urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
2606:4700::6811:4518  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ct12.criticalnewsonline.com/t/14050865/500625205/280343/4/?ff2f3d13=UlMtQWxlcnRzLjEwNTAwNw%3d%3d&x=e95e130d
Effective URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=ema...
Submission: On April 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6811:4518, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 82355.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2023. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 8.224.216.30 3356 (LEVEL3)
18 2606:4700::68... 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
18 winred.com
secure.winred.com — Cisco Umbrella Rank: 82355
244 KB
1 criticalnewsonline.com
ct12.criticalnewsonline.com — Cisco Umbrella Rank: 599435
854 B
18 2
Domain Requested by
18 secure.winred.com secure.winred.com
1 ct12.criticalnewsonline.com 1 redirects
18 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
secure.winred.com
Cloudflare Inc ECC CA-3		 2023-02-21 -
2024-02-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Frame ID: 51E1C591F06404E097B01F1224913891
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://ct12.criticalnewsonline.com/t/14050865/500625205/280343/4/?ff2f3d13=UlMtQWxlcnRzLjEwNTAwNw%3d%3d&x=e95e130d HTTP 302
    https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=202... Page URL
  2. https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=202... Page URL

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

244 kB
Transfer

531 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ct12.criticalnewsonline.com/t/14050865/500625205/280343/4/?ff2f3d13=UlMtQWxlcnRzLjEwNTAwNw%3d%3d&x=e95e130d HTTP 302
    https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_ Page URL
  2. https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ct12.criticalnewsonline.com/t/14050865/500625205/280343/4/?ff2f3d13=UlMtQWxlcnRzLjEwNTAwNw%3d%3d&x=e95e130d HTTP 302
  • https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
tv6749cf4153aaeda3
secure.winred.com/save-america-joint-fundraising-committee/
Redirect Chain
  • http://ct12.criticalnewsonline.com/t/14050865/500625205/280343/4/?ff2f3d13=UlMtQWxlcnRzLjEwNTAwNw%3d%3d&x=e95e130d
  • https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
8 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d02533bcae51d57285c78507acb7791422f2d63a8529056c5b7a2232caa4903
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7b34bede2f2190ef-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 05 Apr 2023 21:04:48 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
Close
Content-Length
375
Content-Type
text/html
Date
Wed, 05 Apr 2023 21:04:48 GMT
Location
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
URI
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
challenges.css
secure.winred.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/styles/challenges.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
W/"6419a381-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7b34bede8f8b90ef-FRA
expires
Wed, 05 Apr 2023 23:04:48 GMT
v1
secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		152 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7b34bede2f2190ef
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5dc1db72fb1a2da4fe80b59b0ef0982fb47d3e5b04b23798cf83a1853f27d6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_&__cf_chl_rt_tk=X2vUTpMxaVwqkbk9o.DQBIAV0lDRwb3x4mp.pjORWCs-1680728688-0-gaNycGzNDFA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:48 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7b34bedeafaa90ef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
