secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.donatetorondesantis.com/u/click?_t=39b5827fb2524894a9b1d5b4f58e45b1&_m=d16d2d4092014373afba588258243410&_e=4Gg-y...
Effective URL:
https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_st...
Submission: On July 13 via api (July 13th 2023, 3:17:49 pm UTC) from US — Scanned from DE

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6813:d459, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 49429.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2023. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.219.81.88 3.219.81.88	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700::68... 2606:4700::6813:d459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	3

1 3.219.81.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-81-88.compute-1.amazonaws.com

links.donatetorondesantis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:d459 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5263	265 KB
11	winred.com secure.winred.com — Cisco Umbrella Rank: 49429	161 KB
1	donatetorondesantis.com 1 redirects links.donatetorondesantis.com	2 KB
29	3

	Domain	Requested by
13	challenges.cloudflare.com	secure.winred.com challenges.cloudflare.com
11	secure.winred.com	secure.winred.com
1	links.donatetorondesantis.com	1 redirects
29	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2023-02-21` - `2024-02-21`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
Frame ID: E97E548AA950D92C39759F7142BBCC9E
Requests: 17 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: B7CCE56467DFB656A172144CCB82EF52
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: D594C4397FC4433E65B33537328B1685
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://links.donatetorondesantis.com/u/click?_t=39b5827fb2524894a9b1d5b4f58e45b1&_m=d16d2d4092014373afba58825... HTTP 303
https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-... Page URL
https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-... Page URL

Page Statistics

29
Requests

83 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

426 kB
Transfer

976 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=j
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.donatetorondesantis.com/u/click?_t=39b5827fb2524894a9b1d5b4f58e45b1&_m=d16d2d4092014373afba588258243410&_e=4Gg-yQck-t4D7kNlJWGQGdJ66FW8Iu67GlJnCAcd13VwSfNlIFCmI10skskIMm1DyzbPvORvyBduZUxzpqZAB7AsPZkQT8dWItrJdUe1gVfztlFlVKC0NAPO2TZV0p_f1LCyXxp66YDH_QsFepx9zLEN91DEyxvnHOkRKJqqgQRD5WgO_17Olvrm5fNiKZpk9_SjjZsOmoPb4coY4-6C4zB_LSuIiDj2QlJQhbTZTSyuOifFDH6-3_sMuR3O46M0d3wTlsL3A10p-UHqwN8MYHzvapkp43iXcvYN1Bas8N3zjLIppMgsJq-emNkjGxOaHRXi6BCRSa1QscN-0v4LWZnYnntk282myb_bSUU7mavXjMJkn-k34thLsnWyFCd1 HTTP 303
https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na Page URL
https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://links.donatetorondesantis.com/u/click?_t=39b5827fb2524894a9b1d5b4f58e45b1&_m=d16d2d4092014373afba588258243410&_e=4Gg-yQck-t4D7kNlJWGQGdJ66FW8Iu67GlJnCAcd13VwSfNlIFCmI10skskIMm1DyzbPvORvyBduZUxzpqZAB7AsPZkQT8dWItrJdUe1gVfztlFlVKC0NAPO2TZV0p_f1LCyXxp66YDH_QsFepx9zLEN91DEyxvnHOkRKJqqgQRD5WgO_17Olvrm5fNiKZpk9_SjjZsOmoPb4coY4-6C4zB_LSuIiDj2QlJQhbTZTSyuOifFDH6-3_sMuR3O46M0d3wTlsL3A10p-UHqwN8MYHzvapkp43iXcvYN1Bas8N3zjLIppMgsJq-emNkjGxOaHRXi6BCRSa1QscN-0v4LWZnYnntk282myb_bSUU7mavXjMJkn-k34thLsnWyFCd1 HTTP 303
https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

29 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

/ Show response
secure.winred.com/desantis/storefront/
Redirect Chain

http://links.donatetorondesantis.com/u/click?_t=39b5827fb2524894a9b1d5b4f58e45b1&_m=d16d2d4092014373afba588258243410&_e=4Gg-yQck-t4D7kNlJWGQGdJ66FW8Iu67GlJnCAcd13VwSfNlIFCmI10skskIMm1DyzbPv...
https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

