www.nationalobserver.com
Open in
urlscan Pro
2606:4700:10::6816:4c72
Public Scan
Effective URL: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium...
Submission: On December 07 via api from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.
This is the only time www.nationalobserver.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com | |
cdn.tinypass.com | |
id.tinypass.com | |
buy.tinypass.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
adservice.google.ca | |
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
nationalobserver.com
www.nationalobserver.com |
4 MB |
5 |
googlesyndication.com
d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com |
13 KB |
5 |
tinypass.com
experience.tinypass.com cdn.tinypass.com id.tinypass.com buy.tinypass.com |
130 KB |
4 |
google-analytics.com
www.google-analytics.com |
52 KB |
3 |
doubleclick.net
securepubads.g.doubleclick.net stats.g.doubleclick.net |
99 KB |
2 |
facebook.com
www.facebook.com |
334 B |
2 |
facebook.net
connect.facebook.net |
93 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
96 KB |
1 |
google.com
adservice.google.com |
803 B |
1 |
google.ca
adservice.google.ca |
803 B |
67 | 10 |
Domain | Requested by | |
---|---|---|
42 | www.nationalobserver.com |
www.nationalobserver.com
|
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
2 | www.facebook.com |
www.nationalobserver.com
connect.facebook.net |
2 | connect.facebook.net |
www.nationalobserver.com
connect.facebook.net |
2 | experience.tinypass.com |
www.nationalobserver.com
cdn.tinypass.com |
2 | www.googletagmanager.com |
www.nationalobserver.com
www.googletagmanager.com |
2 | securepubads.g.doubleclick.net |
www.nationalobserver.com
securepubads.g.doubleclick.net |
1 | buy.tinypass.com |
cdn.tinypass.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | id.tinypass.com |
cdn.tinypass.com
|
1 | d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.ca |
securepubads.g.doubleclick.net
|
1 | cdn.tinypass.com |
experience.tinypass.com
|
67 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
static.nationalobserver.com |
www.youtube.com |
national-observer.myshopify.com |
www.vancouverobserver.com |
canadianjournalism.ca |
www.facebook.com |
twitter.com |
instagram.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-03 - 2021-08-03 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.piano.io Sectigo RSA Domain Validation Secure Server CA |
2020-09-17 - 2021-09-17 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
*.google.ca GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=e9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23&utm_medium=email&utm_term=0_cacd0f141f-e9a54ff860-277178234
Frame ID: 195C92EF8C28302D6A936EBB545758CF
Requests: 65 HTTP requests in this frame
Frame:
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLHkchzx2UChEFbS0gabZGeMQV3kpdgKo6r83iUorpC46u5lz72h05wNxdUA-ir192zxN7t4maIQqfpQ7JU9BTyihBAPFxMHAMHUwtbBt2Ti6P--iuIjYrHmunXCDBQMimQXW3uUucOBM0IRQTwo3AQK0WyzPlayVLIQcVs8jdx2vFq-LhyC4ofOzFI1RZTHIwCVubiAlDJOuqEmN4KqWCeU6bYus3CeOvvFPxI9Zp-UplHmVcSNh6W2JO4u3a3tKx50j5frKkG_qRo6Q-e4H82PoRSxYrWDzMke_bMdrxQvTS4omy0ZI8Lzi6ljo66BVWg0ctfjvAB2sFA-XF3gvHX0prWb6nwBV1X-EE_BZ4vrgUd9mwHy_Z42W9eQoC9NJDrno7zUZ8mFMHGYxwqzPL_kwS5ftAQAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I3QGIS8Qk1liE9eZiz3OVSXiYZrerLBy5Lc6cZFR50kWTn8EMhF5rxyUMXgDk8HdlR5_3GI29ci3NhtaW_lzM4dKDWcPeuVyobzm-t1YGgnSCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-xVAvs&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3De9a54ff860-EMAIL_CAMPAIGN_2020_12_07_01_23%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-e9a54ff860-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-07-14-27-23-535-XFxVXZnX4DuRr7TQ-c410e4313b8a81a1a4c2f029ec8f1012&visitId=v-2020-12-07-14-27-23-537-iiaTHy1jo7syo3uB-c410e4313b8a81a1a4c2f029ec8f1012&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=b80f434e2d
Frame ID: 28C25F956C2873E7F90731E093EDABF5
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: DD40E6707DEEAFD50BA37B255D05008F
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Drupal (CMS) ExpandDetected patterns
- headers expires /19 Nov 1978/i
PHP (Programming Languages) Expand
Detected patterns
- headers expires /19 Nov 1978/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Download
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: VO
Search URL Search Domain Scan URL
Title: CCJ
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.nationalobserver.com/ |
75 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-bold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ |
22 KB 22 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-regular.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ |
21 KB 21 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-extrabold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ |
22 KB 22 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__vUf_ik4QAZbJWPRit307QMAXz244W6C61-FsIJIafbQ__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
215 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__7CoYRXvilNXMJmk-e7jXIAWgokbjiIeEY3cjNCCmx1w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
54 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lji_canada.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/ |
103 KB 42 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
167 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
79 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020120201.js
securepubads.g.doubleclick.net/gpt/ |