secure.winred.com/cdn-cgi/images/trace/jsch/js/ 		42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7b34bede2f2190ef
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_&__cf_chl_rt_tk=X2vUTpMxaVwqkbk9o.DQBIAV0lDRwb3x4mp.pjORWCs-1680728688-0-gaNycGzNDFA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_&__cf_chl_rt_tk=X2vUTpMxaVwqkbk9o.DQBIAV0lDRwb3x4mp.pjORWCs-1680728688-0-gaNycGzNDFA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
"6419a381-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7b34bedeafac90ef-FRA
content-length
42
expires
Wed, 05 Apr 2023 23:04:48 GMT
favicon.ico
secure.winred.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/favicon.ico
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac9aad81ebaf6f3171d67483ee996a45ccd5244d20f888ae34e8eaeb8334c3e1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:48 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7b34bededcc0bb7d-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
2b956660781f8c3
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1280974232:1680727286:UJi-cKcTxavZlAhVTJJu7i0QXOYNlpZQPm6IO2Wserc/7b34bede2f2190ef/ 		75 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1280974232:1680727286:UJi-cKcTxavZlAhVTJJu7i0QXOYNlpZQPm6IO2Wserc/7b34bede2f2190ef/2b956660781f8c3
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7b34bede2f2190ef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33015a14289b318f0579237bb09e1b72f2343cdb4f1d728b6d01a162e2fef536
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
2b956660781f8c3
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 05 Apr 2023 21:04:48 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf_chl_gen
TtFGUNHi5AliXIeLHqDRhMeKQtdZ8pqqt9G+hi+pmiLdUtLkD1TcQ46GvjesJ9Xu1iH8xX/vfLV2NNHLicPSrZCZReT7rW6CYLvkYanhpzU5irL3YKosXOJerRrE4QT3Ae3f0PC57RbEjkIc31WTFHOgfuyH/anQfKfcQ6wBX3Y6R6ffd6FdGpWXPyQxR9+JSExPn0Fk94GAddb/dUObKWqnqlrR7E7BMLJY8DEe1INB299ax4rn3BQi5UOjrT/IzZDq3Tq9jmKNACTUv6cGvAGqDoZGmXGMyLBfyWQf2cSmmspXrU3mfMV1qyAag+3wpixtp55oAvqRoa4isQ+UzKHdzMokd9A67u3e/uewpt3RuoTeDmTXQ7fM8Omf/siiTAtsVx9wbOqyGL/rlbMV4g==$G2EkCTJP0Bt0GijWuaJ1Tg==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7b34bedf8e12bb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ItUzPv8l5h4iyk4
secure.winred.com/cdn-cgi/challenge-platform/h/b/pat/7b34bede2f2190ef/1680728688584/41df13fecae4fd71f3ed77ce2ced996ca42f2d56f5be1ef86f92cdd4e74482c9/ 		1 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/pat/7b34bede2f2190ef/1680728688584/41df13fecae4fd71f3ed77ce2ced996ca42f2d56f5be1ef86f92cdd4e74482c9/ItUzPv8l5h4iyk4
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:49 GMT
strict-transport-security
max-age=0; includeSubDomains
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gQd8T_srk_XHz7XfOLO2ZbKQvLVb1vh74b5LN1OdEgskAEXNlY3VyZS53aW5yZWQuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyKs0fkdzX-NVyob2xCfNi8DTewBG2MQLWM7UmHBXsz4StmTS_HnC-FKi6_YV531KDz1WxzdSVtZ8eUpg7ISzl7yRfp3Ti8jRVaNUd4fiHuL_QtLnAUr-PPUitTM2homTwHYiSlJxy4x_WSjx64rkWGEAmb58mJaXTueTn8HjecQ4mIafIlquNWL-jUK7o_d5pwdETFwHzOWlgWNLMnjrLth2djLJlGsgBIzudFgf-JdhDdDIuIPju3Q02WCoE1d4VrMzJtRNpnigbQsg6Xy18bcwY7Z8msp11pGkMy1qKBtV3VeD9G_wVRyaSHTen6J9-HBeCIeSe1HOJqhal2TReQIDAQAB, max-age=20
x-content-type-options
nosniff
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7b34bee4af23bb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
zFSoTW8SpxRgLXU
