www.nationalobserver.com
Open in
urlscan Pro
2606:4700:10::6816:4c72
Public Scan
Effective URL: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=cb1531e916-EMAIL_CAMPAIGN_2020_12_01_05_18_COPY_01&ut...
Submission: On December 02 via api from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.
This is the only time www.nationalobserver.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com | |
cdn.tinypass.com | |
id.tinypass.com | |
buy.tinypass.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
adservice.google.ca | |
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
adservice.google.com | |
www.googletagservices.com |
ASN15169 (GOOGLE, US)
44cf81ece54c79edfdfcf7a322c523e5.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
nationalobserver.com
www.nationalobserver.com |
3 MB |
8 |
googlesyndication.com
44cf81ece54c79edfdfcf7a322c523e5.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com |
171 KB |
5 |
tinypass.com
experience.tinypass.com cdn.tinypass.com id.tinypass.com buy.tinypass.com |
129 KB |
5 |
doubleclick.net
securepubads.g.doubleclick.net stats.g.doubleclick.net |
110 KB |
4 |
google-analytics.com
www.google-analytics.com |
52 KB |
2 |
googletagservices.com
www.googletagservices.com |
57 KB |
2 |
facebook.com
www.facebook.com |
334 B |
2 |
facebook.net
connect.facebook.net |
92 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
96 KB |
1 |
google.com
adservice.google.com |
803 B |
1 |
google.ca
adservice.google.ca |
803 B |
75 | 11 |
Domain | Requested by | |
---|---|---|
42 | www.nationalobserver.com |
www.nationalobserver.com
|
5 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | securepubads.g.doubleclick.net |
www.nationalobserver.com
securepubads.g.doubleclick.net |
2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
2 | www.googletagservices.com |
securepubads.g.doubleclick.net
|
2 | www.facebook.com |
www.nationalobserver.com
connect.facebook.net |
2 | connect.facebook.net |
www.nationalobserver.com
connect.facebook.net |
2 | experience.tinypass.com |
www.nationalobserver.com
cdn.tinypass.com |
2 | www.googletagmanager.com |
www.nationalobserver.com
www.googletagmanager.com |
1 | buy.tinypass.com |
cdn.tinypass.com
|
1 | id.tinypass.com |
cdn.tinypass.com
|
1 | 44cf81ece54c79edfdfcf7a322c523e5.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.ca |
securepubads.g.doubleclick.net
|
1 | cdn.tinypass.com |
experience.tinypass.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
75 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
static.nationalobserver.com |
zoom.us |
www.youtube.com |
national-observer.myshopify.com |
www.vancouverobserver.com |
canadianjournalism.ca |
www.facebook.com |
twitter.com |
instagram.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-03 - 2021-08-03 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.piano.io Sectigo RSA Domain Validation Secure Server CA |
2020-09-17 - 2021-09-17 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
*.google.ca GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=cb1531e916-EMAIL_CAMPAIGN_2020_12_01_05_18_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-cb1531e916-277178234
Frame ID: 5AF322513800B0B475445A53440CAF30
Requests: 66 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMUkzpNa3-DsGTjFofSRoZHZpJXOaHD93KV1f1fdzvBZ8cltkc-xnux7HspTD82Y1c6P4ipMO0g9q2f7SPyzTnio9OR5Qdb7DRVS3VMH8hpbeO1iW28JKdFr4uSERM4fhSsU6vmiqdn8dicIaHKF7EL4ylQpFcEI6_fGZ3A5qtXWaSh-wrjLz4Rb4XJxtP4oYTgFLDeqAvOIKRkfO-7T6Xh3WPu9yBj5pLmdwsqgfFexK9gtFI3RufnGDO9jqcHNZeYU_fkcFm5apX6bmu3Q7yFQT99zPzmg&sai=AMfl-YTRAYxrzb3Z2eQoKegQE_qvFrpdIJ-Z4fyz3S3HAra9nmOdLH9Tz9Vtb3IgyTlPCmEQuWuRXf2H_McgJtcesHxAs0FqmelAgOti57CYq6DGVAQoBy_qr4IKhIBsIwTL&sig=Cg0ArKJSzAbMAmvWy_YJEAE&adurl=
Frame ID: C8D262AF5263FC939A4AF640D9E0037E
Requests: 7 HTTP requests in this frame
Frame:
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&templateVariantId=OTVPV8TDQEP3P&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2R0W7CIBSG34VrSYACUu46V02jzpqZznmHlVZixdrS6rLs3Ved22Kyi5FzQ77vPzk55x0oswESrPx128TB4DUAPVCqXCdGn6ILIYggiAlEXWGIKEQM-pTC0ibizZzayE5ibHwHdYY14_0-SzPOMiyYL-ia95WHPCyUwl1jfS51ZbRN9bV1uBRPq-noZTSOojsannXaOHOwVw0LxBwXqE4h6h5xW3TY7ByteO78Y3Hcucyiu3yQ_oTr7eG00PuyUE57z3Q1iKMZHQpCRJfYqvqbAemqRveAu_2v4dnCX9JoOsXz5xD8skRVRll3U5I4EYvHeRh7ceekal8qk9saSNsURQ-0pjZfagv_3iWD3oM580mVjJa7oxgPvf_s0pSX4yiEJc2ExARL7GElJelYU-sqyLV1nbLZp5fRXQEk5oj7zBOUf3wCJh2EkvgBAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I9toDyZqKStDEdH4aLIGHX999T3S9xelODTcBKIe9AegJG94LG3ota0-sRx7SfhPiEQF2hUxs9pjCKO9ApfTmIEqciuQTT2leOcCcbLmjKAACVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-J9V6x&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3Dcb1531e916-EMAIL_CAMPAIGN_2020_12_01_05_18_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-cb1531e916-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-02-01-04-05-944-pnV8yiwvInLP1i9t-ef1e56775cf65f185984b67a30318aa1&visitId=v-2020-12-02-01-04-05-945-3Bix6LrVGXkq8KF3-ef1e56775cf65f185984b67a30318aa1&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=59dcf9d197
Frame ID: 588A6E092A16EF5574E31F232CAA6992
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: DD1AE70AAD5ED5828E0F6A95E746A20E
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Drupal (CMS) ExpandDetected patterns
- headers expires /19 Nov 1978/i
PHP (Programming Languages) Expand
Detected patterns
- headers expires /19 Nov 1978/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: Download
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: Reserve a place
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Watch recording
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: VO
