act.nrcc.org
Open in
urlscan Pro
35.203.178.34
Public Scan
Submitted URL: http://ct12.thegopemail.com/t/13257909/483709310/209647/6/
Effective URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&u...
Submission Tags: falconsandbox
Submission: On June 16 via api from US
Effective URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&u...
Submission Tags: falconsandbox
Submission: On June 16 via api from US
Summary
This website contacted 27 IPs
in 4 countries
across 22 domains to perform 72 HTTP transactions.
The main IP is 35.203.178.34, located in
The Dalles, United States and
belongs to GOOGLE, US.
The main domain is act.nrcc.org.
TLS certificate: Issued by R3 on June 10th 2021. Valid for: 3 months.
This is the only time act.nrcc.org was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 10th 2021. Valid for: 3 months.
This is the only time act.nrcc.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
22
35.203.178.34
(The Dalles, United States)
ASN15169 (GOOGLE, US)
PTR: 34.178.203.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 34.178.203.35.bc.googleusercontent.com
| act.nrcc.org |
2
2a00:1450:4001:803::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
2a00:1450:4001:831::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.youtube.com | |
| www.google-analytics.com |
1
142.250.184.226
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
| www.googleadservices.com |
1
2a00:1450:4001:813::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2a00:1450:4001:812::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
2a03:2880:f01c:8012:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
2.18.234.190
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
| amplify.outbrain.com |
4
2a03:2880:f11c:8183:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
4
2a00:1450:4001:827::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
2600:1f18:730:b150:e012:d004:2b3d:e4f0
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| rp.liadm.com |
1
35.171.210.100
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-210-100.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-210-100.compute-1.amazonaws.com
| rp4.liadm.com |
| Domain | Requested by | |
|---|---|---|
| 22 | act.nrcc.org |
act.nrcc.org
|
| 6 | www.google.de |
act.nrcc.org
|
| 6 | www.google.com |
1 redirects
act.nrcc.org
|
| 4 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
| 4 | www.facebook.com |
act.nrcc.org
connect.facebook.net |
| 4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com act.nrcc.org |
| 3 | connect.facebook.net |
act.nrcc.org
connect.facebook.net |
| 3 | www.googletagmanager.com |
act.nrcc.org
www.googletagmanager.com |
| 2 | tr.outbrain.com |
amplify.outbrain.com
act.nrcc.org |
| 2 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 2 | s.yimg.com |
act.nrcc.org
s.yimg.com |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | www.youtube.com |
act.nrcc.org
www.youtube.com |
| 2 | fonts.googleapis.com |
act.nrcc.org
|
| 1 | rp4.liadm.com |
act.nrcc.org
|
| 1 | rp.liadm.com | 1 redirects |
| 1 | static.addtoany.com |
act.nrcc.org
|
| 1 | analytics.twitter.com |
static.ads-twitter.com
|
| 1 | t.co |
act.nrcc.org
|
| 1 | cdn1.lockerdomecdn.com |
www.googletagmanager.com
|
| 1 | b-code.liadm.com |
www.googletagmanager.com
|
| 1 | amplify.outbrain.com |
act.nrcc.org
|
| 1 | static.ads-twitter.com |
act.nrcc.org
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | player.vimeo.com |
act.nrcc.org
|
| 1 | ct12.thegopemail.com | 1 redirects |
| 72 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nrcc.org |
| secure.winred.com |
| www.nrcc.org |
| www.addtoany.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| act.nrcc.org R3 |
2021-06-10 - 2021-09-08 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| *.vimeo.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-05-21 - 2022-06-22 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-05-26 - 2021-08-24 |
3 months | crt.sh |
| ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
| *.outbrain.com DigiCert SHA2 Secure Server CA |
2021-05-25 - 2022-06-01 |
a year | crt.sh |
| b-code.liadm.com DigiCert Secure Site ECC CA-1 |
2020-06-23 - 2021-09-22 |
a year | crt.sh |
| *.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-06-03 - 2021-07-21 |
2 months | crt.sh |
| cdn1.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2 |
2021-03-06 - 2022-04-07 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| t.co DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
| *.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-05 - 2021-08-05 |
a year | crt.sh |
| *.google.de GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
| *.liadm.com Amazon |
2021-03-02 - 2022-03-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Frame ID: B39F281BB70B724A298B95EDAB16618C
Requests: 72 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ct12.thegopemail.com/t/13257909/483709310/209647/6/
HTTP 302
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_me... Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i
- script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i
- script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i
- script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
animate.css (Web Frameworks) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
AddToAny
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /addtoany\.com\/menu\/page\.js/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Gravity Forms
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i
- script /\/wp-content\/plugins\/gravityforms\/js\/[^/]+\.js\?ver=([\d.]+)$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://nrcc.org/
Search URL Search Domain Scan URL