8 KB
5 KB

87ms
22ms

Document
text/html

2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a180aeaf3d3729385ccbd06752bc3ba03767283e32a9b960095e34d6c08ec890

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7e627e9939a835fa-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 13 Jul 2023 15:17:44 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Security-Policy: base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
Date: Thu, 13 Jul 2023 15:17:44 GMT
Location: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Request-Time: 1
Server: iterable-links 15ed
Vary: Origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

GET
H2 200 challenges.css
secure.winred.com/cdn-cgi/styles/ 6 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/styles/challenges.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 15:32:00 GMT
server: cloudflare
etag: W/"64a82ff0-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7e627e998a5035fa-FRA
expires: Thu, 13 Jul 2023 17:17:44 GMT

GET
H3 200 v1 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 165 KB
57 KB 26ms
26ms Script
application/javascript 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627e9939a835fa

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0395d77b34eec816c243314e29d00308914a330626ac4a1472c79476f63f5c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na&__cf_chl_rt_tk=JHq.ZXislmi4tXpOpToCjAdGmE7J5tczme9QUYqGelM-1689261464-0-gaNycGzNDBA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:44 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7e627e99ae491c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/ 21 KB
8 KB 77ms
38ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627e9939a835fa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424e559af5e00bc52620121e3151801600218fbd7dcce105b5ed2838ae32758d

Request headers

Referer
Origin: https://secure.winred.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:44 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e627e9a7eb42bc9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
secure.winred.com/ 7 KB
7 KB 26ms
23ms Image
text/html 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/favicon.ico

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9517a4f4c88b7926bb6a8c0f09e7dc16f2ad03467433670b911b36ec146f967

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:44 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7e627e9a3f091c40-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 20bcbfc2-b0d5-41d0-85a3-8029b79644df
https://secure.winred.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.winred.com/20bcbfc2-b0d5-41d0-85a3-8029b79644df
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 704b6a665cd2c5b Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1736603172:1689257305:_RwuHZByq2IESQxALSX1QTo-OZ0jc-XO49MOA6JARN0/7e627e9939a835fa/ 9 KB
7 KB 29ms
28ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1736603172:1689257305:_RwuHZByq2IESQxALSX1QTo-OZ0jc-XO49MOA6JARN0/7e627e9939a835fa/704b6a665cd2c5b

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627e9939a835fa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a22364e198386d271882d973a2474fadc8ab365f91e8c1cd15788f89ceaf3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 704b6a665cd2c5b
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Jul 2023 15:17:44 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 7e627e9ad8001c40-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: r8TfC7rzNRLcK0n1du0y78nxV3DapwC8Sl2QAtPnCa5MGbDuSQRpMPVxYNrtRQMP$Sah57tz4C+Uhi8r2XOLfzA==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame B7CC 24 KB
8 KB 40ms
29ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8c933a056c88a044b8b2f8e8bc7da65ddef78daba0c6d31a4faa4d8eb500608

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e627e9b38f137d1-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 15:17:44 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame B7CC 167 KB
59 KB 18ms
18ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e627e9b38f137d1
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1ae7f58d3c58d254d4cd41cee2ddacef3c052a569098f032d297e9822745a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:44 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e627e9ba9ac37d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 83369ea5-8ca6-4dc9-bc45-b70ceecd49e0
https://challenges.cloudflare.com/ Frame B7CC 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/83369ea5-8ca6-4dc9-bc45-b70ceecd49e0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 1f1f35df6d7bbd4 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1831270829:1689257444:66He9XzzEYSvOl0ES6LGMQGWDfz82E2iZ_KiAlZ2brU/7e627e9b38f137d1/ Frame B7CC 82 KB
62 KB 56ms
56ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1831270829:1689257444:66He9XzzEYSvOl0ES6LGMQGWDfz82E2iZ_KiAlZ2brU/7e627e9b38f137d1/1f1f35df6d7bbd4
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e627e9b38f137d1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93970ff6c445085a1db9117163b969f43161f3491746a91f637c588eb145658