Search URL Search Domain Scan URL
Title: CCJ
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.nationalobserver.com/ |
82 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-bold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ |
22 KB 22 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-regular.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ |
21 KB 21 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-extrabold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ |
22 KB 22 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__GNGOUIBtKKHd_s8zvvIE9deEDWMTr1JlF1gAWFZEYiM__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ |
214 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__o1-KIn4Fa0X31hc1_VtKkwooNsVk-6xmAvVVuuTJVYU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
53 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lji_canada.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/ |
103 KB 42 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
167 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
79 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020111901.js
securepubads.g.doubleclick.net/gpt/ |
277 KB 98 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_header.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
leadfarmer.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/01/ |
820 KB 821 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eogmt0uxyaafjen.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/11/30/ |
443 KB 444 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spencer_greening_main_4_mp_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/10/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
221201_bleed_the_north.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
138 KB 138 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caj2019_plennary_in_winnipeg_talking_about_open_information_photo_by_shannon_vanraes_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daybreak-strawn-outer-coast_n8a0372-sepia_ppt.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/04/29/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linda-01.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
monika_bauerlein.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/ |
173 KB 173 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
steven_katz.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201130131120-5fc538940af484b630da1fb6jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
14 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201112171148-5fadbc4eed5556cf1fce7b78jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/13/ |
22 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201130101156-5fc5164d0af484b630d9faf9jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_7844.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/29/ |
31 KB 31 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201130131152-5fc53f72590d2f832766acebjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
14 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shell_drilling.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201128191136-5fc2ed5e88162f4d02b70c0cjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201129111136-5fc3ceb288162f4d02b722c0jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_footer.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201129111140-5fc3cf9e2735c6ba3cfc6a04jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
24 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201030091052-5f9c1b6b687099e2b525dd65jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/31/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rjb10159584_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/04/24/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20201127161120-5fc16db20af484b630d94c29jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/30/ |
8 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crop_fraser_macdonald_prawn_mfa.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/11/23/ |
302 KB 302 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bugaboo_creek_clearcut.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
132 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load
experience.tinypass.com/xbuilder/experience/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_9448.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
132 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
89 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
161351677799122
connect.facebook.net/signals/config/ |
238 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.google-analytics.com/gtm/ |
84 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 49 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/g/ |
0 23 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 91 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tinypass.min.js
cdn.tinypass.com/api/ |
393 KB 123 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.ca/adsid/ |
109 B 803 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 803 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
31 KB 12 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
44cf81ece54c79edfdfcf7a322c523e5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verify
id.tinypass.com/id/api/v1/identity/token/ |
208 B 992 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame C8D2 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/ Frame C8D2 |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/ Frame C8D2 |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C8D2 |
