www.nationalobserver.com
Open in
urlscan Pro
2606:4700:10::6816:4d72
Public Scan
Effective URL: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&ut...
Submission: On November 29 via api from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.
This is the only time www.nationalobserver.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
42 | 2606:4700:10:... 2606:4700:10::6816:4d72 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 172.217.18.162 172.217.18.162 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:817::2008 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2606:4700::68... 2606:4700::6811:bab1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:81a::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::2001 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
5 | 2a00:1450:400... 2a00:1450:4001:820::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::2004 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0c::9b | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:820::2002 | 15169 (GOOGLE) (GOOGLE) | |
77 | 14 |
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com | |
cdn.tinypass.com | |
id.tinypass.com | |
buy.tinypass.com |
ASN15169 (GOOGLE, US)
adservice.google.ca | |
adservice.google.com | |
www.googletagservices.com |
ASN15169 (GOOGLE, US)
1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
nationalobserver.com
www.nationalobserver.com |
3 MB |
8 |
googlesyndication.com
1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com |
171 KB |
5 |
tinypass.com
experience.tinypass.com cdn.tinypass.com id.tinypass.com buy.tinypass.com |
130 KB |
5 |
doubleclick.net
securepubads.g.doubleclick.net stats.g.doubleclick.net |
110 KB |
4 |
google-analytics.com
www.google-analytics.com |
52 KB |
3 |
googletagmanager.com
www.googletagmanager.com |
96 KB |
2 |
facebook.com
www.facebook.com |
467 B |
2 |
googletagservices.com
www.googletagservices.com |
57 KB |
2 |
facebook.net
connect.facebook.net |
93 KB |
2 |
google.com
adservice.google.com www.google.com |
803 B |
1 |
google.ca
adservice.google.ca |
803 B |
77 | 11 |
Domain | Requested by | |
---|---|---|
42 | www.nationalobserver.com |
www.nationalobserver.com
|
5 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | securepubads.g.doubleclick.net |
www.nationalobserver.com
securepubads.g.doubleclick.net |
3 | www.googletagmanager.com |
www.nationalobserver.com
www.googletagmanager.com |
2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
2 | www.facebook.com |
www.nationalobserver.com
connect.facebook.net |
2 | www.googletagservices.com |
securepubads.g.doubleclick.net
|
2 | connect.facebook.net |
www.nationalobserver.com
connect.facebook.net |
2 | experience.tinypass.com |
www.nationalobserver.com
cdn.tinypass.com |
1 | buy.tinypass.com |
cdn.tinypass.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | id.tinypass.com |
cdn.tinypass.com
|
1 | www.google.com |
securepubads.g.doubleclick.net
|
1 | cdn.tinypass.com |
experience.tinypass.com
|
1 | 1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.ca |
securepubads.g.doubleclick.net
|
77 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
static.nationalobserver.com |
zoom.us |
www.youtube.com |
national-observer.myshopify.com |
www.vancouverobserver.com |
canadianjournalism.ca |
www.facebook.com |
twitter.com |
instagram.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-03 - 2021-08-03 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.piano.io Sectigo RSA Domain Validation Secure Server CA |
2020-09-17 - 2021-09-17 |
a year | crt.sh |
*.google.ca GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
Frame ID: 50F115D77FF9AE1086434BBE7F9F955F
Requests: 67 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudg7hviybxlmwZe4Z14kgsS_-cNhDnUxZTq6MAv-FCYgOKfB5zC9cAeikReTVYVZBJ7CcH7aZ0ZMXPyhMDPoCW6xXsAfN3RKaOsgUry_GMXHzg8Mcz4Olcg6rtwjJ12_vcAFbWlHt8aCW3yK_JiBpN2zZ-XeeWYbRYSTjSNm0q0WI2RhTY1IpzDrSAYOw5h7p-OIgAPMYRkB0MmIhOf8D8GM2rfyGpJSZFx-MDjcyDyHP0VxVvM4lJwofUWQo8z7M71l_cv_d7zRz0mcIOw_mAbdqGrQb_WQ&sai=AMfl-YQNX77iINbgL8QJEAxpFuhLYhjnZXkm3sZPSHWtUc86fSG_n6FNUxu0ihUYgVV_y3Cpn_AZGoBAJ3JaLBjWDKmXsUEYZAQrtOeeJr2nmZ9kp-a8H4y-l_GEzHe2v67q&sig=Cg0ArKJSzK8JF3DZE-tYEAE&adurl=
Frame ID: C618B5A7A33C3A99B53DD170E262CECD
Requests: 8 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 446A5DA396255C4DCC5197B949374170
Requests: 1 HTTP requests in this frame
Frame:
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OTNJXEEAPZNA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2RX2uDMBTFv0ueG8ifamPe3HDFjtqyla717VZTm6HRadSyse8-lXUw2MMgL8nvnHMvJx8IdIokir1T1279-6OPZqiCTO216sORMMIIphQzD1MxHkKwYBQfy1XwHhryUJxDUuYcp6CIB17qQiqU4HMQiQMe8AVnxOEODMHqWqlaK5OoKTo4iCheL1-Wj2H4iwZXlbRWl2aSUUGEMBmpm2E2IcxmOTnlvEs6-1oXF1q0xja__H7yY24uZb9TRZWDVXwRBZsnyre7VczcwXGB5saQtHWrZsh-3yfzZhetDkHgb-No7OXG9lBrMHaUmDbPZyiBogKdmeb20OlGTxx1-O8COe6f-bmP3LS-3m3Wb2r_nwJ1Nf4IECrnZyGpx6Qzp3Mp2cDaRtV-powdJGmRjPvaHEnqEnfhuK6gn18hwGsx7QEAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I7e5S5x5zxmkQElWPShCJyhA-NpjEu-_1VTrlbkKxBH9rGpt8t7KwkvrU4v0PlnuYuC_KblM1wdu4fPzRK-YKyWI_itC3QthIaSuOoUGY3ciCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-6FIET&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-11-29-18-18-00-821-YoJEzIn0FmfI0ol3-dae09a9d6ad8e834a8c5a9a37320535a&visitId=v-2020-11-29-18-18-00-823-wS3fwN6drxBOMqeV-dae09a9d6ad8e834a8c5a9a37320535a&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=a8fb6a798f
Frame ID: CDCB7C839CA546E355A4745C927B9D34
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Drupal (CMS) ExpandDetected patterns
- headers expires /19 Nov 1978/i
PHP (Programming Languages) Expand
Detected patterns
- headers expires /19 Nov 1978/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: Download
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: Reserve a place
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: VO
Search URL Search Domain Scan URL
Title: CCJ
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.nationalobserver.com/ |
81 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-bold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ |
22 KB 22 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-regular.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ |
21 KB 21 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-extrabold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ |
22 KB 22 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__QiXGFEtcElqah49NtWSGf93cLO5_qVO73pRinGF6MWA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
214 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__p0V6GaihwQowEzAD0a-CSmO4oW3HBgc1Y-iBcGiYId8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
54 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020111701.js
securepubads.g.doubleclick.net/gpt/ |
277 KB 98 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lji_canada.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/ |
103 KB 42 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
167 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
79 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nhm-kern-river-oil-field_national-observer.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/10/13/ |
428 KB 429 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kris_krug-file-photo-oilsands.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2017/11/27/ |
530 KB 530 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
170815_-_orec_-_maurice-lapointe_school_solar_-_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/25/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
donald_trump_30020866713.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/12/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped_jhr_report_cover.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/24/ |
58 KB 58 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daybreak-strawn-outer-coast_n8a0372-sepia_ppt.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/04/29/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linda-01.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
monika_bauerlein.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/ |
173 KB 173 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
steven_katz.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2020112815114-5fc2ad8d590d2f8327661283jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/29/ |
99 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201127171136-5fc17fc65ae39b3ca7035b8fjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/28/ |
8 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2020112713118-6af0cfd7d7a186fa05044a81ec39deddf3e8dcab98ebcc795dc047e209bcde4a.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201127151112-5fc15e2ef31580445766c5efjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ |
22 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
200318_justintrudeau_rideaucottage_0005.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ |
159 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201125141144-5fbeb4a4f315804457654d44jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ |
84 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201126131136-5fbff652f31580445765fd2cjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201126151112-5fc00c3b590d2f8327650265jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ |
10 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_footer.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201126121128-5fbfe64a0af484b630d854f4jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ |
83 KB 83 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2020111620114-5fb3219e0b0a55c2169526bajpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/17/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nov_27-20_collage.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ |
147 KB 148 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brian-yurasits-yfihay2dvye-unsplash_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crop_fraser_macdonald_prawn_mfa.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/11/23/ |
302 KB 302 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bugaboo_creek_clearcut.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gtm.js
www.googletagmanager.com/ |
132 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load
experience.tinypass.com/xbuilder/experience/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.ca/adsid/ |
109 B 803 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 803 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
31 KB 12 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_9448.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tinypass.min.js
cdn.tinypass.com/api/ |
393 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
132 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
89 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.google-analytics.com/gtm/ |
84 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
161351677799122
connect.facebook.net/signals/config/ |
238 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/g/ |
0 45 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame C618 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/ Frame C618 |
18 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/ Frame C618 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C618 |
75 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
l
www.google.com/ads/measurement/ Frame C618 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7203356235343914538
tpc.googlesyndication.com/simgad/ Frame C618 |
148 KB 149 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verify
id.tinypass.com/id/api/v1/identity/token/ |
208 B 995 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 27 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 378 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
stats.g.doubleclick.net/j/ |
1 B 427 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame C618 |
0 45 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame C618 |
212 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
execute
experience.tinypass.com/xbuilder/experience/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
a
www.googletagmanager.com/ |
0 95 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 446A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show
buy.tinypass.com/checkout/template/ Frame CDCB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 89 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| fonts object| font number| pos number| current_time undefined| key object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| mapping function| FontFaceObserver function| advagg_run_check function| advagg_run_check_inner function| advagg_font_add_font_classes_on_load function| advagg_font_check function| advagg_mod_1 function| advagg_mod_1_check function| advagg_mod_2 function| advagg_mod_2_check function| advagg_mod_3 function| advagg_mod_3_check object| Drupal object| dataLayer undefined| $ function| jQuery object| jQuery1102013719113890973444 object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| _typeof function| setImmediate function| clearImmediate function| Cookies function| fitvids function| Waypoint object| tp string| waypointContextKey object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaData function| ___tp string| __tpVersion object| jQuery112404790889260858142 object| SWG function| onYouTubeIframeAPIReady object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| google_optimize function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| PianoESPConfig object| google_image_requests9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nationalobserver.com/ | Name: _gat_UA-59182232-1 Value: 1 |