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 1f1f35df6d7bbd4
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: k58N8zfhHe09e/gpdr/8CSp0ji44vNbFRYf6H3e0wp2nQZH5T5j7zPfUjAy6UP+CUorYB6G0TyJmHL6yTB4gna3XFucCM9h9NREfCHsbo6tTQ2RMIpWHBXI7RiO3BhGowrj+9iBa7Tb+Bk2jJE1szsA3dH2jGhpho7PJVmBlzpw2IjfjnZg2U9r3IBlNrsmAkUU1WS15VoNmvQK+49QEP7RUyzsjzAfw098/Q6Tis+t1XmBsU0+7pZ9FM/iOi1DEskEAvM/kvH1eJBFCfml/mCxoWfJlpTWAGX2Mefxk3vZXJuWK84esUGtTEuwDXPkJb+D65p39kn2TzeDluymK5E4TU5vV5wWW/mvdZTdWnsgiKQR1+cakM6S/voa6XvO94P/PG7IadKn8lOX9/QW1HA==$CEyFvWoyDyyOJTyAT0BM7A==
date: Thu, 13 Jul 2023 15:17:45 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e627e9cab6d37d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 QVCpYy96ob8bnKW
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e627e9b38f137d1/1689261465079/ Frame B7CC 61 B
148 B 29ms
29ms Image
image/png 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e627e9b38f137d1/1689261465079/QVCpYy96ob8bnKW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd35e65d32dd064ff9897db253e6673d4ea89df9d84b69c2f30a25bb67a1b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:45 GMT
server: cloudflare
cf-ray: 7e627e9f1f5837d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
BLOB 200
OK b807ae25-635d-4777-abcb-0715b7408bc9
https://challenges.cloudflare.com/ Frame B7CC 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/b807ae25-635d-4777-abcb-0715b7408bc9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

GET
H3 401 L45Ln2RlOCQ-wuX Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e627e9b38f137d1/1689261465082/886f0bcec929ae92f4ee14a0b0b28ffcaf7d2dd08cf797ac5a6279c76f820167/ Frame B7CC 1 B
629 B 22ms
21ms Fetch
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e627e9b38f137d1/1689261465082/886f0bcec929ae92f4ee14a0b0b28ffcaf7d2dd08cf797ac5a6279c76f820167/L45Ln2RlOCQ-wuX
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e627e9b38f137d1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:45 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20giG8LzskprpL07hSgsLKP_K99LdCM95esWmJ5x2-CAWcAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAud1722XPCRhYoOIgf36fG5iXSHxfxHUZKz73wnLpMfitU52MrdnNWcrUVkTbnKzyTm0Eu_xxsnRjrrlfx2IsTXnr-s9e4Pcc4HcvRmkMrw3XF39qe1KQIdVCNdNafkz1J0NrctkXi1FQqBHTVhXwGwC9x1OMaJtOuArK5reikVOEOgLbWuDDVKss9TLXqQd0QKZ3UYgzMOidVGZVWwLRZPtrpaduttH1XIUQsUYGRSQt1IHvLpdLLtAA_pm8eFdjSqYgDy2JHY6bJpQgMP2umteUDyWEme_zpnYdR3fNYKWlOYCDaqI0yUEt8n1t3xi5BDAJ6Negpkd6impWYjHWQQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7e627ea17b0537d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 1f1f35df6d7bbd4 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1831270829:1689257444:66He9XzzEYSvOl0ES6LGMQGWDfz82E2iZ_KiAlZ2brU/7e627e9b38f137d1/ Frame B7CC 796 B
1 KB 42ms
40ms XHR
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1831270829:1689257444:66He9XzzEYSvOl0ES6LGMQGWDfz82E2iZ_KiAlZ2brU/7e627e9b38f137d1/1f1f35df6d7bbd4
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e627e9b38f137d1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24a1b951a10685f3e6e50837c184305066a8f8613236a17421329fc7adbecbd