secure.winred.com/cdn-cgi/challenge-platform/h/b/img/7b34bede2f2190ef/1680728688585/ 		61 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/img/7b34bede2f2190ef/1680728688585/zFSoTW8SpxRgLXU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aefb2791f1b1a1d4b2c2143d80e080e3a055cbe976459c16d7b0872953bae5a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:49 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
cf-ray
7b34bee5687fbb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
2b956660781f8c3
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1280974232:1680727286:UJi-cKcTxavZlAhVTJJu7i0QXOYNlpZQPm6IO2Wserc/7b34bede2f2190ef/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1280974232:1680727286:UJi-cKcTxavZlAhVTJJu7i0QXOYNlpZQPm6IO2Wserc/7b34bede2f2190ef/2b956660781f8c3
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7b34bede2f2190ef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0370158fde113d44cf258a66e9c7e676eed8ff2f8c9682c1c4bc0d4d43398c4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
2b956660781f8c3
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 05 Apr 2023 21:04:49 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
cf_chl_out
cMetBaRIL2uhuz38hRIUl0Ew4ve/aTxfpOKiun7eXcBxi6FsniuUiS5ysHkNtj83725qWdwMS3Dc2sdtaztSPbkwkHJ8OLFxb90P56WhHiQ=$O2GROk7oxyryJD/Uluxx1A==
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=QBfmDPyAr6Cta.ZIyocrDMx5e.MV21hTH50ck2TPI9U-1680728689-0-Aej7hhsa9R4Xkyb0XPjoMEVDWlMVw_5578aytsMzJ_hArEVXRAfwafC3Cd5r1poy22l3QDmzTdT9oXL5jaBLz-FN2AtoGdkzWT9eCIbDudt2yGwEZrrj6U5amACjEHTtS27NiPz65iHYgmwyk6WZA0UDKI5x7pM7yNzSdMH6LLvu; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=QBfmDPyAr6Cta.ZIyocrDMx5e.MV21hTH50ck2TPI9U-1680728689-0-Aej7hhsa9R4Xkyb0XPjoMEVDWlMVw_5578aytsMzJ_hArEVXRAfwafC3Cd5r1poy22l3QDmzTdT9oXL5jaBLz-FN2AtoGdkzWT9eCIbDudt2yGwEZrrj6U5amACjEHTtS27NiPz65iHYgmwyk6WZA0UDKI5x7pM7yNzSdMH6LLvu"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
text/html; charset=UTF-8
cf_chl_out_s
2JJEXtHpLZYxqT5x0juv2BOPSUmAsdQchT+x3kVGoJFISQGftAZNoiL9xFP6zBB7CSbPgItQYN3a9QCPGUlapthRtycTg70dP1j9aFFfjRt/CDCUEk3G+Y6AhBw2X5Yq434qKTG2xzIjqsGP8F428gRh/GzG0K6dikGtudh0VoL6948sGo6JwpqxkUxeLsDu367OH6IYwaCKPPcYZ2lStEH7btHcfqKwPLxe4yA3vSQT6TCMdd3LIsOmueNz8Z1d/QUxl3arGC33A0xJaw2EGaGF6Res0lNGl+g//SRoisYYcYFUxfu+VY3J+/cNXgVqUKPalhiZQoXjDoEBroGQlKvftm4/Zpc955qbNxv2uHANf4HBLC2kx9YOYXslwFRnEkIUrkMxSo1ZqlDmN6xw7Qr2PbvWwvekrj5Y8WVm9TkMRqTbRoATfGauTpRB2Gg/GKNaZ9pI53fZIE/QvT+DZUQcBeb0X2ofE/EwhFj1jZs=$cLi5P60JFYbVbvIk6Wb6IQ==
cf-ray
7b34bee65afdbb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request tv6749cf4153aaeda3
secure.winred.com/save-america-joint-fundraising-committee/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
347cb892ae31aff93e64312aa8beef41f0415ff8351eae563f2f8e35a7f57d75
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7b34bef33f89bb7d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 05 Apr 2023 21:04:51 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
challenges.css
secure.winred.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/styles/challenges.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
W/"6419a381-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7b34bef36fcebb7d-FRA
expires
Wed, 05 Apr 2023 23:04:51 GMT
v1
secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7b34bef33f89bb7d
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71d470ce04f71f6c0caee62ba20f4355a98fb356bc243eb2cf77ee9905ffee08