|
.nationalobserver.com/ | Name: _ga Value: GA1.2.668852753.1606670281 |
|
.nationalobserver.com/ | Name: __gads Value: ID=eeb25752396ef2de-22b3e1fd7da600fc:T=1606670280:S=ALNI_Mbl8V8tzebCeX08NUEjmjNvH-cTbQ |
|
www.nationalobserver.com/ | Name: has_js Value: 1 |
|
www.nationalobserver.com/ | Name: _pc_nat_brief Value: nosub |
|
.nationalobserver.com/ | Name: _gid Value: GA1.2.1584306640.1606670281 |
|
.nationalobserver.com/ | Name: _ga_TNN7SJH0J9 Value: GS1.1.1606670280.1.0.1606670280.0 |
|
.nationalobserver.com/ | Name: _fbp Value: fb.1.1606670280977.1383872669 |
|
.nationalobserver.com/ | Name: __cfduid Value: d3fc3bcb5fe6eeedbd93906377869ac0f1606670278 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
buy.tinypass.com
cdn.tinypass.com
connect.facebook.net
experience.tinypass.com
id.tinypass.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nationalobserver.com
172.217.18.162
2606:4700:10::6816:4d72
2606:4700::6811:bab1
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2001
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2001
2a00:1450:4001:820::2002
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08a10ec891b85f1162061831678d1330ecc25375124e497d6a43d05401487d3d
0aabd982d50890426a2b555b88d870b2c7e9b2c93c7cc945561c813556603c97
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138
1156a8cd64894cd8317de15e14d9d396578d9790b64ea5fd6313276469a53c42
123ea2fb450da04593fedb8274edb89051037673e2612e90c4004e4c587c2d1b
152e0dd9b47d9104caf63768507e9931a874ef264d661c987a8f34752c36cbc2
19bba8d185eca379da27ef3c84b7706737bc31eed5196e8dd80daffc622284ec
1e54fc0ecd34ff85684882c25c1b1b0669beb6bc77685cc9218e3c23cd72e253
1f3c1dcaadae4cac8e255c157dfa9c3d28b97f5f2831eeba99ea1da334f4e728
2b79b59ce6735ed87bf7dd861713e0df57195f01ceb5fa705ffe01097bb357a9
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f
3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19
4068cadadb33cb8fcc9bb0a8499c93614b4f9943281313a55a2d3108b1855351
4414145b5b1dcba24d41e3bbb0e9d56fc45150e028df745adb67539f8979ff75
44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50
4beacda92c3035631a1727817999f1e5fd7f803f803e6803475f9a2b6ff44571
5073e3952365b72b48d52a325a04529b62c22208a4a49b35ef9257adadb89a7d
51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64
5d59c8c91c6efcc143a7789a5a9c6a2c8e7f869850071d26e7d0b3b252308d96
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
6b55f5172a79c2853df80b2ad4c33eb3a30f77df8f3dd4f3a8edac0a8dec30d8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
7c1add8c543fe26d7e21eaa15943306439b6cd0dc4310e77355db300794ee7d2
80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320
80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d
8b8e103e45f98a1107bc875600134b27bb9ce5c7a285bd91a8581628c74c32d7
8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9d889ac75224efc940a8acf0240412988f6aa70b28c8562d159a2f647049e2f7
9e1db0b480cd6f32641c3955cdc656a829ef134c57b657e9e8025e3372f00ea8
9e3ccb7f8d5033dc9249e088468d550267c7b9197484d5169ab69fb132d5fdb5
a150fba4e753ee4fdb3cb7f3d8986632f727eb6267a5aabe505d2f9cdade026f
a163af79f592d9b3dd25a2735ecb8b71097d5073dc89b5c4b4136d04ab50598b
a8385ce67720ee99c27a01db9a07832d4dd7626bc5e3ae6f70be61de4706e155
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
b7ce9204d65cd63b4621a02d396860996af869894f6663a27dd91491b1fb6658
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e
beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4
c16f78bc132dc119b6d058159f9c3005f8242f8b4849a05de640da47dca64caf
c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0
c843f0359793ee8296a0c650e4b24d29982a08149e637da18189c8845fb66f8f
d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008
d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2b46e852a38112961d10bfdd15393abaeef3e13f57ac30c627365eea42156c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ed8ed07619b312d41708e7aa95d3b3ba201cc9e42fb93c5bdeb029cdfa362da1
ef4d60e25621d4182b242e0ac41f0a06d4f426c6a2f51cb54c5b19295f61eefc
ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1
f3ef23306f9d14149279ab694ab30e2e44535964860a4d1cc373022a60f31fda
f493ff022632693bee90a65e3a25588b92d97f4bf763c06fe14bc36ea4940e4f
f75dfffc8811d68a50aa3d739fb37f00646a3193db5a249416df7ed0dec3f1d4
fed7c9a9ddadb8412db54edda9350894ec8df7a78ab7ea366d3ab9492a18b4ee