75 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7203356235343914538
tpc.googlesyndication.com/simgad/ Frame C8D2 |
148 KB 149 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame C8D2 |
0 22 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame C8D2 |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
execute
experience.tinypass.com/xbuilder/experience/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show
buy.tinypass.com/checkout/template/ Frame 588A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 77 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame DD1A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| fonts object| font number| pos number| current_time undefined| key object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| mapping function| FontFaceObserver function| advagg_run_check function| advagg_run_check_inner function| advagg_font_add_font_classes_on_load function| advagg_font_check function| advagg_mod_1 function| advagg_mod_1_check function| advagg_mod_2 function| advagg_mod_2_check function| advagg_mod_3 function| advagg_mod_3_check object| Drupal object| dataLayer undefined| $ function| jQuery object| jQuery110204204510992842383 object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| _typeof function| setImmediate function| clearImmediate function| Cookies function| fitvids function| Waypoint object| tp string| waypointContextKey object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| ___tp string| __tpVersion object| jQuery112407489005410815004 object| SWG object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| PianoESPConfig object| GoogleGcLKhOms object| google_image_requests2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tinypass.com/ | Name: LANG_CHANGED Value: en_US |
|
.tinypass.com/ | Name: LANG Value: en_US |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
44cf81ece54c79edfdfcf7a322c523e5.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
buy.tinypass.com
cdn.tinypass.com
connect.facebook.net
experience.tinypass.com
id.tinypass.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.nationalobserver.com
172.217.18.162
2606:4700:10::6816:4c72
2606:4700::6811:b6b1
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
2a00:1450:4001:818::2008
2a00:1450:4001:820::2001
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
084503e0f9f8067e435c637ca0f405cd4fc15561b7f3fe43f93d4c4a91e69997
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138
19bba8d185eca379da27ef3c84b7706737bc31eed5196e8dd80daffc622284ec
1cc5e57b3243585ea50d527865fbac50a844fff15899ef9cfad8e95e4c4a3537
1f3c1dcaadae4cac8e255c157dfa9c3d28b97f5f2831eeba99ea1da334f4e728
23deda525069671c05f14deb8bf39f72754657d031ff50086fd2354e1be1540c
24eac42cf60ed6c7d7314794d007f3332eabc09321e77b953ae291484822f93f
2d2828e23c1fddc03344b5acdd4fe5871973f0273b3beb4ec565ad3ac278504f
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f
3d53c6a3efe45a535012cb17c835cb1bc4c904450e57d271be5a214e8d58686a
3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19
4068cadadb33cb8fcc9bb0a8499c93614b4f9943281313a55a2d3108b1855351
4414145b5b1dcba24d41e3bbb0e9d56fc45150e028df745adb67539f8979ff75
44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50
47259430080213b170262a7746833f547e0a858203c7537b80ee1911d0b4e2af
49636ae730ab385f26194cc8aa137a26439905964acc16944d35ad67deb7feb1
4b66f4a6490c7b5b24c22cea7cda1ea422390bb53f266d15cc6743048b5ec2c5
4d861acb2ed9d3df351c3a405b5312c557bcc7464803bc09b332dd116b769107
51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
675877db659dfd392698f970bb2d68a7f417acb12fefef2a1c8f63dc9ffb4259
68c35e8c0747982e47b60e3b16325c371677729692b4daea6f8e6c13151f1f7d
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
6b55f5172a79c2853df80b2ad4c33eb3a30f77df8f3dd4f3a8edac0a8dec30d8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
715d56f7cd94e9b9d0b89c2d281817363c7c4be4c0bcd3694aa3b1daaac94d22
767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
7a6a6eab63942a54336398f0e4ff3c6db8aa57469de945a74ef2dc0e345aadc2
7a881b2b512f79c431efc4eaedec6166e35f4dfe6cc0be7cb89914e1b22c5bec
80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320
80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d
859e8cd4c263f2a78aba7b1efe20af50fd84a6240851ba7d58375c24ad778f71
8d22feda71afd4c768fa210d68b8d8d331e488219d3a13bd1261c0d854a5c2c3
8e49655b15f7208cd548afe425920a3c19c69d369cc086de219f58758631d41f
8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9
9062513c6c8d390f7219bdf974387cbf6d4fae960b447486b0693862ad98934a
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
a150fba4e753ee4fdb3cb7f3d8986632f727eb6267a5aabe505d2f9cdade026f
a80249a38e983fa320f94a1a04f7f3c762291cc333951063a63c6c39cbedbc66
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e
beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4
c178fe15f22bb71670569b6e09f80764ac517d183bb86eaf0fc9740a8c75d3f2
c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0
c7968ea4cc62361a721338b6cfe29d9ad6bf32997ee02eb8bc27dde49d66dd14
c843f0359793ee8296a0c650e4b24d29982a08149e637da18189c8845fb66f8f
c877d96d45a6ead2d4dae712147af659ff9c93ad0138bb99dcfede1b2248c629
d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008
d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40
d56076670ee7f104f60910da7be6b6960576b9e3bc53f6ac3e69fd60601df15c
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d86b9cf94c5562cea710dd1cd1d5e53ba7d9edb52929f1774a7c3c1bcddcd52c
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
ddaf60d33b7752ba66ce1778786f9a7a4815c605d717092db28b90a4d56ad36c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1