northerntokers.ca Open in urlscan Pro
172.67.183.211  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response northerntokers.ca/	7 KB 3 KB	198ms 159ms	Document text/html	172.67.183.211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88375232aa0ab0729284aed2b30cd6ebc2ad52df04e3327e4ad2d7b46cba4064 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, must-revalidate, private cf-cache-status DYNAMIC cf-ray 892c42be6950ab46-YYZ content-encoding br content-type text/html; charset=UTF-8 date Wed, 12 Jun 2024 19:31:22 GMT expires Wed, 12 Jun 2024 19:31:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPTQIt3HmPeynfJ2BP0TNm6GFbvFCPf6xmMPddASyhXbA7uxnilTvBXCb0be8oJ%2FGE1wONTQinMUov32vIqQycWKuuxOAbT%2BHMoa523G3U%2ByRj1x2EVTZaJmFsRYPetVOiMsTg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-dashnex-id 31579
GET H3	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/	138 KB 26 KB	69ms 27ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1029 strict-transport-security max-age=31536000; includeSubDomains; preload age 2536150 cdn-cachedat 10/31/2023 18:59:19 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"04aca1f4cd3ec3c05a75a879f3be75a3" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 735c3d334090f7057008244daed681e2 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 892c42bfac00ab78-YYZ cdn-requestpullsuccess True
GET H2	200	froala_blocks.min.css cdn.jsdelivr.net/gh/froala/design-blocks@master/dist/css/	29 KB 6 KB	70ms 22ms	Stylesheet text/css	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/froala/design-blocks@master/dist/css/froala_blocks.min.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 312f41daa8625dc2eff381989788db068c7c1dfe2d19f1671d39efb55a167e2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 27206 x-jsd-version master x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 6100 x-served-by cache-fra-eddf8230027-FRA, cache-yyz4572-YYZ x-jsd-version-type branch etag W/"746c-7zNOOYavBKjVLKkF5ohue92aieA" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	css fonts.googleapis.com/	26 KB 2 KB	147ms 52ms	Stylesheet text/css	173.194.68.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.68.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS qr-in-f95.1e100.net Software ESF / Resource Hash b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 12 Jun 2024 19:31:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 12 Jun 2024 19:23:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 12 Jun 2024 19:31:22 GMT
GET H2	200	froala_editor.pkgd.min.css cdn.jsdelivr.net/npm/froala-editor/css/	109 KB 17 KB	83ms 36ms	Stylesheet text/css	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/froala-editor/css/froala_editor.pkgd.min.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3bd61f95f96b7f5070220ac211e5d6d13bd6845fa4dcc6f14c83f637a2648d06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 10354 x-jsd-version 4.2.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 17546 x-served-by cache-fra-eddf8230023-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"1b4ef-AIR1JEePc4QY9bAb9dc5OFPg0nM" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	froala_style.min.css cdn.jsdelivr.net/npm/froala-editor/css/	8 KB 2 KB	69ms 22ms	Stylesheet text/css	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/froala-editor/css/froala_style.min.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 807a3ed2e0a00455139fe5551562b3ee3185809409a0e52cf012195bcc74282d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 7528 x-jsd-version 4.2.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2086 x-served-by cache-fra-etou8220024-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"2127-xlXveFNj3wB1XPGZfMMSZB0VhLM" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	tui-image-editor.css cdn.jsdelivr.net/npm/tui-image-editor@3.2.2/dist/	31 KB 6 KB	66ms 19ms	Stylesheet text/css	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/tui-image-editor@3.2.2/dist/tui-image-editor.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c903812a52d2d782f4cd76588b9da788d19fb029b25bb404dd9b2ed851423058 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 1968407 x-jsd-version 3.2.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 5500 x-served-by cache-fra-etou8220139-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"7c04-bfgxMs82+j3/i8eUmnV6GAugUVg" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	tui-color-picker.css uicdn.toast.com/tui-color-picker/latest/	4 KB 2 KB	171ms 46ms	Stylesheet text/css	23.192.229.102 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://uicdn.toast.com/tui-color-picker/latest/tui-color-picker.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.192.229.102 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-192-229-102.deploy.static.akamaitechnologies.com Software / Resource Hash 5d4af487e31ab51edc187c0dbb9426c3276b0def23c20003f7dba55ba34279cc Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding gzip x-openstack-request-id tx1fe0ac4edda2499f9a3fd-0065367843 last-modified Tue, 14 Jun 2022 07:47:33 GMT etag 213935b305897913ba5e65cab8c1b439 vary Accept-Encoding content-type text/css x-timestamp 1655192852.66757 accept-ranges bytes x-trans-id tx1fe0ac4edda2499f9a3fd-0065367843 content-length 1760