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_&__cf_chl_rt_tk=I9m639aX0AskKqvP4GB71Pj3CcgafGIGiAahxH4yws0-1680728691-0-gaNycGzNC-U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:51 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7b34bef37ff4bb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
secure.winred.com/cdn-cgi/images/trace/jsch/js/ 		42 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7b34bef33f89bb7d
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_&__cf_chl_rt_tk=I9m639aX0AskKqvP4GB71Pj3CcgafGIGiAahxH4yws0-1680728691-0-gaNycGzNC-U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_&__cf_chl_rt_tk=I9m639aX0AskKqvP4GB71Pj3CcgafGIGiAahxH4yws0-1680728691-0-gaNycGzNC-U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
"6419a381-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7b34bef37ff8bb7d-FRA
content-length
42
expires
Wed, 05 Apr 2023 23:04:51 GMT
favicon.ico
secure.winred.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/favicon.ico
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505d12710b733c964cd6874a3307fcc7c79bc18f78abf79c11fb640ce4cf03eb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:51 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7b34bef3d8aebb7d-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
397bb1f772d26f7
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/259960835:1680727320:lYOeZyN_O7rrGLSwj8vFH1VB0-d_3X8QA2ZPI3G9yIA/7b34bef33f89bb7d/ 		113 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/259960835:1680727320:lYOeZyN_O7rrGLSwj8vFH1VB0-d_3X8QA2ZPI3G9yIA/7b34bef33f89bb7d/397bb1f772d26f7
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7b34bef33f89bb7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ac741ad16c02e3d44b4430d88dcc220e8b73b57de11a4a5f1e79d24bd2ec52
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
397bb1f772d26f7
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 05 Apr 2023 21:04:51 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf_chl_gen
Vygf4NP7EYt3TlnSJIVNWEMA76ZSixaermtVBhSDSW2hdsaM+rL7elthtsn8u5u3Z/ANL6rajAJO/4ekenNfFosrm174uQV2jTKWMdGYX8aE/7TpEU/iXhPRybR70F23Wg4jxxNEHz31Cm6lr+EEL2R8gG4eSTqQfFHUB/+IMaWUfQqQMsNsDNkGcXniJuRrcAFSk1wnG1cjeYOT352f5lGwCH752IEUPVaLMoNhrC+DKqmS92SEHKyBAoaTEmbbdOdOLqlae6+EYpeLNfmahTeSJNA17cxOQmouC12IeT7dV06dDP//Rbrju+FHHQHsMPaacXt/nYd+p4bS9KCk7UqBp0ctC5fPVGLREf8BfoAKtcz5hOGzBaY203lfcwOGWMYj0msAO4b40Jm0Rvrru/9Jjg3wTswk8t0CpXgA9b+WV9Wk9Nq7McNF8cx1OAmMCm7XUpYnMcOhv35WEEgwww==$4Q7NSJ5e7upjRkNE7AVzTQ==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7b34bef489eebb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lp3-2XXvolxTpLg
secure.winred.com/cdn-cgi/challenge-platform/h/b/pat/7b34bef33f89bb7d/1680728691939/b2bc0783b6f55d570fd64792c660ed25e1f0f411c75809e152023beba03f30f0/ 		1 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/pat/7b34bef33f89bb7d/1680728691939/b2bc0783b6f55d570fd64792c660ed25e1f0f411c75809e152023beba03f30f0/lp3-2XXvolxTpLg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:52 GMT
strict-transport-security
max-age=0; includeSubDomains
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gsrwHg7b1XVcP1keSxmDtJeHw9BHHWAnhUgI766A_MPAAEXNlY3VyZS53aW5yZWQuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyKs0fkdzX-NVyob2xCfNi8DTewBG2MQLWM7UmHBXsz4StmTS_HnC-FKi6_YV531KDz1WxzdSVtZ8eUpg7ISzl7yRfp3Ti8jRVaNUd4fiHuL_QtLnAUr-PPUitTM2homTwHYiSlJxy4x_WSjx64rkWGEAmb58mJaXTueTn8HjecQ4mIafIlquNWL-jUK7o_d5pwdETFwHzOWlgWNLMnjrLth2djLJlGsgBIzudFgf-JdhDdDIuIPju3Q02WCoE1d4VrMzJtRNpnigbQsg6Xy18bcwY7Z8msp11pGkMy1qKBtV3VeD9G_wVRyaSHTen6J9-HBeCIeSe1HOJqhal2TReQIDAQAB, max-age=20
x-content-type-options
nosniff
