secure.winred.com
Open in
urlscan Pro
2606:4700::6813:d459
Public Scan
Effective URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-guilty-db?utm_term=db-tnc-cr150sms-004&source_code=db-t...
Submission: On May 31 via manual from US — Scanned from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
d35ligi1n5bgzc.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-18.jfk52.r.cloudfront.net
js.stripe.com |
ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f10.1e100.net
maps.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net
www.google.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-9.jfk52.r.cloudfront.net
d35ligi1n5bgzc.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
winred.com
1 redirects
secure.winred.com — Cisco Umbrella Rank: 28388 app.winred.com — Cisco Umbrella Rank: 129000 gtm.winred.com Failed |
214 KB |
11 |
stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088 |
188 KB |
6 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
621 KB |
5 |
google.com
www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 154 |
509 B |
5 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 89 |
3 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32 |
21 KB |
5 |
cloudfront.net
d35ligi1n5bgzc.cloudfront.net |
954 KB |
4 |
googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 361 |
197 KB |
3 |
googleusercontent.com
lh7-us.googleusercontent.com — Cisco Umbrella Rank: 684 |
500 KB |
2 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 882 |
1 KB |
2 |
t.co
t.co — Cisco Umbrella Rank: 717 |
627 B |
1 |
rmbl.ws
a.ads.rmbl.ws — Cisco Umbrella Rank: 32160 |
2 KB |
1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 801 |
15 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804 |
7 KB |
1 |
cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 3483 |
12 KB |
1 |
facts240.cc
1 redirects
facts240.cc |
576 B |
68 | 16 |
Domain | Requested by | |
---|---|---|
13 | secure.winred.com |
1 redirects
secure.winred.com
static.cloudflareinsights.com |
11 | js.stripe.com |
secure.winred.com
js.stripe.com |
6 | www.googletagmanager.com |
secure.winred.com
www.googletagmanager.com www.google-analytics.com |
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com secure.winred.com |
5 | d35ligi1n5bgzc.cloudfront.net |
secure.winred.com
|
4 | www.google.com |
secure.winred.com
|
4 | maps.googleapis.com |
secure.winred.com
maps.googleapis.com |
3 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
3 | lh7-us.googleusercontent.com |
secure.winred.com
|
2 | analytics.twitter.com |
secure.winred.com
|
2 | t.co |
secure.winred.com
|
2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | a.ads.rmbl.ws |
www.googletagmanager.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | app.winred.com |
secure.winred.com
|
1 | static.cloudflareinsights.com |
secure.winred.com
|
1 | ajax.cloudflare.com |
secure.winred.com
|
1 | facts240.cc | 1 redirects |
0 | gtm.winred.com Failed |
www.googletagmanager.com
|
68 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
txtterms.co |
winred.com |
www.donaldjtrump.com |
cdn.donaldjtrump.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.winred.com Cloudflare Inc ECC CA-3 |
2024-01-22 - 2024-12-31 |
a year | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2024-05-22 - 2024-08-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
ajax.cloudflare.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-08-01 - 2024-08-15 |
a year | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
cloudflareinsights.com GTS CA 1P5 |
2024-05-08 - 2024-08-06 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
winred.com E1 |
2024-04-04 - 2024-07-03 |
3 months | crt.sh |
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-21 - 2024-07-19 |
a year | crt.sh |
a.ads.rmbl.ws R3 |
2024-04-14 - 2024-07-13 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-05-08 - 2025-05-07 |
a year | crt.sh |
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-07 - 2024-11-05 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
This page contains 10 frames:
Primary Page:
https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-guilty-db?utm_term=db-tnc-cr150sms-004&source_code=db-tnc-cr150sms-004
Frame ID: 5E2BAAA17B5D8C0DDB07FFB754A7FFB0
Requests: 58 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8A5B77DF123154ADB8A2929D895B13AE
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/controller-with-preconnect-cdcb45dab13c0e4740f1061df16d5a01.html
Frame ID: C05AFFE4D97AD41D3DDA1F46FEB0B19A
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/elements-inner-card-375134860f5f9a93f5747c62da9f17d9.html
Frame ID: 63A3B65A9BC4BCE47A1D4BE7640790FD
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/controller-with-preconnect-cdcb45dab13c0e4740f1061df16d5a01.html
Frame ID: CBD60EF9A035909BF8712CD650214E14
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/payment-request-inner-google-pay-6a3ffadc229e8cef4e1a1d85fb906951.html
Frame ID: A281C2BEC255AE12CA98F7EC2574B78D
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/payment-request-inner-browser-56d4b823f0270a9f0fc00d370457a74c.html
Frame ID: 1C7BB2996121F0218E0386840AB252A5
Requests: 1 HTTP requests in this frame
Frame:
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: 384A5F65FEC9C1FB230EFEFFEA87F907
Requests: 2 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/hcaptcha-invisible-caaeb09d99a7334657ec15d9915367e8.html
Frame ID: 5668EED8BCB406D4DC24A180CB0ABDE6
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/elements-inner-link-button-for-card-77b80478d65185d77b782412507d2ba2.html
Frame ID: A854FCE098DA969D60455CF07DF4A5D8
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
MAGAPage URL History Show full URLs
-
http://facts240.cc/r/eCJwyLhEJmSI
HTTP 307
https://facts240.cc/r/eCJwyLhEJmSI HTTP 302
https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-guilty-db?utm_term=db-tnc-cr150sms-... Page URL
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Stripe (Payment Processors) Expand
Detected patterns
- js\.stripe\.com
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: txtterms.co/88022-2
Search URL Search Domain Scan URL
Title: terms of use
Search URL Search Domain Scan URL
Title: privacy policy
Search URL Search Domain Scan URL
Title: Interested in volunteering? Click here to sign up today.
Search URL Search Domain Scan URL
Title: Want to donate by mail? Click here to print out a donation form that you can send to our address.
Search URL Search Domain Scan URL
Title: Powered by
Search URL Search Domain Scan URL
Title: About Our Ads
Search URL Search Domain Scan URL
Title: Questions about your charge? Go to our Support Center
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://facts240.cc/r/eCJwyLhEJmSI
HTTP 307
https://facts240.cc/r/eCJwyLhEJmSI HTTP 302
https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-guilty-db?utm_term=db-tnc-cr150sms-004&source_code=db-tnc-cr150sms-004 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
lp-prsp-sms-guilty-db
secure.winred.com/trump-national-committee-jfc/ Redirect Chain
|
60 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v3/ |
606 KB 148 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
secure.winred.com/assets/ |
220 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1717107627.css
secure.winred.com/stylesheets/rv_page_01hz2hdvc9yk2gmpw10w43vv9r/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
257 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-landing-page-a8a88644197a97e150183619345625642cb2c1a2f877d20df011a52fd0f26246.js
secure.winred.com/assets/ |
488 KB 137 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mirage2.min.js
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ti3Xraa6D7DV-JrrFChK1lUiH6YfILviWNuZODKYOdHodiSMHX8WhKGJkXavmRvSZxvXyv1QVI8RhEInxb3arJEb5crTw8GTCe2qGjzkbUW9Tc3fsaPIEikwrjjvukDrnLoCoCrIMzlHF91IQKxvK_w
lh7-us.googleusercontent.com/ |
155 KB 155 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3Qmcn62Q2THrI6x-GLG3axdEOhFYprN7WuvyY9McJr4pwED7onAzRenAeNvodeMEeDteXGN8P4vacBgcHqFuRRsECV31XIabZlYcI36cmppP1OYLi7kxLAMofWUDT4DQJ0ajWDgXUJkV05goI5vBl78
lh7-us.googleusercontent.com/ |
150 KB 150 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XNEQX8J3Hn1Tc1Cekdz69bCfdrh2IUfxO-n_jmYRPw8m0XbfQ8U6r2gs40xCYHpHYIOjHO8UXt1tM0880iBH-lhkpJf_WnI6GRQGSpgV6uggayE25ukLzK4C9WilKq3YZYdrC00FjrewTGXWDIAtoEo
lh7-us.googleusercontent.com/ |
195 KB 195 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ |
19 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
484 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
326 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DJT-BACKGROUND-NEVERSURRENDER_%281%29.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/969/540/large/ |
602 KB 603 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ |
290 B 1022 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TRUMP_LOGO_-_WHITE_BOX_%283%29.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/895/486/large/ |
334 KB 335 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kUuht00m_400x400.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ |
9 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8A5B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controller-with-preconnect-cdcb45dab13c0e4740f1061df16d5a01.html
js.stripe.com/v3/ Frame C05A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
elements-inner-card-375134860f5f9a93f5747c62da9f17d9.html
js.stripe.com/v3/ Frame 63A3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
current_with_info
app.winred.com/api/v3/users/ |
162 B 1 KB |
XHR
application/vnd.api+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rv_page_01hz2hdvc9yk2gmpw10w43vv9r-1608434c0b32e8f11d7ae0fc4d23f78e90d7122b
secure.winred.com/api/v3/donations/live/ |
458 B 531 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rv_page_01hz2hdvc9yk2gmpw10w43vv9r-eb3a926a431d13f50d815a27ba6d1bfb41d3a6f5
secure.winred.com/api/v3/donations/live/ |
463 B 525 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controller-with-preconnect-cdcb45dab13c0e4740f1061df16d5a01.html
js.stripe.com/v3/ Frame CBD6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment-request-inner-google-pay-6a3ffadc229e8cef4e1a1d85fb906951.html
js.stripe.com/v3/ Frame A281 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment-request-inner-browser-56d4b823f0270a9f0fc00d370457a74c.html
js.stripe.com/v3/ Frame 1C7B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DJT-FLAGEMOJI.png
d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/895/484/small_square/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame 384A Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ |
3 B 45 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
88c9b1799f0da560
secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 384A |
0 345 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
296 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
348 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratag
a.ads.rmbl.ws/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
collect
gtm.winred.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 172 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 348 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 84 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 155 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/1/i/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/1/i/ |
43 B 724 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/1/i/ |
43 B 374 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/1/i/ |
43 B 544 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 68 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
284 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/11091438865/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
collect
gtm.winred.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
secure.winred.com/cdn-cgi/ |
0 142 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
260 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/ |
1 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hcaptcha-invisible-caaeb09d99a7334657ec15d9915367e8.html
js.stripe.com/v3/ Frame 5668 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ |
148 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
elements-inner-link-button-for-card-77b80478d65185d77b782412507d2ba2.html
js.stripe.com/v3/ Frame A854 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/11094181768/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/57/2/ |
257 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/57/2/ |
182 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ |
176 B 285 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
collect
gtm.winred.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gtm.winred.com
- URL
- https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF>m=45je45t0v867905447z872410129za200zb72410129&_p=1717187127430&gcd=13l3l3l3l1&npa=0&dma=0&cid=1745051510.1717187129&ecid=1328452171&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1717187127430&sst.ude=0&_s=1&sid=1717187128&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db%3Futm_term%3Ddb-tnc-cr150sms-004%26source_code%3Ddb-tnc-cr150sms-004&dt=MAGA&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db&epn.load_time_sec=-1717187126.9&epn.event_fire_time=1717187128311&ep.event_uuid=2acacc45-62e5-4db7-9f66-294718eba9fa&ep.isVideoPage=f&ep.referrer=&tfd=1617&richsstsse
- Domain
- gtm.winred.com
- URL
- https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF>m=45je45t0v867905447z872410129za200zb72410129&_p=1717187127430&gcd=13l3l3l3l1&npa=0&dma=0&cid=1745051510.1717187129&ecid=1328452171&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1717187127430&sst.ude=0&_s=2&sid=1717187128&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db%3Futm_term%3Ddb-tnc-cr150sms-004%26source_code%3Ddb-tnc-cr150sms-004&dt=MAGA&en=user%20session%20start&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db&epn.load_time_sec=-1717187126.9&epn.event_fire_time=1717187128349&ep.event_uuid=353933bc-2b6c-4e61-af5a-3cbc39775bfc&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=t&ep.usercategory=anonymous&_et=6&tfd=2127&richsstsse
- Domain
- gtm.winred.com
- URL
- https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF>m=45je45t0v867905447z872410129za200zb72410129&_p=1717187127430&gcd=13l3l3l3l1&npa=0&dma=0&cid=1745051510.1717187129&ecid=1328452171&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1717187127430&sst.ude=0&_s=3&sid=1717187128&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db%3Futm_term%3Ddb-tnc-cr150sms-004%26source_code%3Ddb-tnc-cr150sms-004&dt=MAGA&en=page_load_time_event&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-guilty-db&epn.load_time_sec=2.2&epn.event_fire_time=1717187129076&ep.event_uuid=a2bda33a-675a-49f6-8c3f-a0b9bc73b5bb&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=t&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=2.17&_et=555&tfd=7184&richsstsse
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| dataLayer boolean| isWinRed string| app_platform object| webpackChunkStripeJSouter function| noop function| Stripe function| $ function| jQuery object| jQuery112409606298215691844 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass object| bioEp function| Cookies object| App object| picturefillCFG function| picturefill object| party function| UAParser function| gm_authFailure object| antiClickjack object| __mirage2 object| mirage object| __cfBeacon function| landingPageFormSubmitRecaptchaSuccess function| landingPageFormSubmitRecaptchaError object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| onYouTubeIframeAPIReady object| gaGlobal function| ratag object| _ratagData object| GooglebQhCsO object| gaplugins object| gaData object| regeneratorRuntime object| twttr function| urlpath object| currentQ function| gtag26 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
app.winred.com/api/v3/users | Name: rvid Value: afad1f2a-67f1-4785-ae97-d8ac70e22bc1 |
|
.secure.winred.com/ | Name: __cf_bm Value: bYPEtwjrA5bXardyf18au0OR6_I7_3_xB5BdP5cy42A-1717187127-1.0.1.1-rIvPjWQgE0Imrn90qfbXlKYogeWwXm46g98e58pOKyP6JQ7a1rowWiIesp1Vr7caRft1ex.Qu2l.LHQYSiRBSw |
|
secure.winred.com/ | Name: origin_url Value: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-guilty-db?utm_term=db-tnc-cr150sms-004&source_code=db-tnc-cr150sms-004 |
|
.winred.com/ | Name: _revv_v3_session Value: bVp4b1dXQnlYOUx6M29DTkNMbWM3ejR3U1F0UFVqU3RyMTI4N2NGbkduM0JuRlo0aVQ4cG12YXZUSEdtdEJXdWFodDltQ05oa0Ruc0E4QmZYN3V6Z0Z0cVdQek9qMkM3TE9KckdUZjNnbHNiUWdtQTgwZktUaHIwN2dDTy9sVUQzV1ZNcGVSODFGVnA0Undvb3hrM0JueTFBaU1SRHQvZ292K2hKaUlSNzRmcEx5UUk3SENYYlQzU2NQemR6WUc0WXlKU3FPbEhlbFAyaWxiVVBMRWZsQWhrblFoNk9zZklDeWJpTkxCcTRyTmRaUDZSWXprTU9vT0RsUHhwM215a01FTlpMd3N4TUd1d0g2Q1puZDlMRFVZRlh0QzQ4NkU2SHpuMHFEUk1xZnlGZ29pbUQ3a25hd0pGOFN5b2w0MUJtc2pCNlpuZ1NJZXBMWExTZ21mREsrVmtYY21lMUNKekdWWHBWNXRFL1VjPS0tSE53VjBuZjMxNzhsRzI2Zmt5cHJ1dz09--9ff4a695d64765c5e62cd498fc37e9b944dfa495 |
|
secure.winred.com/ | Name: sso_tries Value: 1 |
|
secure.winred.com/ | Name: rvid Value: afad1f2a-67f1-4785-ae97-d8ac70e22bc1 |
|
.secure.winred.com/ | Name: cf_clearance Value: ZDA.3zWGfaESEB8CID2LnumqmQpjzFn.IRg4clv.65I-1717187128-1.0.1.1-dFI26oOo0VfMcX5UdkDYEw6U_AcO0IzzgluoZeMpE4LCpPnQ0n9es.oV9YsxEG1wIH.ivnjn2TjpyTm8Rrm7Rw |
|
.winred.com/ | Name: _gcl_au Value: 1.1.649424665.1717187128 |
|
secure.winred.com/ | Name: _cids Value: W10= |
|
.winred.com/ | Name: _ga_0YWKLMCX4D Value: GS1.1.1717187128.1.0.1717187128.0.0.0 |
|
.winred.com/ | Name: _ga Value: GA1.2.1745051510.1717187129 |
|
.winred.com/ | Name: _gid Value: GA1.2.314120160.1717187129 |
|
.winred.com/ | Name: _dc_gtm_UA-73658561-7 Value: 1 |
|
.winred.com/ | Name: _gat_UA-60901920-1 Value: 1 |
|
m.stripe.com/ | Name: m Value: 2c545e81-adaf-4bf9-bd49-1766fc89fafd9cb9ae |
|
.secure.winred.com/ | Name: __stripe_mid Value: 44ac98c8-748b-44bb-bd00-2f9ed2dc51053aad99 |
|