GET H2	200	image_tui.min.css cdn.jsdelivr.net/npm/froala-editor@3.1.1/css/third_party/	623 B 806 B	81ms 35ms	Stylesheet text/css	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/froala-editor@3.1.1/css/third_party/image_tui.min.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e29d48510077fba7a493c14a47e4947493fb01400bd9d7ce4fcf8f742f267f5c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 2319373 x-jsd-version 3.1.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 377 x-served-by cache-fra-etou8220138-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"26f-8YOnY6fUgHWRE4XONCsCe5K3y0I" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	fontawesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/	56 KB 10 KB	71ms 33ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/fontawesome.min.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ae50f2a98ad805992350b8f0cbe5c11f3ce3894fff9bc149617ee98327d088e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 520641 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 10102 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-df3a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLy0EabpwYHbGQYhXyaslcbyKf8ieomkSWslxG2jvcgFD2OdgDeQX4WrAjbmMOPcszmeRWmBcEjj8QYOP7UnX7Jn3dZR%2FhdLdGdoQFXaZ6nKws2aYd5XrmBY%2BxhQzGHDSKUeJuZk"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfad9738e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H2	200	cookieconsent.min.css cdn.dashnexpages.net/assets/2.39.2/public/plugins/	4 KB 2 KB	154ms 45ms	Stylesheet text/css	99.84.108.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dashnexpages.net/assets/2.39.2/public/plugins/cookieconsent.min.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.108.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-108-108.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash d349061cecfd45d285dd432decedcea246e0fe0cef3b8d13d339c8e1ac289fb0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 07:41:34 GMT content-encoding gzip via 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront) last-modified Tue, 22 Aug 2023 13:41:41 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 560989 etag W/"e5b988113d304b1947d4d9ee6e7bb5f2" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public, max-age=315360000 x-amz-cf-id ZouWoMBg_I_PElNVgqU-dXyi1-6MFYXAtDCkYgy9UWOPmsv2jdp05w==
GET H2	200	1611988965-5445.png file-hosting.dashnexpages.net/12sla/.editor/	3 KB 3 KB	240ms 92ms	Image image/png	18.160.10.11 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://file-hosting.dashnexpages.net/12sla/.editor/1611988965-5445.png Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.10.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-10-11.iad12.r.cloudfront.net Software AmazonS3 / Resource Hash 0f941490bfae8bd722e36d72a9b5c3fd56a6b0333d934a1cc14816bebdd6e7bd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:23 GMT via 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront) last-modified Sat, 30 Jan 2021 06:42:49 GMT server AmazonS3 x-amz-cf-pop IAD12-P3 etag "6960539e71497554b2e845ccce561abc" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=7776000 accept-ranges bytes x-amz-meta-optimization done content-length 2663 x-amz-cf-id KwnkZePoUoWIYT2um9CIoHBxkIi3dRttVW9_WD119t1zTsmzsRV9Kw==
GET H2	200	1611989059-7907.jpg file-hosting.dashnexpages.net/12sla/.editor/	15 KB 15 KB	275ms 127ms	Image image/jpeg	18.160.10.11 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://file-hosting.dashnexpages.net/12sla/.editor/1611989059-7907.jpg Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.10.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-10-11.iad12.r.cloudfront.net Software AmazonS3 / Resource Hash 6171e2915c2656235917e937e609e094773588f74f3de6645c3171160752ee17 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:23 GMT via 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront) last-modified Sat, 30 Jan 2021 06:44:22 GMT server AmazonS3 x-amz-cf-pop IAD12-P3 etag "b55661218181bb2db10468a0700a29a0" x-cache Miss from cloudfront content-type image/jpeg cache-control public, max-age=7776000 accept-ranges bytes x-amz-meta-optimization done content-length 15437 x-amz-cf-id PdKGbDBPmTMsHodrP8NHjSexlh2CxhYERLiZaLSZby3kTAJy_yadGQ==
