urlscan.io logo urlscan.io
SecurityTrails logo

act.nraila.org Open in urlscan Pro
54.85.224.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nraila.org/VoteNo
Effective URL: https://act.nraila.org/campaign/41243/
Submission: On June 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 28 HTTP transactions. The main IP is 54.85.224.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is act.nraila.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 30th 2021. Valid for: a year.
This is the only time act.nraila.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:4400::6812:27fb (United States)

ASN13335 (CLOUDFLARENET, US)
nraila.org
www.nraila.org
4    54.85.224.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-224-128.compute-1.amazonaws.com
act.nraila.org
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    151.101.64.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
2    2600:9000:223e:6000:12:cac3:2380:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.quorum.us
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    52.217.128.193 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
quorum-media.s3.amazonaws.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
6    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
Apex Domain
Subdomains		 Transfer
7 nraila.org
nraila.org — Cisco Umbrella Rank: 136442
www.nraila.org — Cisco Umbrella Rank: 193517
act.nraila.org
6 MB
6 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 356
223 KB
3 gstatic.com
fonts.gstatic.com
maps.gstatic.com
23 KB
3 amazonaws.com
quorum-media.s3.amazonaws.com — Cisco Umbrella Rank: 801467
188 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 705
syndication.twitter.com — Cisco Umbrella Rank: 957
133 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
86 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 100
53 KB
2 quorum.us
static.quorum.us — Cisco Umbrella Rank: 627596
2 MB
1 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 7641
13 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793
20 KB
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1894
7 KB
28 11
Domain Requested by
6 maps.googleapis.com act.nraila.org
maps.googleapis.com
4 act.nraila.org static.quorum.us
3 quorum-media.s3.amazonaws.com act.nraila.org
2 maps.gstatic.com
2 connect.facebook.net act.nraila.org
connect.facebook.net
2 www.youtube.com act.nraila.org
www.youtube.com
2 static.quorum.us act.nraila.org
2 platform.twitter.com act.nraila.org
platform.twitter.com
2 www.nraila.org 2 redirects
1 syndication.twitter.com platform.twitter.com
1 fonts.gstatic.com quorum-media.s3.amazonaws.com
1 cdn.ravenjs.com act.nraila.org
1 maxcdn.bootstrapcdn.com act.nraila.org
1 player.vimeo.com act.nraila.org
1 nraila.org 1 redirects
28 15

This site contains links to these domains. Also see Links.

Domain
www.nrailafrontlines.com
www.quorum.us
Subject Issuer Validity Valid
act.nraila.org
Sectigo RSA Domain Validation Secure Server CA		 2021-11-30 -
2022-11-30		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-04-13 -
2023-05-15		 a year crt.sh
*.quorum.us
Sectigo RSA Domain Validation Secure Server CA		 2022-01-20 -
2023-01-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-31 -
2022-06-29		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://act.nraila.org/campaign/41243/
Frame ID: A6535BB5F5962A4D4AC37352DFEDF58A
Requests: 27 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fact.nraila.org
Frame ID: 789CCE3DE8E7DC0B3490DFA34162D14F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NRA-ILA | Urge the Senate to Vote NO on Senate Gun Control

Page URL History Show full URLs

  1. http://nraila.org/VoteNo HTTP 301
    https://www.nraila.org/VoteNo HTTP 301
    https://www.nraila.org/frontlines-voteno/ HTTP 302
    https://act.nraila.org/campaign/41243/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