278 KB 98 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
national_observer_podcast_image_02.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/04/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dr._lem_main.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/12/04/ |
542 KB 543 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
181003_-_cos_-_steve_clark_-_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/04/ |
119 KB 119 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
elk8zluxuay7iw8_0.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fiscal_anchorcropped_shutterstock_1780539335_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ |
165 KB 165 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ghost_gear_in_maine_-_alexa_goodman_4_mp.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ |
132 KB 132 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rjb11970573.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/07/06/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201205141224-5fcbde78f0eecdad4adcc1ffjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/06/ |
114 KB 115 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc_ferry_loading_main_deck.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ |
149 KB 149 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2020120410120-5fca4ef57ad13735596783ccjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ |
103 KB 103 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
201204_tenant_protest.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ |
200 KB 200 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201202221248-5fc860240a5307b0ef43fb92jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201203141224-5fc93bf75e3dadb04534ded8jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201020161048-5f8f4d16c09fa369382a6e3ajpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/20/ |
13 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
132 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_footer.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load
experience.tinypass.com/xbuilder/experience/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2020120318128-54670e61b56f5f2144bb6fb244a491f7560452dabccf80a9a6909e0d502f46c6.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/04/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_2522-57.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
doctor_bonnie_henry_dec_covid_briefing.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ |
22 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ciat_gene_bank_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/03/ |
70 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophiahu2_3.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/12/02/ |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bugaboo_creek_clearcut.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_9448.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tinypass.min.js
cdn.tinypass.com/api/ |
393 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
132 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
89 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.google-analytics.com/gtm/ |
84 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
161351677799122
connect.facebook.net/signals/config/ |
238 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/g/ |
0 123 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.ca/adsid/ |
109 B 803 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 803 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
1 KB 1004 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
testing.00_00_57_14.still022_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/09/14/ |
50 KB 50 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
benefits-of-fuel-cells.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/08/17/ |
31 KB 31 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
untitled-2.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/05/28/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 73 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verify
id.tinypass.com/id/api/v1/identity/token/ |
208 B 1021 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 91 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
execute
experience.tinypass.com/xbuilder/experience/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show
buy.tinypass.com/checkout/template/ Frame 28C2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 77 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame DD40 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| fonts object| font number| pos number| current_time undefined| key object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| mapping function| FontFaceObserver function| advagg_run_check function| advagg_run_check_inner function| advagg_font_add_font_classes_on_load function| advagg_font_check function| advagg_mod_1 function| advagg_mod_1_check function| advagg_mod_2 function| advagg_mod_2_check function| advagg_mod_3 function| advagg_mod_3_check object| Drupal object| dataLayer undefined| $ function| jQuery object| jQuery1102049485512283660427 object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| _typeof function| setImmediate function| clearImmediate function| Cookies function| fitvids function| Waypoint object| tp string| waypointContextKey object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ___tp string| __tpVersion object| jQuery112406448489097388521 object| SWG function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| google_optimize object| PianoESPConfig object| GoogleGcLKhOms object| google_image_requests15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nationalobserver.com/ | Name: __pvi Value: %7B%22id%22%3A%22v-2020-12-07-14-27-23-537-iiaTHy1jo7syo3uB-c410e4313b8a81a1a4c2f029ec8f1012%22%2C%22domain%22%3A%22.nationalobserver.com%22%2C%22time%22%3A1607347643889%7D |
|
.nationalobserver.com/ | Name: __gads Value: ID=bc39e296dc32deaf-224b2ac458b9003d:T=1607347643:S=ALNI_MZBqnFJ8w7NAYWJZQsVkjTztwu49w |
|
.tinypass.com/ | Name: LANG Value: en_US |
|
www.nationalobserver.com/ | Name: has_js Value: 1 |
|
.nationalobserver.com/ | Name: _gat_UA-59182232-1 Value: 1 |
|
.nationalobserver.com/ | Name: _ga Value: GA1.2.1830286564.1607347643 |
|
.nationalobserver.com/ | Name: _ga_TNN7SJH0J9 Value: GS1.1.1607347643.1.0.1607347643.0 |
|
.nationalobserver.com/ | Name: __tbc Value: %7Bjzx%7Di4cQEliGphDucRXKRMu_I3QGIS8Qk1liE9eZiz3OVSXiYZrerLBy5Lc6cZFR50kWTn8EMhF5rxyUMXgDk8HdlR5_3GI29ci3NhtaW_lzM4dKDWcPeuVyobzm-t1YGgnSCVG_RXn-uiONfDaQYYJiQw |
|
www.nationalobserver.com/ | Name: _pc_nat_brief Value: nosub |
|
.nationalobserver.com/ | Name: xbc Value: %7Bjzx%7Dc9TIG17mMMcS93JkVF9a--gbnkfPyaiKffFmoIJ1RYsYzgNDvRkFcCUDrjrYDcfIJilLjYultg2YNVkHwX1gakj1nBN_aA-UJvSFn_H2iv9C-tZPZi64C_nP7C8dNTwko8xZJFGi3TvBoKDuT4tf8lFFkktBKNKRz0NOIimq90R37hFFKi7rZHUN2neyAVOSHoQQFhAKn0VqTFAHZ2kHpS1eb8JPhn6Zvo-Cz0ABJGqaoqTB3XzPY2BYD1yFo5woyteU3trKTmOWCVl6Ke609qusXOpzryIEqQ7AIxqW89-3NkwkvZgHYSPkUTom6T-ONhNLijgJfBwchIOfSyWyvjHkMubwwUlEY37pXEa1Jj-TBdbjVCARyUVQe6j2yz2J |
|
.nationalobserver.com/ | Name: _fbp Value: fb.1.1607347643621.639216368 |
|
.nationalobserver.com/ | Name: _gid Value: GA1.2.930514493.1607347643 |
|
.nationalobserver.com/ | Name: __pat Value: -18000000 |
|
.tinypass.com/ | Name: LANG_CHANGED Value: en_US |
|
.nationalobserver.com/ | Name: __cfduid Value: d3958325c09a70e9590d8b86c7a645ff61607347641 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.ca
adservice.google.com
buy.tinypass.com
cdn.tinypass.com
connect.facebook.net
d351aece7dd1269e3bf94fb41cd3388a.safeframe.googlesyndication.com
experience.tinypass.com
id.tinypass.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nationalobserver.com
172.217.18.162
2606:4700:10::6816:4c72
2606:4700::6811:b6b1
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:817::2001
2a00:1450:4001:817::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c07::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
005a9e50b27cc1e283e22e4fbb909bf772540406c9c5bc95e448183badbb2e28
014b3e27de494c82bea3c412a19d4c5453b2e21ccd5520b19b864269711d3a44
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046
06091d2d68425c5493c423bd22a31fdc8c8c39a148da84046a9a5b92ed27fcb4
0dce8d555c31ffcff1f0b9e87617ed08e5c1093cd483255679b764a157045ab6
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138
244d16a08703807b0c8d7a435dd33d54bbee11e0cae7238a40b0d48d0087800a
2533bdfc95048ef071dcc5e86fbec139e966ae8c889ec3f7d74c4faaba8a006b
2b8a820b6eaa5f853e33f05d25200ac78d72d0ec600c583512361a3bbedaea43
2db7bdf3364f27430b4403265b23d053e2c376709a3df925a0f1e2163669b78f
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f
3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19
4398d8160e34899a97b7f90f86dd1b9bab3d81eec5ee358a34ca60e91b8b4c2d
44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50
49284bb366958716de45b05bf6183f453429aad675288c7bba59306b083e85f7
4989faa43ccca1f974716283a15c80397cada4ae35d83707b5552f0b2b531c38
4e490897f21d56fe35ad7028d6104d11a9193e58e6872764d56f78d814198675
51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64
5aab2a7bcefc050a409672ec537c23333a312439d36595e3041ca0ffa27a0050
60fb90ce2e74a758518d298397b0a18a738c521d2e1b9054e3d45f96fe4e1de9
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
7f3797465c83f504ab421bf977255569f184ddf89f962d2f15076601b36cd9c8
80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d
8545f1429626818614f9c6de8a27a39c625bbb89da097d0f524baf27880ef9e3
8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9
97f5b56d5d0d7bf0fd4cbcfc4982c285c065291ad14c5a7c2a21e0fc9b9155fe
995aeff23713dfc6392cc98e8f9c74e0cf4b84e16f3184a870f8f0d53a1b556b
a1916fe808362b08a11ad58504cc4b9c71368e4f528ed2f2de2b81944dd27cfa
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
afe4d27f1e989c5a6cb13084af3961ddd488ad0cbfdecf5b1c920a9316423b07
b5801b901f88b3bd5cb8668526f696cf2bf063c2b3083826ed8528c364731835
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
ba404e05fa1982f8ecd46594ccce3b4fd1dfa6254abde0724b258fcb5c295ef1
bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e
beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4
bf3668dc254abf86667abe19ddc8f6d0d2cc120bcfb7989382dde3539904b1cf
c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0
c7cebcaad8b823a885c4b3b0b332ea3adb2263491f88509dd3f13e7a6df89f51
cf0513de7446a33420fc157450a47446bf4939aafbea5ecb8f3457d71ceab846
d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008
d2cc19a8374f51559e762cfb83103cd1ef855b6d5d13fe99e8f796535266791b
d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40
d9ade90b04a5c3909a028287ba3ac9b24c8fcfbf24edde5f17fc83b4df05c85a
d9ee367c880576cbb3dce2243f8bd3404d3c028b2a15288bbf312914ca491705
da5c0b2a766c22cfefc2d860f81e0d3070db9b3d1cc8855c5f2786b69e097827
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8159da4270b46b0b12a9492ef295b72247905dfdecba777a9b0f1dee0d26a8e
ef3d90ec313b167646475aff55c4bf5e395e7d25f07ae897a874dd9e4c5f1672
ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1