URL: https://secure.winred.com/nrcc/restore-conservative-house-majority/
Title: Donate
Title: Donate
Search URL Search Domain Scan URL
URL: https://www.nrcc.org/sms-terms
Title: here
Title: here
Search URL Search Domain Scan URL
URL: https://nrcc.org/privacy-policy/
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://www.addtoany.com/
Title: AddToAny
Title: AddToAny
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ct12.thegopemail.com/t/13257909/483709310/209647/6/
HTTP 302
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 61- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1623835320088&cv=9&fst=1623835320088&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&hn=www.googleadservices.com&async=1 HTTP 302
- https://www.google.com/pagead/1p-user-list/815133722/?random=1623835320088&cv=9&fst=1623834000000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg690&sendb=1&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&is_vtc=1&random=2448757559&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-user-list/815133722/?random=1623835320088&cv=9&fst=1623834000000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2wg690&sendb=1&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&is_vtc=1&random=2448757559&resp=GooglemKTybQhCsO&ipr=y
- https://rp.liadm.com/j?tna=v2.0.1&aid=a-028n&wpn=lc-bundle&pu=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&duid=9cd751161c96--01f8a217p37e3v4727fj7rvvq3&se=e30&dtstmp=1623835320121 HTTP 302
- https://rp4.liadm.com/j?tna=v2.0.1&aid=a-028n&wpn=lc-bundle&pu=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&duid=9cd751161c96--01f8a217p37e3v4727fj7rvvq3&se=e30&dtstmp=1623835320121&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
72 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
act.nrcc.org/happy-birthday-trump/ Redirect Chain
|
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
act.nrcc.org/wp-includes/css/dist/block-library/ |
57 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
css
fonts.googleapis.com/ |
2 KB 519 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ss-social-regular.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animate.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ |
71 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
theme.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
magnific-popup.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
readyclass.min.css
act.nrcc.org/wp-content/plugins/gravityforms/css/ |
30 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
formsmain.min.css
act.nrcc.org/wp-content/plugins/gravityforms/css/ |
73 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gf-fix.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ |
2 KB 790 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
formreset.min.css
act.nrcc.org/wp-content/plugins/gravityforms/css/ |
4 KB 600 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
browsers.min.css
act.nrcc.org/wp-content/plugins/gravityforms/css/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
css
fonts.googleapis.com/ |
2 KB 520 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ss-social.js
act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
act.nrcc.org/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
act.nrcc.org/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.magnific-popup.js
act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/ |
41 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
site.js
act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.maskedinput.min.js
act.nrcc.org/wp-content/plugins/gravityforms/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
placeholders.jquery.min.js
act.nrcc.org/wp-content/plugins/gravityforms/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
House-Republicans-Logo-01-1.png
act.nrcc.org/wp-content/uploads/2021/03/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2021_Trump-Birthday-Card_Act-Page_2560x1440-01-1.png
act.nrcc.org/wp-content/uploads/2021/05/ |
343 KB 343 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
comment-reply.min.js
act.nrcc.org/wp-includes/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.min.js
act.nrcc.org/wp-includes/js/ |
1 KB 947 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe_api
www.youtube.com/ |
980 B 915 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
player.js
player.vimeo.com/api/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
178 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v36/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v36/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
www-widgetapi.js
www.youtube.com/s/player/997fe684/www-widgetapi.vflset/ |
126 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
js
www.googletagmanager.com/gtag/ |
83 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
94 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a-028n.min.js
b-code.liadm.com/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ytc.js
s.yimg.com/wi/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nationalmediadigital_lander.js
cdn1.lockerdomecdn.com/tracking/ |
746 B 598 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
298860036983510
connect.facebook.net/signals/config/ |
261 KB 74 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-29 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 85 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10148631.json
s.yimg.com/wi/config/ |
46 B 689 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
t.co/i/ |
43 B 165 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
316720908987052
connect.facebook.net/signals/config/ |
261 KB 74 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 280 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
page.js