28
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

15
Subdomains

14
IPs

2
Countries

8916 kB
Transfer

20052 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nraila.org/VoteNo HTTP 301
    https://www.nraila.org/VoteNo HTTP 301
    https://www.nraila.org/frontlines-voteno/ HTTP 302
    https://act.nraila.org/campaign/41243/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
act.nraila.org/campaign/41243/
Redirect Chain
  • http://nraila.org/VoteNo
  • https://www.nraila.org/VoteNo
  • https://www.nraila.org/frontlines-voteno/
  • https://act.nraila.org/campaign/41243/
8 MB
6 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.224.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-224-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
16f17f2dbfc981e90aadec66cec78384c424b6ade9918c1c1170900ab924b3bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Jun 2022 01:23:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Cookie
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
cache-control
private, max-age=60
cf-cache-status
DYNAMIC
cf-ray
71f12d14adcb9a2f-FRA
content-type
text/html; charset=utf-8
date
Wed, 22 Jun 2022 01:23:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 22 Jun 2022 01:24:00 GMT
last-modified
Wed, 22 Jun 2022 01:23:00 GMT
location
https://act.nraila.org/campaign/41243/
server
cloudflare
vary
*,Accept-Encoding
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Wed, 22 Jun 2022 01:23:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
949
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (frb/67A8)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
player.js
player.vimeo.com/api/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e47cdb7da9c5fe08eb0c1cf2d85114ba1043620736402d7955886356db6281a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-varnish-cache
1
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
Age
1756
via
1.1 varnish, 1.1 varnish
X-Cache
HIT
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host
player-v108-mq4c5
Connection
keep-alive
x-backend-proxy
playproxy1
x-vserver
playproxy-prod-varnish-0
Content-Length
6138
x-xss-protection
1; mode=block
X-Served-By
cache-hhn4031-HHN
X-Player-Backend
p
X-Timer
S1655860982.210465,VS0,VE0
Date
Wed, 22 Jun 2022 01:23:02 GMT
Vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
expires
Wed, 22 Jun 2022 01:23:45 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
player-v108-mq4c5
Accept-Ranges
bytes
X-Cache-Hits
365
new_grassroots.css
static.quorum.us/versions/desktop/2.11.3.432/3860231/ 		111 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.quorum.us/versions/desktop/2.11.3.432/3860231/new_grassroots.css
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6000:12:cac3:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
817f083a0e1984fce632c58a92468a2473baa6147332f00dd72b376c4b738b5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:58:37 GMT
content-encoding
gzip
x-amz-meta-x-amz-acl
public-read
age
33866
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39275
last-modified
Tue, 21 Jun 2022 15:15:35 GMT
server
AmazonS3
etag
"ffc571c19af5eaeb60874ec64c6e0d54"
content-type
text/css
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=94608000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
txb1-Z_PNCTK7X8edKdKnPXKv0LJNhD48NhAUvtWg0kZ8uRssJZzeA==
expires
Thu, 31 Dec 2099 20:00:00 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.nraila.org/
Origin
https://act.nraila.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
860
age
1126882
cdn-cachedat
05/24/2022 22:19:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f0ca1b72e01f965e6c10c6c417ab89ba
cf-ray
71f12d22bf6d9b31-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ZcN3JMM1hwNb55CFbVmV.css
quorum-media.s3.amazonaws.com/media/css/grassroots/custom/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quorum-media.s3.amazonaws.com/media/css/grassroots/custom/ZcN3JMM1hwNb55CFbVmV.css
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.128.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0fae6ea5b739dd17bf6c80ea0db5f66370752b3905061ee1b19d2320c62a042b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 22 Jun 2022 01:23:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 16:38:29 GMT
x-amz-meta-x-amz-acl
public-read
x-amz-request-id
Z2WH7NXRZNA12W3B
ETag
"7395cba598ded53ae020a9a4bcd6cdf3"
Content-Type
text/css
Cache-Control
max-age=94608000
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
5761
x-amz-id-2
3c74c8Ijm85uVF6E2JH5ZP8zKuRHZfoPdNaUzCf/xjlxqvanq0kGxkiC5noj1G9OylAy9cb/TFY=
Server
AmazonS3
Expires
Thu, 31 Dec 2099 20:00:00 GMT
player_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f8e518cd706f3f6c743f964efa6f5cf3a4f2ea5b589694dec8ed2295b4f2bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 22 Jun 2022 01:23:02 GMT
www-widgetapi.js
www.youtube.com/s/player/f05de49d/www-widgetapi.vflset/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f05de49d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3322e4697d424c705cfe921a4086dbb13982e9265276ced4e8a002ba6da78bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 20:38:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
17081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52281
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 00:19:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 21 Jun 2023 20:38:21 GMT
raven.min.js
cdn.ravenjs.com/3.24.1/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.24.1/raven.min.js
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0

Request headers

Referer
https://act.nraila.org/
Origin
https://act.nraila.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:23:02 GMT
content-encoding
gzip
last-modified
Mon, 09 Apr 2018 13:02:12 GMT
server
Fastly
age
83799
etag
"d9eb38ac6487cc0d2451945049b0d87d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
13151
js
maps.googleapis.com/maps/api/ 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
be1455fb402949e91b38d814a563d5e39816004d020b7fddd466b18e66a7cb83
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://act.nraila.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 22 Jun 2022 01:23:02 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=25
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56310
x-xss-protection
0
expires
Wed, 22 Jun 2022 01:53:02 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://act.nraila.org
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
new_grassroots.js
static.quorum.us/versions/desktop/2.11.3.432/3860231/ 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quorum.us/versions/desktop/2.11.3.432/3860231/new_grassroots.js
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6000:12:cac3:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b96a0d2c52969c63c677cff517b4cfd4347f48c61169d3dcf7d601a4890f5dbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:58:37 GMT
content-encoding
gzip
x-amz-meta-x-amz-acl
public-read
age
33867
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2296370
last-modified
Tue, 21 Jun 2022 15:15:29 GMT
server
AmazonS3
etag
"017f321c8da50c09398087782d04a438"
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=94608000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
j8fkSgSg9v1cFlgSeB9B3NGPnHVy_80Y4Vw4Bt9bkDP1NA5G33Qouw==
expires
Thu, 31 Dec 2099 20:00:00 GMT
N4bpvq8BzssJhWCusl9q_NRA-ILALogo-white-transparent-v3.png
quorum-media.s3.amazonaws.com/media/uploaded_files/2021-11-09/fafa68e1286acd6daeb9256ddc53362f/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quorum-media.s3.amazonaws.com/media/uploaded_files/2021-11-09/fafa68e1286acd6daeb9256ddc53362f/N4bpvq8BzssJhWCusl9q_NRA-ILALogo-white-transparent-v3.png
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.128.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fe5f17a24e2b163021366be44fb2018b99feaa0171845ceb0f34c44ec882aa11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 22 Jun 2022 01:23:04 GMT
Last-Modified
Tue, 09 Nov 2021 16:38:26 GMT
x-amz-meta-x-amz-acl
public-read
x-amz-request-id
19855H6GYGMDRQX8
ETag
"3a0f14d414035294be8c9e10cc14c1e4"
Content-Type
image/png
Cache-Control
max-age=94608000
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
3194
x-amz-id-2
WZakanuRIH/O8FQJ3+qlPbjurfyo/nmdzMUOJ2bo/3kqjNP9WAp0JItuiDWGEMRGYBxob6GSy04=
Server
AmazonS3
Expires
Thu, 31 Dec 2099 20:00:00 GMT
Kqy6-utIpx_30Xzecmeo8_esZW2xOQ-xsNqO47m55DA.ttf
fonts.gstatic.com/s/montserrat/v6/ 		28 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v6/Kqy6-utIpx_30Xzecmeo8_esZW2xOQ-xsNqO47m55DA.ttf
Requested by
Host: quorum-media.s3.amazonaws.com
URL: https://quorum-media.s3.amazonaws.com/media/css/grassroots/custom/ZcN3JMM1hwNb55CFbVmV.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32f9bdc73ecf308a19c0e918b407e12da12b6cd9a667decdc2ddcb74f457839a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quorum-media.s3.amazonaws.com/
Origin
https://act.nraila.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 05:59:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17105
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:39:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 20 Jun 2023 05:59:04 GMT
/
act.nraila.org/api/grassrootscustomevent/ 		295 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.nraila.org/api/grassrootscustomevent/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.3.432/3860231/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.224.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-224-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
116cfc8b4ff310576f841be6119076858676ae7cbe9c823181422401e534eb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.nraila.org/campaign/41243/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 01:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept, Cookie
content-type
application/json
cache-control
no-store, no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
-1
/
act.nraila.org/api/grassrootsissue/ 		54 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.nraila.org/api/grassrootsissue/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.3.432/3860231/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.224.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-224-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
86cf7fc8e12305446978e887da9c356579bfa7ec9707e3050af16a4d8dad663b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.nraila.org/campaign/41243/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 01:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept, Cookie
content-type
application/json
cache-control
no-store, no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
-1
/
act.nraila.org/api/grassrootscampaign/get_grassroots_campaign_detail/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://act.nraila.org/api/grassrootscampaign/get_grassroots_campaign_detail/?slug=41243&widget_type=1&dehydrate_extra=can_participate&decode_enums=false&count=false&exclude=%7B%7D
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.3.432/3860231/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.224.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-224-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e1e35dfda37d7828abb09fbe1d943d77a05107b9ee699b299b9d295dd1a756d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.nraila.org/campaign/41243/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 01:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept, Cookie
content-type
application/json
cache-control
no-store, no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
-1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: act.nraila.org
URL: https://act.nraila.org/campaign/41243/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28156025e598382fdef22ae18d6543ec19893eed1d034c0fdffce9b456715fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TGd8lbTAxLc9eC+g93QDgg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
lwZLvUql4JorUMMlPxHc2iix/9gok/M/lO/+yuxWYR05QdTHNPn4G6sbxDCJqdRoAD0fyzQuupP1refVlwlgcA==
x-fb-trip-id
686109401
x-fb-content-md5
4afc5d3d23ad51efdbcebf9d7677a9af
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 22 Jun 2022 01:23:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b11ccf1a94bc3d7fa54713c4e1126e3c"
timing-allow-origin
*
expires
Wed, 22 Jun 2022 01:29:22 GMT
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame 789C 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fact.nraila.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://act.nraila.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1324474
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Jun 2022 01:23:03 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:40 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BA)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 789C 		397 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=a3b295f7c4849a7b9a256f9ade1cba2c41799179
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fact.nraila.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e6bf2010a4fb62b2cb19950e627af8234276151995216a2ad24e70278e4b762b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time
112
date
Wed, 22 Jun 2022 01:23:04 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 01:23:04 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8e163c1d4d87674ecdd3e5d14c366bd45f0c2a97fe8e5b6aaf9ec6f6e6be83ab
content-length
215
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=54b56eeae64a252563e1c909af36a933
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6402a45a3c9902c4565a6fd3a800874681ec896c39cb97570f49d2ccad523a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://act.nraila.org/
Origin
https://act.nraila.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2fVA25mIj0Mx99CZN0T92Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85979
x-fb-rlafr
0
x-fb-debug
Q6hqdsPPdIs6t/WdXfOYES7blwtUDiL3kwF1uQfQBVp7gH/Ftsh9uM4eUzOYYayQGh72wSc5tDi1rjAcE/HbvQ==
x-fb-content-md5
85f3c1e0bcec801daa208d4926ec5e13
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 22 Jun 2022 01:23:04 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6dc602586b43e5f2af5fca33616e46a6"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 21 Jun 2023 23:15:57 GMT
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4adc290ce6633839d17ed792daaaceb7d927fea11868158a635ff31d01ce3b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
common.js
maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4132f06e190df60f90a24b282db80d9de82bfd6758b9fda2cd5e290698720dab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 13:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30576
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 20:28:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Jun 2023 13:07:22 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/ 		311 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
026d5fc731996e725a1603c60b076d0126a4b5572185c3210288c4ac62794911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 21:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94114
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 20:28:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 21:55:19 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1b0910b82a160684031645a9e651cd3099b28bb9bc68977e7e5e90a538b2bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 21:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 20:28:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 21:55:22 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
219b4772ebc54c0b4dbf2c2dd25280befbff80e1d78e889a79dd3889d596a97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 21:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17441
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 20:28:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 21:55:35 GMT
pmjr9v1alSj53BaonAnd_BidenGunControl.jpg
quorum-media.s3.amazonaws.com/media/uploaded_files/2022-06-16/8145dcb52e6b36d26f8253d2e4171438/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quorum-media.s3.amazonaws.com/media/uploaded_files/2022-06-16/8145dcb52e6b36d26f8253d2e4171438/pmjr9v1alSj53BaonAnd_BidenGunControl.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.128.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
da9edc3999626142b6a97e4c124230ea76f1512e9de81435d1024e0bf3f6bec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 22 Jun 2022 01:23:05 GMT
Last-Modified
Thu, 16 Jun 2022 16:47:15 GMT
Server
AmazonS3
x-amz-request-id
5YYTG93EMK3MQWHM
ETag
"be67d294a0095c5f7fdf7b6aab225734"
Content-Type
image/jpeg
Cache-Control
max-age=94608000
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
182326
x-amz-id-2
WrlPKDuLdiuVXW4poeAAgj1zKm2/lgUVjKnMr1bi+gl+WvvjXNBi5eT7LJmPA8Bfx5UKvtOYInA=
Expires
Thu, 31 Dec 2099 20:00:00 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:23:04 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 22 Jun 2022 01:23:04 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.nraila.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:23:04 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 22 Jun 2022 01:23:04 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| detectIEEdge boolean| ieVersion object| __twttrll object| twttr object| __twttr object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| DJANGIO_ENTRY_POINT object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| Raven object| optionalFields string| property object| action_center_settings number| supporter_points object| organization object| pages string| index_route object| organization_design object| userdata object| Userdata object| permissions string| language string| sso_url object| registrationPages object| customFields object| campaignList boolean| cookielessSafariWindow boolean| registrationForm function| inIframe object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| axios object| DjangIO function| swal function| sweetAlert function| generateStaticUrl function| BACKENDERROR function| segue object| FontAwesomeConfig object| ___FONT_AWESOME___ object| store function| SearchifyWrapper object| options function| setRavenContext function| fbAsyncInit object| FB object| __e3_

4 Cookies

Domain/Path Name / Value
act.nraila.org/ Name: current_version
Value: "2.11.3.432/3860231"
act.nraila.org/ Name: qsesid
Value: rxwc2dry5t1c6b1fssao083rv6agpthx
.youtube.com/ Name: YSC
Value: ItlrQxqEIFs
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: A2u5M_mt8mA

2 Console Messages

Source Level URL
Text
javascript warning URL: https://act.nraila.org/campaign/41243/(Line 99)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://act.nraila.org/campaign/41243/(Line 99)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://maps.googleapis.com/maps/api/js?key=AIzaSyDPcmx3CU3zN2iiKvyXmbJxkOeGO3M4us0&libraries=places, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.nraila.org
cdn.ravenjs.com
connect.facebook.net
fonts.gstatic.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
nraila.org
platform.twitter.com
player.vimeo.com
quorum-media.s3.amazonaws.com
static.quorum.us
syndication.twitter.com
www.nraila.org
www.youtube.com
104.244.42.136
151.101.64.217
2600:9000:223e:6000:12:cac3:2380:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:27fb
2606:4700::6812:acf
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:400::729
52.217.128.193
54.85.224.128
026d5fc731996e725a1603c60b076d0126a4b5572185c3210288c4ac62794911
0fae6ea5b739dd17bf6c80ea0db5f66370752b3905061ee1b19d2320c62a042b
116cfc8b4ff310576f841be6119076858676ae7cbe9c823181422401e534eb9b
16f17f2dbfc981e90aadec66cec78384c424b6ade9918c1c1170900ab924b3bf
219b4772ebc54c0b4dbf2c2dd25280befbff80e1d78e889a79dd3889d596a97c
28156025e598382fdef22ae18d6543ec19893eed1d034c0fdffce9b456715fae
32f9bdc73ecf308a19c0e918b407e12da12b6cd9a667decdc2ddcb74f457839a
3322e4697d424c705cfe921a4086dbb13982e9265276ced4e8a002ba6da78bed
4132f06e190df60f90a24b282db80d9de82bfd6758b9fda2cd5e290698720dab
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0
4adc290ce6633839d17ed792daaaceb7d927fea11868158a635ff31d01ce3b60
6402a45a3c9902c4565a6fd3a800874681ec896c39cb97570f49d2ccad523a8a
6e47cdb7da9c5fe08eb0c1cf2d85114ba1043620736402d7955886356db6281a
817f083a0e1984fce632c58a92468a2473baa6147332f00dd72b376c4b738b5e
86cf7fc8e12305446978e887da9c356579bfa7ec9707e3050af16a4d8dad663b
8f8e518cd706f3f6c743f964efa6f5cf3a4f2ea5b589694dec8ed2295b4f2bb8
b96a0d2c52969c63c677cff517b4cfd4347f48c61169d3dcf7d601a4890f5dbd
be1455fb402949e91b38d814a563d5e39816004d020b7fddd466b18e66a7cb83
be1b0910b82a160684031645a9e651cd3099b28bb9bc68977e7e5e90a538b2bd
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
da9edc3999626142b6a97e4c124230ea76f1512e9de81435d1024e0bf3f6bec9
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
e1e35dfda37d7828abb09fbe1d943d77a05107b9ee699b299b9d295dd1a756d5
e6bf2010a4fb62b2cb19950e627af8234276151995216a2ad24e70278e4b762b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe5f17a24e2b163021366be44fb2018b99feaa0171845ceb0f34c44ec882aa11