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/th39f/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 1f1f35df6d7bbd4
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: A3eQYGo1GCgZu4iVQ1irHSthY6GhbaV1Vg9tRAKeeSKaikcw0fa+6x3NeYs/uo+dzrqoBI7KeIoQN3rWWV/Bj2dwBYTuTsaZi7SQrfZwZW8=$avLsSaeMT78TeFocBcZvRg==
cf-chl-out-s: DQRympBBebHyHSD9ylWUvTjr1uCdrs9YLTiuttaxqqhfo+d3wVONvDWVEXjQJePX3siKfeXstciHJFWf+0FKaDXuZJgvM3GVZ8lDGw2pwsheqmXzcye5czAxplorBqtT+1+kZMROtsrHaN/G56Bz5SFnhp4h512hlvojp3O9Fvb6YdouQ7a3CfCMiav+y9X/0c08z2hazY9i7pRSJOJCErcGdQvqtlGKBB3/fxuSu8ASDfwb/G6mInids/fwPyoAMwBQvmIOWQ8SB3uJDauVnHhQEtCRgIofvqoUjGzwnxCqlMgOEhE20jbCRARbJlEx/0/7KsHVLJZlsnH2/nJJAPz3VIb7pp4h7ZmTRpesL+A3WZDxtKnxacMS+XuEkdeCg3w2ySYQhgDt/4uA4OcGuAHRaoUdH9wqvQm1O6g+xWi2tjRMN6IiV1F2ynIWMxa439pk1bRe68xgqXVOyxbrkXEvFfAgcZ52LKogX409B7T7OMIFCMcXOyPxInxaBiBxlf20A5YSPujs6IUoJYQ2Ly/hylKa9NM0skUPtkVuWko=$TnqPp7VuRDmGjpn05wskdg==
date: Thu, 13 Jul 2023 15:17:45 GMT
content-encoding: br
server: cloudflare
content-type: text/html; charset=UTF-8
cf-ray: 7e627ea1fb9a37d1-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 704b6a665cd2c5b Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1736603172:1689257305:_RwuHZByq2IESQxALSX1QTo-OZ0jc-XO49MOA6JARN0/7e627e9939a835fa/ 2 KB
2 KB 25ms
24ms XHR
text/html 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1736603172:1689257305:_RwuHZByq2IESQxALSX1QTo-OZ0jc-XO49MOA6JARN0/7e627e9939a835fa/704b6a665cd2c5b

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627e9939a835fa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

420f4d82b713ef743bd25ff5bd8ae66ffffca065b5e7677fe168e2b1168684bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 704b6a665cd2c5b
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: jL4gPy/c+sq7ZszUIUbPpS0+OtGRtmUcZeQlg3tMXsLIcJAcFIb6zrQx9X0HG8q9DNK9sviJOjYEImJnBIAzKNQFtAV0Vz6uaY+AqcyKgYk=$f6py/JlVPpgW1CZLVmmIIQ==
cf-chl-out-s: JkQ5QeUY3KTkYe54KHTcZLG7c6exGa/Ai0u16rnbf0kN5TtVJo3eOqQoAoJ8ioDu9RDRTEhHwjyhapeEBKgqxkr0mr4aYsBGwy3HluWgxsmWWzY3L5lGnMRpR61eEhkvRaW/Ewffb5ZQC4muVSv1RQ==$rTKa7SL4oBreMvcJ/zlLFQ==
date: Thu, 13 Jul 2023 15:17:45 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/html; charset=UTF-8
cf-ray: 7e627ea24a8b1c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request / Show response
secure.winred.com/desantis/storefront/ 8 KB
5 KB 19ms
18ms Document
text/html 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627e9939a835fa

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2714bc1abd8e901e89dfbb9517cc7ead631fec1c76deb12c88cbca34cec6be9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7e627eaefc741c40-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 13 Jul 2023 15:17:48 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 challenges.css
secure.winred.com/cdn-cgi/styles/ 6 KB
3 KB 10ms
10ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/styles/challenges.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 16:27:41 GMT
server: cloudflare
etag: W/"64ad82fd-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7e627eaf2cba1c40-FRA
expires: Thu, 13 Jul 2023 17:17:48 GMT