static.addtoany.com/menu/ |
84 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cachedClickId
tr.outbrain.com/ |
35 B 239 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
unifiedPixel
tr.outbrain.com/ |
43 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/762936632/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.de/pagead/1p-user-list/815133722/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.com/pagead/1p-user-list/762936632/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.de/pagead/1p-user-list/762936632/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.com/pagead/1p-user-list/815133722/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.de/pagead/1p-user-list/815133722/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.com/pagead/1p-user-list/815133722/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.de/pagead/1p-user-list/815133722/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
j
rp4.liadm.com/ Redirect Chain
|
13 B 569 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-29 |
/
www.facebook.com/tr/ |
0 15 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/tr/ |
0 104 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
99 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| ss_android undefined| ss_set undefined| ss_icons undefined| ss_keywords undefined| ss_legacy undefined| ss_getElementsByClassName undefined| ss_liga undefined| $ function| jQuery string| ua string| click function| onYouTubeIframeAPIReady object| api_yt object| api_vimeo object| api_ga object| add2any object| a2a_config object| Placeholders object| dataLayer function| gtag object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| twq function| obApi object| dotq object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| gaplugins object| gaGlobal object| gaData object| YAHOO object| twttr object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| addComment object| wp object| params number| scrolled object| LI object| __li__evt_bus object| liQ function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init string| min_a2a string| min_1 string| min_2 string| min_3 string| min_4 string| min_5 string| min_6 string| min_7 string| min_8 string| min_9 string| min_10 string| min_11 number| a2amail_init undefined| returned2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| act.nrcc.org/ | Name: outbrain_cid_fetch Value: true |
|
| .nrcc.org/ | Name: _fbp Value: fb.1.1623835320581.527335461 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
act.nrcc.org
amplify.outbrain.com
analytics.twitter.com
b-code.liadm.com
cdn1.lockerdomecdn.com
connect.facebook.net
ct12.thegopemail.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
player.vimeo.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.244.42.3
104.244.42.69
142.250.184.226
151.101.12.217
151.139.241.28
199.232.136.157
2.18.234.190
2600:1f18:730:b150:e012:d004:2b3d:e4f0
2606:4700:10::6816:47c5
2a00:1288:80:800::7000
2a00:1450:4001:803::2008
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9d
2a02:26f0:6c00::210:bac1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.171.210.100
35.203.178.34
70.42.32.95
8.224.216.251
0230602b7d153d6f5e99ca709b5980c3e8fc2d532c3f75d62e371f774fc3e10d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0560eade6d8b6096f5313d589464069f72aa2b7eb92ae5c017d479959cba21c7
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0dd2d4b7b81e26f5459b1f9f8ee51c72b87aa90d55033f686b827d582a2481dd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15760a43269e4e49e30d622aa02cd0ec04b376999b1d3f18d2ab3d81c22fbad4
1657cedfea9ceef327dcf65648079df9af9b1b1ebe20d89ea4e5b5ea666baab3
1b17cb3fdb3c0bf4aa3c4b5a01633eeeb0e02e3ef5717ec95b2f7bbf4e9f9833
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
227ac845901e0403de89d7b6e24a3141dacb54ce167902c4a45b3e3cf14e751e
232307a0287be057f360eb5f35569b69a0fddbf67aa4deb29765b90cc827f595
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
49ed2c927e77ee95649cb9d59c3a03e44162c9c8fc202b24868607cea10bbc4e
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
54d1adc24be4aa9aaf20e4a94682683e376de30782b56d160de7354b25f06995
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6216350f8f0b2a5db239a96a6df67af9ac4db6fcbbd468f00fa41bfeb0f2249b
64f877da7d1d76c89433b2fa687abb47457590b8501c1cfebc48266bbbea8f0c
6adb862ed444b85e22319d7377735f5986e268291c669683c085b97d4f0a4e67
6f2b785fb3851ad36305fb9ef324ab37d3411fdb0ac21ea1e3da28f256308217
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
7802514279d805a825923d8ff3b2746e3fa7d4c719d791292b6f860bc2acf20d
79ebaa6574842c7ac356bc54fe5646115e56a29743405205f685eae70978627c
7ed6ea6b994f975e4ede747d96d2eb3f63ad55b3d5803615fdb115b487b461d1
7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674
805c978b06b771610476faf71921cff8d013c59d45423b70dc0328e753a90baf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90dda754e67c5a5bb5f5b7c676bc19a44b48d015b5fe7878e8109cf4d0f58d46
916089ff48d67576a9fdef763d7d227ac92f93353e82cee685bf002f35a681d9
945d01d496162e47703141aeec71bece42c3f0ecd717411b0c8f54ab949b540b
9e696bf044e42687d3e1b79ad27efc08866974bc71cd1faad30fd65cbcecf08d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
c67a1286e32092fbcaded6091e754f4c8cc7c241590edc9d31b73c4db1089a6e
c92c978bb851baf62c3d8ded46de8fb80c528974558f2e1c4a82f541f294e60e
cadb7853e242146c5699c0427f90a6bde213dd65d3105b81040fa558c7d739d4
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d9d7bcf9f06255984cc66e5d644be23743046f847f7032952d082f679f8b96c0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb
e69face5454ec861e4f91a48b1581ed438181b1716135ca578a533b3ac370a36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
fa5aed092362058beec56ed249352e63842c3eada79cb7e63839833af9392a0b