.secure.winred.com/ | Name: __stripe_sid Value: 338e5b44-d0c2-4112-89ad-647fd98170892ccef4 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.twitter.com/ | Name: guest_id_marketing Value: v1%3A171718712877101017 |
|
.twitter.com/ | Name: guest_id_ads Value: v1%3A171718712877101017 |
|
.twitter.com/ | Name: personalization_id Value: "v1_dEJBPYBLqg3UQkfPgMs98A==" |
|
.twitter.com/ | Name: guest_id Value: v1%3A171718712877101017 |
|
.winred.com/ | Name: _ga_HNR33QTX08 Value: GS1.2.1717187128.1.0.1717187128.60.0.0 |
|
.t.co/ | Name: muc_ads Value: 96776455-e409-4f8b-b325-7f392ef6783b |
|
.winred.com/ | Name: _ga_X6H0114PDF Value: GS1.1.1717187128.1.0.1717187129.0.0.1328452171 |
|
api.hcaptcha.com/ | Name: hmt_id Value: 37335379-6dd9-41b7-9dc1-99e2a120d1da |
35 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.ads.rmbl.ws
ajax.cloudflare.com
analytics.google.com
analytics.twitter.com
app.winred.com
d35ligi1n5bgzc.cloudfront.net
facts240.cc
googleads.g.doubleclick.net
gtm.winred.com
js.stripe.com
lh7-us.googleusercontent.com
maps.googleapis.com
secure.winred.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
gtm.winred.com
104.17.72.14
104.19.211.89
104.19.212.89
104.244.42.131
142.250.65.200
142.250.80.74
142.251.40.100
142.251.41.2
151.101.44.157
151.101.64.176
172.67.194.95
18.173.219.9
18.238.49.18
2600:9000:26fa:d800:0:7d26:ee00:93a1
2606:4700::6810:5049
2606:4700::6813:d459
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::200e
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2008
38.70.189.71
72.21.81.130
00b64ebf0db1bcb3fe7a7edcfd805d2928ac833bed9a645006932252fc4c754d
0376cb35e3990bdd3408f47a88677d793e7d7ca53f7e2c123c8d914848d78dac
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0b41a8b04a5c069d0f8c606496707728147272c229d49c74317b792ecc967682
118712e7d108257574121debbc3525dbe1d1aae973721abdf67dc8c1c254d988
18f117e93f19a6425d77db17601a41de21679024a259805476551e9a65315b3e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9
247031bd12eb980c20ad1580ffb2d5c517bdebca52767efdbba0acc28701cf47
2656869741c21de174d92e09873629801561474a9a2e73615778622ad6dccd9a
2dcc088fb6052ae49a9e846a9deec055eecff0b2b36ed1618fec1480626d76c9
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
39962440e4409c11495e00291c7e5b499b7572fa592142a22e6b0d1e282a37d7
3f6df017c3672b143e317b4f9da85a69f0fa0cfb86430096beb0b48674fab1cf
420ac6c617ee74fe7974f174a88e74d415000487a2e515797094e02e099b48ba
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6037734d0ad3dd7b2f31955aeeb4b34e2316f726e1bd884d7dbc979649570049
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
641defe78e044cbd72e13110f131016fc26c1e8b00ef29ad142e177a0e54bfe1
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
73ed07ea9439bf447bdc64be903c4d5fc6c81f5e5abf17194622c5381405cdec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ca673bed489751fdb5db936ba032d1089255afc392a779b760297764048e847
8f08e958fb91c3c53832406544b9715e51c5c41e411979ab99a81666b2d2ebf8
9331bdaaf6c461215a1390805e2fb4cb5f1faf1f9a9baa1a760ccde20e31f3b5
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
a77dc9c6d8402b6c98ae8f1bca65ba82735246488e3021add90728c626d121e0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b016cb719b426e760c6f3622b8be78800a0dd29d32bf97314ee12e7ca5185878
b94b05ccc912f4deadb7dffd20326ce301931340c02efcb1e2a80fb55c59c6c2
bd21440921136d46369955ab41f7ddf8e633efaee7f77fc39f2c44bc10011297
c333fc115ff4e2fb61dacc581f85df2bfb85c984fb83ea387ac86486bd6f5f49
c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce3a834ffc06d4da78ab76e7915d854ca3a034fbbcf6ea7c7e3bdf472aa4cdec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f630817b032f24d3ca017a62c8516b0cfcce75bd4414f35dd1b79c050de2810f
f6e94d26ce7167206fc50216fa9187cc7d691ebb3de03d5fede7d2b87673c7ab
f77064e6bd92dbe710c0aefa23b7efceeac70cee16e554b123eaf827f7e3702e
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902
fe754479b24d7be47db3395e4f749fa88b61ea554da04c6ca68e31c7808f9e03