GET
H3 200 v1 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 171 KB
59 KB 46ms
45ms Script
application/javascript 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627eaefc741c40

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7d5973379f9769143e0eb979a2cb85f793412ccc218f93c688e88db2e0e02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na&__cf_chl_rt_tk=Vw2XCMw4SaAdXyFJec56IfVusdFrCnPfukg4qmlHaiM-1689261467-0-gaNycGzNC3s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:48 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7e627eaf4cd51c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/ 21 KB
8 KB 32ms
31ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627eaefc741c40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424e559af5e00bc52620121e3151801600218fbd7dcce105b5ed2838ae32758d

Request headers

Referer
Origin: https://secure.winred.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:48 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e627eafcba52bc9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
secure.winred.com/ 7 KB
7 KB 21ms
20ms Image
text/html 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/favicon.ico

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42f9d86f9c30ad3d3fb46f881e8faaaddd0bc8fbb4da7b836e168b0e5c9ef78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:48 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7e627eafcdc21c40-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK e7676418-537c-4a6c-8739-0dfc582f160a
https://secure.winred.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.winred.com/e7676418-537c-4a6c-8739-0dfc582f160a
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 679b262ae3dd687 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1148796067:1689257216:R_jKGkVrq3fLYVnf1u4BaovA1r9x9oaKXkpHHMp5oPY/7e627eaefc741c40/ 9 KB
8 KB 27ms
26ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1148796067:1689257216:R_jKGkVrq3fLYVnf1u4BaovA1r9x9oaKXkpHHMp5oPY/7e627eaefc741c40/679b262ae3dd687

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7e627eaefc741c40

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7458235b619414e7927b6ff2846a6316092f1b87cc08d6f1cd221718ca2869ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 679b262ae3dd687
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Jul 2023 15:17:48 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=H5daHVeJ0zRdC_ar_OEtyt4wCl_Y9LjOxdq29dfJgzY-1689261468-0-AX5w9lXJzB_CaddRcRzCrSU_XcgXPMPZ1gxn281vsOocVemNn4EIVMJwELJrj69EGidLRM2bU3MnHgHOx2GEkUVHEs6ru8HmjpDDupX-HFIGu9vUxjwbpi6fhwC93pG0sNFh8pgU6j7o_wfJUpplBpvLOGiVOfeSinB7bGJzqo8Fy0kHPz12rt_tDeVpx8jiRw; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=H5daHVeJ0zRdC_ar_OEtyt4wCl_Y9LjOxdq29dfJgzY-1689261468-0-AX5w9lXJzB_CaddRcRzCrSU_XcgXPMPZ1gxn281vsOocVemNn4EIVMJwELJrj69EGidLRM2bU3MnHgHOx2GEkUVHEs6ru8HmjpDDupX-HFIGu9vUxjwbpi6fhwC93pG0sNFh8pgU6j7o_wfJUpplBpvLOGiVOfeSinB7bGJzqo8Fy0kHPz12rt_tDeVpx8jiRw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/plain; charset=UTF-8
cf-ray: 7e627eb06ea71c40-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: flUmLKb3EtG4XdzEoda4TZab/AfE6V1s56iGda2L56K2DqTEA9x4h6uorVhAWlIH$zhMQ1MVX1jt//75F6BYMEA==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame D594 24 KB
7 KB 27ms
26ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d422c37a8037f6c0455b1a09a6022edfcea46c6ccc0b796aefe8bc8087ab03eb

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e627eb19d3437d1-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 15:17:48 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame D594 168 KB
59 KB 19ms
19ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e627eb19d3437d1
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 390efb918ee4bbad48e1f2991bfd1c8e6000159fc6b92c952bfc54c9f46881b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:48 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e627eb22e3c37d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 4781c1c6-d0e4-4e1f-b9b6-3623a3a363d5
https://challenges.cloudflare.com/ Frame D594 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/4781c1c6-d0e4-4e1f-b9b6-3623a3a363d5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 cb90912de31716d Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1998211290:1689257355:xZAmVxN8dTHWSzHYl_uWOmYP-R4jLnpnSJnkeA-BgPg/7e627eb19d3437d1/ Frame D594 69 KB
52 KB 55ms
54ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1998211290:1689257355:xZAmVxN8dTHWSzHYl_uWOmYP-R4jLnpnSJnkeA-BgPg/7e627eb19d3437d1/cb90912de31716d
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e627eb19d3437d1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4269f6c68e6d6373b9908c6be2e9ed89a1dfa79eacac686eab26ac50bc5c5ef9

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: cb90912de31716d
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: frzkFvdrW2DW3nQ40dD4M2VBMrcZd9hiaVVyv5D+9hRV8D6UCI5C3946m+98DuuqtIVAfje4WmUkH4aVGzjQUh8u+NT7cR5E/icMxLtQYpumWky1kQ5/gvQtLt01qXK80Eh4um8EebT3nMZOfFSiBruKKWFus+wmYFS1isc1UZyRUhSuT8O2q3EGHXEbcZGQ2R1KeOIT5w9LwMPwmEdBoJEvcl9Ihj8j+b6IgXqdtM8DQnQjj9vALs+eIqGVp3qA6woMVKkEWNQe/ORjhzG87b6c7dX4+uYPHpd9P2qF7rP8fn3uchFtwxa8sA9qvNRCHixGePtdVCNINTvPn4KBDw==$Uh8wNIpIF8pFVDWlI1nTNQ==
date: Thu, 13 Jul 2023 15:17:48 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e627eb3e8ec37d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 401 7gPoZDXC9vlgcuR Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e627eb19d3437d1/1689261468805/3e49e87e9786be4ede809c3f60eb04d051fc44b0047b949c9178ff612e013a15/ Frame D594 1 B
630 B 21ms
21ms Fetch
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e627eb19d3437d1/1689261468805/3e49e87e9786be4ede809c3f60eb04d051fc44b0047b949c9178ff612e013a15/7gPoZDXC9vlgcuR
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e627eb19d3437d1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:49 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gPknofpeGvk7egJw_YOsE0FH8RLAEe5SckXj_YS4BOhUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAud1722XPCRhYoOIgf36fG5iXSHxfxHUZKz73wnLpMfitU52MrdnNWcrUVkTbnKzyTm0Eu_xxsnRjrrlfx2IsTXnr-s9e4Pcc4HcvRmkMrw3XF39qe1KQIdVCNdNafkz1J0NrctkXi1FQqBHTVhXwGwC9x1OMaJtOuArK5reikVOEOgLbWuDDVKss9TLXqQd0QKZ3UYgzMOidVGZVWwLRZPtrpaduttH1XIUQsUYGRSQt1IHvLpdLLtAA_pm8eFdjSqYgDy2JHY6bJpQgMP2umteUDyWEme_zpnYdR3fNYKWlOYCDaqI0yUEt8n1t3xi5BDAJ6Negpkd6impWYjHWQQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7e627eb5fbc137d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 RcoJpIkqYAotPZD
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e627eb19d3437d1/1689261468806/ Frame D594 61 B
148 B 17ms
16ms Image
image/png 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e627eb19d3437d1/1689261468806/RcoJpIkqYAotPZD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8a6mw/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:17:49 GMT
server: cloudflare
cf-ray: 7e627eb74df937d1-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.donatetorondesantis.com/	1970-01-20 13:15:47	Name: iterableEmailCampaignId Value: 7032975
.donatetorondesantis.com/	1970-01-20 13:15:47	Name: iterableTemplateId Value: 9393756
.donatetorondesantis.com/	1970-01-20 13:15:47	Name: iterableMessageId Value: d16d2d4092014373afba588258243410
.donatetorondesantis.com/	1970-01-20 21:59:57	Name: iterableEndUserId Value: jcaston%40pbcgov.org
links.donatetorondesantis.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: cbd135d03a142e08bd586088c7891ece898e4da8-1689261464384-99669362699b292a7c10a4bc
.secure.winred.com/	1970-01-20 13:14:23	Name: __cf_bm Value: XW4qjrJ05h.g0n6gY8JEqCV8ALpUcswsaqTeStdvYNM-1689261464-0-AfdeXW2zE7YJZDdCced+2sEPou6L9ljt2LOOClpidn1PvLSYr+IDqqv9D+oSkXv299GoODxY6IftnAQiBUBujNg=
secure.winred.com/	1970-01-20 13:14:25	Name: cf_chl_rc_ni Value: 1
secure.winred.com/	1970-01-20 13:14:25	Name: cf_chl_2 Value: 679b262ae3dd687