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	65ms 19ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1198630 x-cache HIT, HIT content-length 30288 x-served-by cache-lga13622-LGA, cache-yyz4527-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1718220682.235719,VS0,VE0 etag W/"28feccc0-1538f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 19, 80032
GET H3	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/	20 KB 7 KB	36ms 34ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 523849 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6451 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4f71" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjfee7duFTYQY6YlIccUzNzcJnF3k0%2FSoykASabMAOAgOqUmEjjVjN%2BXBtVGHgWVk26isuS67%2BvdEEtgK%2BJ8y42UmnPOweetSVzmK9hOaQFkstul6WXqu4TxmRSCSSNHJrV55Apg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfbd9a38e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H3	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 16 KB	46ms 42ms	Script application/javascript	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 976 strict-transport-security max-age=31536000; includeSubDomains; preload age 3808241 cdn-cachedat 09/03/2022 05:38:18 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag W/"67176c242e1bdc20603c878dee836df3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid c481a00ec7a45a9e7242eaefa5b2f00b timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 892c42bfbc0cab78-YYZ cdn-requestpullsuccess True
GET H2	200	froala_editor.pkgd.min.js Show response cdn.jsdelivr.net/npm/froala-editor@3.2.2/js/	915 KB 241 KB	30ms 25ms	Script application/javascript	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/froala-editor@3.2.2/js/froala_editor.pkgd.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3f1de5830d2ec6790049ef89595e0cd628de6aa768d334c224548f81f723c4a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 1759111 x-jsd-version 3.2.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 246884 x-served-by cache-fra-etou8220051-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"e4c00-2eCwVDxZSm9hCScprFsnXlY3vXY" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	fabric.min.js Show response cdnjs.cloudflare.com/ajax/libs/fabric.js/1.6.7/	247 KB 57 KB	50ms 46ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fabric.js/1.6.7/fabric.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d48acf3246d60f06ad5d927933a5f90ccc586da4aebdea4f9fbdadc58987a353 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1431303 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57471 last-modified Mon, 04 May 2020 16:10:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e58-3db29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxDJZhEJaQkrr4z4vQeRu0C3V%2FBWRtPhm688DlaKySfTiDxwAUv5sELm2AXusVHqJQ4EsZ2TRYLTPTJhuWqemisSnpx9HkHk74rEPACe6a%2FgdxDeGPZ%2BqLW4IRdDncvjenasYzKF"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfbd9b38e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H2	200	tui-code-snippet.min.js Show response cdn.jsdelivr.net/npm/tui-code-snippet@1.4.0/dist/	23 KB 8 KB	74ms 70ms	Script application/javascript	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/tui-code-snippet@1.4.0/dist/tui-code-snippet.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 16028e161d8a54afba1ac36d4785077f35efc2ebaf3d33d2f5ffd0c1e9056070 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 1019381 x-jsd-version 1.4.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 7910 x-served-by cache-fra-eddf8230112-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"5c4a-m3NB++TaCZH++QRRknYWVDYIHpE" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	tui-image-editor.min.js Show response cdn.jsdelivr.net/npm/tui-image-editor@3.2.2/dist/	256 KB 57 KB	68ms 66ms	Script application/javascript	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/tui-image-editor@3.2.2/dist/tui-image-editor.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 13b95d78df132c88692532d7419984ef4b50e0ab9aaa3867af7d9bfef3f2e04d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 2393877 x-jsd-version 3.2.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 57875 x-served-by cache-fra-etou8220030-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"3fe01-CdAKKxmy1TUxfcDaXvcl6Zms/uI" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	image_tui.min.js Show response cdn.jsdelivr.net/npm/froala-editor@3.1.1/js/third_party/	3 KB 2 KB	118ms 116ms	Script application/javascript	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/froala-editor@3.1.1/js/third_party/image_tui.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7607717b1901c771605b08218333adac48338ce9e4d93c84138b1e7ceeaf8931 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 12 Jun 2024 19:31:22 GMT x-content-type-options nosniff content-encoding br age 2482178 x-jsd-version 3.1.1 x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1471 x-served-by cache-fra-eddf8230146-FRA, cache-yyz4572-YYZ x-jsd-version-type version etag W/"c96-Dh15FF88pSwafhwFBDigg0I4mAs" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	font_awesome.min.js Show response cdnjs.cloudflare.com/ajax/libs/froala-editor/3.2.2/js/third_party/	15 KB 5 KB	87ms 85ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/froala-editor/3.2.2/js/third_party/font_awesome.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f149610ed4c10906dce18d1a5c8ad51abbba5a73090c23bc10118802870cb4f3 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 182674 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4869 last-modified Mon, 14 Sep 2020 16:28:24 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f5f9a28-3c49" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dg0phqPtTL%2BnD5MKwoiGixUKrcUeMUPVoyUef1WswRQDzLd2VZk7itu4wiGMdI1%2FyQ5051s5P%2F2Xvm7eYSe7XbMH5TnhjdXAgcGWlwONSVF7LivYiBGGho1LsH%2B%2F650F81DVufc"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfbd9e38e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H3	200	fontawesome.min.js Show response cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/	36 KB 12 KB	87ms 86ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/fontawesome.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34ff4dba3744cd2e66e19c6f36a91c6f1c87074753472f611b5dd1c135411b0a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 82511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 11477 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-9147" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ro%2Fmj2DvNGCwof0UiJumY%2FEjtpjPY9%2FYNggkT%2BczRq1ks%2BWkxk2xr%2BpMG%2B1MqoCET1Bj4V8V%2FeJSRMLa04Pz1AjVsVmdfly3WXJXci%2BtuGukRMs1LpTfXwnDjFSXqM%2FMLgYADMNa"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfbd9f38e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H3	200	brands.min.js Show response cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/	423 KB 158 KB	88ms 86ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/brands.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf44f7afee2e4e3024079087c726c5f514300331c4745079fa125efe918070f8 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2621760 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 161638 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-69c04" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAn%2FNhbLMX9hRW4dFUGudOOoO5YfRcTTR02d2jChnWC9%2B64vw6RWRCw0DukmKqlhR%2Fdc38b1JYLlYyn7FvoQ8C3RCgHUOZgCON6sBCf5OfhzEvyzqf%2B0WlSE9I5w1dpzZlnjpT1v"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfbda138e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H3	200	solid.min.js Show response cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/	585 KB 158 KB	93ms 92ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/solid.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50cd4746ed16775ea4e0be7082b935ec1616cca9236527b4058af94f9ab0d96c Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1094875 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 161503 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-92354" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2BS7VsiMRacBqJwf7I5WDgD4KIngloVH%2F4I9b%2FdTYg%2FLJkvwnyH0MZCaITShE0kNHv%2FWz96qC71gf0AIwMhHh2aMwV1MqQ1d7r%2FTXePjrQBX6PqdGEcaiMGeQh5tQF8KFfeKIMEK"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfedca38e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H3	200	v4-shims.min.js Show response cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/	15 KB 4 KB	99ms 98ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/v4-shims.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6b16689e5fd691561395fe57571a49545214bb3510505228d05381dc7673bc4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 692654 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3637 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-3acf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpHBC5GTWZa6NSIE0MgpwnYHYs1hLQUmJJlusmbsediG4vWCahXYkjZg9LerVmYMio6zXhayusw1e%2FGxo9iTROibwXTWML8D%2FJazz5ttJhAKm8cyw2Lye%2FBc7T3rrVE%2BnVH2gtgm"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 892c42bfedcb38e2-YYZ expires Mon, 02 Jun 2025 19:31:22 GMT
GET H2	200	cookieconsent.min.js Show response cdn.dashnexpages.net/assets/2.39.2/public/plugins/	19 KB 7 KB	86ms 47ms	Script text/javascript	99.84.108.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dashnexpages.net/assets/2.39.2/public/plugins/cookieconsent.min.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.108.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-108-108.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash 6cf39def463ca2129ab469a32fab6ccddbdea696190ae9ec51f2ceabbbfc241c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 07:37:19 GMT content-encoding gzip via 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront) last-modified Tue, 22 Aug 2023 13:41:41 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 561244 etag W/"43209a53b3b2bcd2bfe7f225235c8bea" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=315360000 x-amz-cf-id hXaaAdB8jItfjtUNIBFIXrWJexEZK5sI2UbVr1VLt7MNmhxcJ46Zew==
GET H2	200	blank.css cdn.dashnexpages.net/assets/2.39.2/public/landing-page/css/	2 KB 1 KB	64ms 46ms	Stylesheet text/css	99.84.108.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dashnexpages.net/assets/2.39.2/public/landing-page/css/blank.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.108.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-108-108.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash 65ec17c9e19a88a62b53e500e54a5d4afdfb49492cef576103322f3f0160dea1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 07:41:34 GMT content-encoding gzip via 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront) last-modified Tue, 22 Aug 2023 13:41:42 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 560989 etag W/"b3e5f02dc638fb01d41b29ae996bbc6f" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public, max-age=315360000 x-amz-cf-id kapIFyGWCxFmbpsaCFB4Qaw7ZAoD-DE9JZ1pt3XWSViGntEZZI9Liw==
GET H2	200	blank.css cdn.dashnexpages.net/assets/2.39.2/public/landing-page/css/	2 KB 0	0ms 0ms	Stylesheet text/css	99.84.108.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dashnexpages.net/assets/2.39.2/public/landing-page/css/blank.css Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.108.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-108-108.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash 65ec17c9e19a88a62b53e500e54a5d4afdfb49492cef576103322f3f0160dea1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 07:41:34 GMT content-encoding gzip via 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront) last-modified Tue, 22 Aug 2023 13:41:42 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 560989 etag W/"b3e5f02dc638fb01d41b29ae996bbc6f" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public, max-age=315360000 x-amz-cf-id kapIFyGWCxFmbpsaCFB4Qaw7ZAoD-DE9JZ1pt3XWSViGntEZZI9Liw==
GET H2	200	cookieconsent.js Show response cdn.dashnexpages.net/assets/2.39.2/public/plugins/	878 B 1 KB	41ms 40ms	Script text/javascript	99.84.108.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dashnexpages.net/assets/2.39.2/public/plugins/cookieconsent.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.108.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-108-108.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash 2405a5bfcfcfa992551d6136bac9ff17391bddfce344f0c543b08590ac2df86e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 09 Jun 2024 22:48:41 GMT via 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront) last-modified Tue, 22 Aug 2023 13:41:41 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 247362 etag "efbdf9270f6b84f8beaa59f3e2427c21" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=315360000 accept-ranges bytes content-length 878 x-amz-cf-id EKar__krtYpeQyVlY05MFDd_j7RlwYfhnAFsLBLlwkBuZW_H1QI9zw==
GET H2	200	send-form.js Show response cdn.dashnexpages.net/assets/2.39.2/public/default/js/	1 KB 1 KB	39ms 39ms	Script text/javascript	99.84.108.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dashnexpages.net/assets/2.39.2/public/default/js/send-form.js Requested by Host: northerntokers.ca URL: https://northerntokers.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.108.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-108-108.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash f6ef5ddcb3a7a820fb658a594b520fc1b250b11bff9bf91ecca01d3fb414bba7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 07:26:28 GMT content-encoding gzip via 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront) last-modified Tue, 22 Aug 2023 13:41:37 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 561895 etag W/"928987d6865588783f695ade5ea2e07d" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=315360000 x-amz-cf-id c6YNVA4GCoKd61c2KZWhLEAXHdhht5uyBHfUzXJ4q6-prr1ywsrD_g==
