJpZCI6IjI3NGY4ZmFmLWQ0NTctNDFmZS1hYmM4LWVkNDk4ODZhNzg3YSIsImNyZWF0ZWQiOjE2OTc5MDYzNTk3NDYsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9 |
|
.nationalobserver.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.cxense.com/ | Name: gckp Value: 1igb3dv5wn4h13uyymryze7pb3 |
|
.nationalobserver.com/ | Name: cX_G Value: cx%3A15qzo3t7lgqupfr8kxfxtemyl%3A14nj9ra0jvgdb |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-esp.piano.io
buy.tinypass.com
c2.piano.io
cdn.cxense.com
cdnjs.cloudflare.com
comcluster.cxense.com
connect.facebook.net
id.cxense.com
id.tinypass.com
p1cluster.cxense.com
script.hotjar.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nationalobserver.com
145.40.89.32
18.160.41.112
2600:1408:c400:786::268b
2606:4700:10::6816:4d72
2606:4700::6810:3965
2606:4700::6811:190e
2606:4700::6811:c276
2606:4700::6812:907e
2606:4700::6812:dff8
2607:f8b0:4004:c08::61
2607:f8b0:4004:c1b::8a
2607:f8b0:4004:c1b::9c
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
99.84.191.41
031a34f0462e6bcf11bba0d4ebfcdc6b563e483615853e7d19818f0c74901bc6
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06c76ef1207f716e722554aff1c6bd43ef67bda8ef6e2dcea57229ec69105e33
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0ba3e1657fd14d5b545c3738eec955ba06fd01f1d20f86f3294bc70ef6792fba
0c7f4d143d8910d1861d5eacc5e441279d7fd7ea5b86b37358f19d97513f6ba0
0d9f133eb8e3bc61b2c628e45dc0ca27b89af101019aefd30dc79ca8f228af6b
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1ad18fb2dbf1213c887e0aa5d2b61b64d88ed89d8194ce980333248ddae01e52
1af28d40328257cfafdebea0f5beab9e08e69c6a3bc5a3775795d3aadaf59b34
1ba27dad10c83f641745d7116457405936303ec9449fb4c80b0db33397703e05
20873902e0fac67d493b3ea96ae45bcb6f380937822f893416d77e8633c622d3
21ff524f44f8efb3318b45e6671613f5946324707a7bda76dbe8d3f64f849df8
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2f801d8a19e8a1b9df0436edb1d0e0cb5a78a067419901766eacfb28f3c4bccd
33d5a2c362dca304b77867ae85ebcfbc0ebf503734337e4fac3a0d872ff3ace4
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664
3f1cc3eb4e89046c863bd7ec83c3adbcc288f169285ee5f0b660ec0d902550bb
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b03555e7fc0815082fab3d895ff0940e6ba3f08eb35a8141590da30911ea08
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61ccf05c8ee59960dcf735dc1ce035daa13714b745a298d8e9b97ee2d9d62205
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
69b897eae22776319eddf4b4ca1749c9e4f2d8ce444fb48fb01011bc7394a383
6cb85e77f5dd1d3bdb867ad741af2948ecad6303d9d7d3a8f47334a8aec99779
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
7ab619e2032c2ac25c71e5f1dc1efc5ee2e122b34767ecac6765412b852e5c53
7be796c11d166706366134087a7a7e3e472f9dcdea1ce489a55d1bb31aa9664c
7c292f7b157632b50d865c1c3cfa7ca29b8b6b96c27594ff6ae1fad59921c3c0
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
8b8a31dc38a726c07bc5817381276d66af464f791f9395c55b00f7c4dd94e68b
8c2faa10a7afe45cf6ef6078e7d6d6384e4af95f79d33ecf508b4fed7ce4618c
8c5f7694b60f0a0d94a706f409722e6d79577c88ba47e41f19935f834246e3d6
8cdcd2a93750d1edf717cd24fca878487845b18758d944422fd8b00ad12b63fb
8ffe76ba71b92e6e6081611c692a2bfe28defe2cb663106110ac8a0ec0ba7560
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
9790c0f7135ba81a32b90e35345361fdd07dc15b238c02886a1b35c0b1890a01
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
9dcd89e3ac73014c6f5178214360c242ab95af5eac4428acb41e7c2e2f018552
9ec24ff8687576efe4f451c0417c0e4629d11901494b083c8c18386fbb5782ca
a09f946822a01f3a4d6d7b015f32f055dbd54c9f8c9a9e77ff56fc439da539f5
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
aae73c98b77dda885231e0f9a4714e0d0a68ae33534069643c2c623d4d782ce0
ab69be033fb8e834d0b6a15df5072a869c0e64204c09d4015e28bcdf8ea4d5d2
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
b9e1ba40e5ee20a84f49ca8d65b4afd47597c76087df046ec4597dd97f8681dd
be12f3e9af70a40beff5564735ee33262c2a24c20a516c6f4bd8ab862b1599a6
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c50d30ef013d024cbe880f7d805df3adbac426d52de535444fa50ba6d3fa94b5
cdb0da8c992149dd930cdc57ff5b5bb1102f1574cee0749626b24638f8a187d0
cfe1b82466128be9dfe6f4d4b07cb9c07421ae1055790a04289ce403011c122c
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d4c8c486dc67c306af7742d3d16541d6b0f1840e499c05754ebd53c2a007d182
d65771a08a78fa59940bb21d80a81aedf70c31df23f26ce16405eb69b8b580c2
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e2a4ac990ceeffadd255548eaf3a4d9ccfbe29dd1210248626655f0a6926c3
f9415d29b2911d9fc6cde3a4d6001f40c63310bb15cb3e9015a33d1ab6472bee
fc62aae4affe1d6edd0c24bd4233c1746f4b46027f3435dc017e848dd0f62610