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.winred.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit Message: Unrecognized origin: 'fullscreen'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e627e9b38f137d1/1689261465082/886f0bcec929ae92f4ee14a0b0b28ffcaf7d2dd08cf797ac5a6279c76f820167/L45Ln2RlOCQ-wuX Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://secure.winred.com/desantis/storefront/?utm_source=hs_it&utm_medium=em_hf&utm_campaign=2023-06-09_shopthestoreit_store_aud0093_em0073_lp0047_tds_9375166_na Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.winred.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://challenges.cloudflare.com/turnstile/v0/g/f5fedcf7/api.js?onload=SP6&render=explicit Message: Unrecognized origin: 'fullscreen'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e627eb19d3437d1/1689261468805/3e49e87e9786be4ede809c3f60eb04d051fc44b0047b949c9178ff612e013a15/7gPoZDXC9vlgcuR Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
links.donatetorondesantis.com
secure.winred.com
2606:4700::6811:3b8
2606:4700::6813:d459
3.219.81.88
1e1ae7f58d3c58d254d4cd41cee2ddacef3c052a569098f032d297e9822745a6
2714bc1abd8e901e89dfbb9517cc7ead631fec1c76deb12c88cbca34cec6be9c
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
390efb918ee4bbad48e1f2991bfd1c8e6000159fc6b92c952bfc54c9f46881b9
420f4d82b713ef743bd25ff5bd8ae66ffffca065b5e7677fe168e2b1168684bf
424e559af5e00bc52620121e3151801600218fbd7dcce105b5ed2838ae32758d
4269f6c68e6d6373b9908c6be2e9ed89a1dfa79eacac686eab26ac50bc5c5ef9
42f9d86f9c30ad3d3fb46f881e8faaaddd0bc8fbb4da7b836e168b0e5c9ef78b
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7458235b619414e7927b6ff2846a6316092f1b87cc08d6f1cd221718ca2869ea
7a22364e198386d271882d973a2474fadc8ab365f91e8c1cd15788f89ceaf3a6
7bd35e65d32dd064ff9897db253e6673d4ea89df9d84b69c2f30a25bb67a1b68
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
a180aeaf3d3729385ccbd06752bc3ba03767283e32a9b960095e34d6c08ec890
b24a1b951a10685f3e6e50837c184305066a8f8613236a17421329fc7adbecbd
b8c933a056c88a044b8b2f8e8bc7da65ddef78daba0c6d31a4faa4d8eb500608
b9517a4f4c88b7926bb6a8c0f09e7dc16f2ad03467433670b911b36ec146f967
c0395d77b34eec816c243314e29d00308914a330626ac4a1472c79476f63f5c6
c93970ff6c445085a1db9117163b969f43161f3491746a91f637c588eb145658
d422c37a8037f6c0455b1a09a6022edfcea46c6ccc0b796aefe8bc8087ab03eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb7d5973379f9769143e0eb979a2cb85f793412ccc218f93c688e88db2e0e02c
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

secure.winred.com Open in urlscan Pro 2606:4700::6813:d459 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

29 Requests

83 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

426 kBTransfer

976 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

83 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

426 kB
Transfer

976 kB
Size

8
Cookies

29 HTTP transactions
2 data transactions