GET H3	200	geolocate Show response northerntokers.ca/	20 B 441 B	88ms 87ms	XHR application/json	172.67.183.211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://northerntokers.ca/geolocate Requested by Host: cdn.dashnexpages.net URL: https://cdn.dashnexpages.net/assets/2.39.2/public/plugins/cookieconsent.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.183.211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 627012dbec1bb7e99026e91e0e06a814f17698fcf7af190c50deafab897f99be Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://northerntokers.ca/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 19:31:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-dashnex-id 31579 server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QsXTbZC1wv%2FngeVQULobiCmexWjJoSyyosu2eRhvDxV31BnJn5Os69nahW9o2%2BC3ZzRrUOF7F3GoFlUnPEMXvKsDqNuMgsb76og%2Bjri2f8q%2F6xEIfA1DexB4736DC3Q2JZjLew%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control no-cache, private cf-ray 892c42c16cb4ab46-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	dnpt-icon.png cdn.dashnexpages.net/assets/2.39.2/images/	169 B 554 B	52ms 51ms	Other image/png	99.84.108.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dashnexpages.net/assets/2.39.2/images/dnpt-icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.108.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-108-108.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash f7241f67c00059aa187f8661466ff328d9d1a52ca524f2c59ed45e5fae23617f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://northerntokers.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 05:45:07 GMT via 1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront) last-modified Tue, 22 Aug 2023 13:41:05 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 395176 etag "9a910d2f3e3309175189a187d5b37689" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control public, max-age=315360000 accept-ranges bytes content-length 169 x-amz-cf-id pFeUJyRlhzI1OB6uyTyjJYBFImxLyGfm9WQ1kfBIveR5hHKw1Taeyg==

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap function| FroalaEditor object| fabric object| tui object| __core-js_shared__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| a object| fontawesome-free-shims object| cookieconsent object| DNP

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			northerntokers.ca/	1969-12-31 23:59:59	Name: dnp_proxy_data Value: 12sla%40%40%2F

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dashnexpages.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
file-hosting.dashnexpages.net
fonts.googleapis.com
northerntokers.ca
stackpath.bootstrapcdn.com
uicdn.toast.com
104.17.25.14
104.18.10.207
151.101.65.229
151.101.66.137
172.67.183.211
173.194.68.95
18.160.10.11
23.192.229.102
99.84.108.108
0ae50f2a98ad805992350b8f0cbe5c11f3ce3894fff9bc149617ee98327d088e
0f941490bfae8bd722e36d72a9b5c3fd56a6b0333d934a1cc14816bebdd6e7bd
13b95d78df132c88692532d7419984ef4b50e0ab9aaa3867af7d9bfef3f2e04d
16028e161d8a54afba1ac36d4785077f35efc2ebaf3d33d2f5ffd0c1e9056070
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2405a5bfcfcfa992551d6136bac9ff17391bddfce344f0c543b08590ac2df86e
312f41daa8625dc2eff381989788db068c7c1dfe2d19f1671d39efb55a167e2e
34ff4dba3744cd2e66e19c6f36a91c6f1c87074753472f611b5dd1c135411b0a
3bd61f95f96b7f5070220ac211e5d6d13bd6845fa4dcc6f14c83f637a2648d06
3f1de5830d2ec6790049ef89595e0cd628de6aa768d334c224548f81f723c4a0
50cd4746ed16775ea4e0be7082b935ec1616cca9236527b4058af94f9ab0d96c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5d4af487e31ab51edc187c0dbb9426c3276b0def23c20003f7dba55ba34279cc
6171e2915c2656235917e937e609e094773588f74f3de6645c3171160752ee17
627012dbec1bb7e99026e91e0e06a814f17698fcf7af190c50deafab897f99be
65ec17c9e19a88a62b53e500e54a5d4afdfb49492cef576103322f3f0160dea1
6cf39def463ca2129ab469a32fab6ccddbdea696190ae9ec51f2ceabbbfc241c
7607717b1901c771605b08218333adac48338ce9e4d93c84138b1e7ceeaf8931
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
807a3ed2e0a00455139fe5551562b3ee3185809409a0e52cf012195bcc74282d
88375232aa0ab0729284aed2b30cd6ebc2ad52df04e3327e4ad2d7b46cba4064
a6b16689e5fd691561395fe57571a49545214bb3510505228d05381dc7673bc4
b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66
c903812a52d2d782f4cd76588b9da788d19fb029b25bb404dd9b2ed851423058
cf44f7afee2e4e3024079087c726c5f514300331c4745079fa125efe918070f8
d349061cecfd45d285dd432decedcea246e0fe0cef3b8d13d339c8e1ac289fb0
d48acf3246d60f06ad5d927933a5f90ccc586da4aebdea4f9fbdadc58987a353
e29d48510077fba7a493c14a47e4947493fb01400bd9d7ce4fcf8f742f267f5c
f149610ed4c10906dce18d1a5c8ad51abbba5a73090c23bc10118802870cb4f3
f6ef5ddcb3a7a820fb658a594b520fc1b250b11bff9bf91ecca01d3fb414bba7
f7241f67c00059aa187f8661466ff328d9d1a52ca524f2c59ed45e5fae23617f
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e