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7b34bef6fde7bb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
k9vEXnx2FXtfSk8
secure.winred.com/cdn-cgi/challenge-platform/h/b/img/7b34bef33f89bb7d/1680728691939/ 		61 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/img/7b34bef33f89bb7d/1680728691939/k9vEXnx2FXtfSk8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc45f10925da4d3888797a56c745ea5b4daf5de74fba859990d189d72ca18e8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 21:04:52 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
cf-ray
7b34bef72e17bb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
397bb1f772d26f7
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/259960835:1680727320:lYOeZyN_O7rrGLSwj8vFH1VB0-d_3X8QA2ZPI3G9yIA/7b34bef33f89bb7d/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/259960835:1680727320:lYOeZyN_O7rrGLSwj8vFH1VB0-d_3X8QA2ZPI3G9yIA/7b34bef33f89bb7d/397bb1f772d26f7
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7b34bef33f89bb7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:4518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc4c23403db5cff3f36e991f75bdb87d7db912c5c110f066872d0c93fe7b671
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
397bb1f772d26f7
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 05 Apr 2023 21:04:53 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
cf_chl_out
4d48XTLUWMvy+Mk3lUeIJIgkVHxIC0VXHgvTh0p45UDlIRXdOkK778qf9jn5i3lWnlkEFBDUKcVLhXTpZYm9mM9yOyoHEGs0gZ2HS/C7TRY=$wXALGvx002wB+izDjw/hnw==
content-type
text/html; charset=UTF-8
cf_chl_out_s
rUpMZcwOYMX8K6sN4apaTZVCwNl198rgS/91D5pJfCnqMVvlEfNKpjUBtUDdF4nw2J8JToVu8Lj8OfZPeVcDHhSibLMM7w2MW6kjoiBwes4s0zgWkCsgd1ZeZ8Jb4qxOudwxEzOY8eMZBhqUEQoY6kNlCPrpLrdBx+IWZydO/J7GcwZRxTYiwqtLlqqDsrrSmEVnT9MkwGU28sliPzCKkoh/8OF5Cb/DS7GmweZyaVkYjRQXifUnS4HxLB6iqrESINJmb2+QfqMuAPsKwhkTCSRgeUuQa7k0nmF5ffrbL22Jai2pyyYEZk4Boq9ruC85e/5kTC1XKN4J5O0qyHL7bDyOjd/cdKB62ary6IYOaVGeopgba3JTYTDjpf/x3GUwnRrUYHxWMZOjFqpXG2NfEknGdIpZXzRDXTiQRXZm0CCnXqJy0qzjKsoUqrbyJKLVcpHyAyAOZughkH3frpdjWTffFGW5/Whm6tB5m1DFvu4=$5f0ShJeZoiqOMivqTincAQ==
cf-ray
7b34beff3a94bb7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _cf_chl_opt function| sendRequest function| __cf_md5 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx string| prefix object| _

7 Cookies

Domain/Path Name / Value
ct12.criticalnewsonline.com/ Name: messageid
Value: 14050865
ct12.criticalnewsonline.com/ Name: memberid
Value: 500625205
ct12.criticalnewsonline.com/ Name: urlid
Value: 280343
ct12.criticalnewsonline.com/ Name: groupid
Value: 4
.secure.winred.com/ Name: __cf_bm
Value: oG._rfBRxm8XAAb9i0o8lTMnv1Za7KHYbo3s9E2jmZk-1680728688-0-AfW8BB/KjTzqogu8vG6vhclh6nWP3eqDvM2Ha5iG5AEju92pnBQwkIUHJgy/6gquUTKTO4ORMgusbv/IVSzKD9o=
secure.winred.com/ Name: cf_chl_rc_ni
Value: 1
secure.winred.com/ Name: cf_chl_2
Value: 397bb1f772d26f7

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.winred.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/pat/7b34bede2f2190ef/1680728688584/41df13fecae4fd71f3ed77ce2ced996ca42f2d56f5be1ef86f92cdd4e74482c9/ItUzPv8l5h4iyk4
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://secure.winred.com/save-america-joint-fundraising-committee/tv6749cf4153aaeda3?utm_campaign=20230404&utm_medium=email&utm_source=CI_B&utm_content=22&utm_term=20230405_RS-Alerts.105007_
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.winred.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/pat/7b34bef33f89bb7d/1680728691939/b2bc0783b6f55d570fd64792c660ed25e1f0f411c75809e152023beba03f30f0/lp3-2XXvolxTpLg
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN