Submitted URL: https://securelink.gop/IefGY9wLL
Effective URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Submission: On November 07 via api from BE — Scanned from US

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 43 HTTP transactions. The main IP is 2606:4700::6813:d459, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 25011.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 winred.com
secure.winred.com — Cisco Umbrella Rank: 25011
gtm.winred.com — Cisco Umbrella Rank: 136378
200 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
7 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
23 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
320 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 445
234 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
557 B
3 cloudfront.net
d35ligi1n5bgzc.cloudfront.net
152 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
908 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
74 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
165 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 prompt.io
env0.prompt.io
282 B
1 securelink.gop
securelink.gop
453 B
43 13
Domain Requested by
10 secure.winred.com 2 redirects secure.winred.com
static.cloudflareinsights.com
6 www.facebook.com secure.winred.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
secure.winred.com
4 www.googletagmanager.com secure.winred.com
www.googletagmanager.com
4 maps.googleapis.com secure.winred.com
maps.googleapis.com
3 gtm.winred.com www.googletagmanager.com
3 d35ligi1n5bgzc.cloudfront.net secure.winred.com
2 analytics.google.com secure.winred.com
2 stats.g.doubleclick.net www.google-analytics.com
secure.winred.com
2 connect.facebook.net secure.winred.com
connect.facebook.net
2 js.stripe.com secure.winred.com
js.stripe.com
1 www.google.com www.googletagmanager.com
1 static.cloudflareinsights.com secure.winred.com
1 env0.prompt.io 1 redirects
1 securelink.gop 1 redirects
43 15

This site contains links to these domains. Also see Links.

Domain
stevegarvey.com
winred.com
Subject Issuer Validity Valid
secure.winred.com
Cloudflare Inc ECC CA-3
2024-01-22 -
2024-12-31
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-10-30 -
2025-02-06
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-16 -
2024-11-14
3 months crt.sh
winred.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 4 frames:

Primary Page: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Frame ID: 488DF9C1BB2539821EFBCD3DB6D845A4
Requests: 39 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ccb741a09fd3/main.js
Frame ID: 273A4A97BAA9540DB0473628EE98D720
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsecure.winred.com
Frame ID: 663E2AF46DF50C0D148064FCD20C1853
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: D7FFD586ACE45704E5B428AF4CEEC4DC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Donate today!

Page URL History Show full URLs

  1. https://securelink.gop/IefGY9wLL HTTP 301
    https://env0.prompt.io/rest/1.0/smart_links/redirect/IefGY9wLL HTTP 303
    https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe?utm_source=BDG-REV&utm_medium=p2... HTTP 302
    https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

43
Requests

98 %
HTTPS

75 %
IPv6

13
Domains

15
Subdomains

14
IPs

1
Countries

1182 kB
Transfer

3938 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://securelink.gop/IefGY9wLL HTTP 301
    https://env0.prompt.io/rest/1.0/smart_links/redirect/IefGY9wLL HTTP 303
    https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe?utm_source=BDG-REV&utm_medium=p2p&utm_campaign=20241028_BDG_SGCA_SM_REV_BMT-BMT HTTP 302
    https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ccb741a09fd3/main.js

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request preview
secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/
Redirect Chain
  • https://securelink.gop/IefGY9wLL
  • https://env0.prompt.io/rest/1.0/smart_links/redirect/IefGY9wLL
  • https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe?utm_source=BDG-REV&utm_medium=p2p&utm_campaign=20241028_BDG_SGCA_SM_REV_BMT-BMT
  • https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
19 KB
7 KB
Document
General
Full URL
https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77c9dff95c1d31f3c06e5207172e59841b9efee71a86dcc4e7eb408390c8266
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900, s-maxage=900
cf-cache-status
DYNAMIC
cf-ray
8dee5e967fc841b5-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 15:31:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-rack-cors
miss; no-origin
x-request-id
d1a34d2e-184e-4aad-ab87-dbec57e5decf
x-revv-cf-cache-status
MISS
x-runtime
0.233778
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900, s-maxage=900
cf-cache-status
DYNAMIC
cf-ray
8dee5e936c7f41b5-EWR
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 15:31:17 GMT
location
https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-rack-cors
miss; no-origin
x-request-id
084af588-c16a-4e8e-aa3f-d3101ab4e3b5
x-revv-cf-cache-status
MISS
x-runtime
0.058651
x-xss-protection
1; mode=block
/
js.stripe.com/v3/
684 KB
165 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
41da751d66f5e9d67513bc0ed38fcc5d9b5e27b102efc8a1f46fa0448b253922
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-request-id
aac9e3e8-8324-4fc3-804a-9956cd2dd25d
content-encoding
br
etag
"d953c146aa61778717009e4ac31efb7c"
age
57
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 07 Nov 2024 15:31:18 GMT
last-modified
Thu, 07 Nov 2024 00:57:07 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-lga21922-LGA
x-cache-hits
55
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
168468
server
Fastly
landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
secure.winred.com/assets/
223 KB
34 KB
Stylesheet
General
Full URL
https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0d589e3ee739618497567fffac3f6955"
age
3169
x-amz-version-id
D2DwqyBLy6zvaIoaXr4.652u.C9cECqD
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 19:31:18 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:18 GMT
content-type
text/css
last-modified
Sat, 02 Nov 2024 01:19:12 GMT
vary
Accept-Encoding
x-amz-id-2
vlcubVvlm2VtTe0zNm9dX4nhOOm/IUoEWPCjXVmwdxbYICzIY322n7ovJnHpI3cbzsdj2NxPdMk=
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=14400
cf-ray
8dee5e995b0841b5-EWR
x-amz-request-id
H8QNR3B7G7CKARF5
server
cloudflare
1730155747.css
secure.winred.com/stylesheets/rv_page_01jba0vb03vxtjts0veej0kkyf/
9 KB
3 KB
Stylesheet
General
Full URL
https://secure.winred.com/stylesheets/rv_page_01jba0vb03vxtjts0veej0kkyf/1730155747.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f4ceb5e7f66a7393aa318443fb716f911f61a4550bf08f3592c7ed89559a10
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview

Response headers

x-request-id
a692cff7-3a03-41a5-8145-b96e033946f2
content-encoding
gzip
cf-cache-status
HIT
age
2303
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 21:20:30 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:18 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 01 Nov 2024 00:37:51 GMT
vary
Accept-Encoding
x-runtime
0.053691
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=31556952
x-rack-cors
miss; no-origin
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8dee5e995b0a41b5-EWR
x-xss-protection
1; mode=block
server
cloudflare
js
maps.googleapis.com/maps/api/
384 KB
121 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
cbaa39d690682c8a091914cb5e3d5cd0bb86790159462fb5adbc864b043780f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
bf5e51b9
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122977
date
Thu, 07 Nov 2024 15:31:19 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js
secure.winred.com/assets/
492 KB
139 KB
Script
General
Full URL
https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e75fd1678f79abd85c65c4549db07868"
age
4752
x-amz-version-id
AKYKbeAXl92hpo15FpubXj3OCfb.qIfh
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 19:31:18 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:18 GMT
content-type
application/javascript
last-modified
Sat, 02 Nov 2024 01:19:07 GMT
vary
Accept-Encoding
x-amz-id-2
mZWRzkLk+A5Ih6VRcLEX2SfoifutjTPkSZs7bg8PaV1ASbBzWQKAwW6nZyhN7x7JTx8Lw66MJ7o=
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=14400
cf-ray
8dee5e995b0c41b5-EWR
x-amz-request-id
CA6GPE9ZDYP6TDTA
server
cloudflare
SG_Logo_MobileHeader_WhiteBG.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/813/173/large/
10 KB
11 KB
Image
General
Full URL
https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/813/173/large/SG_Logo_MobileHeader_WhiteBG.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:9800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc3336dd5d35c90d1186d534cd012c28a1dfb65ccac9a867a832db162131c1d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
xgVSAGCT.JOCtfYo1iclK2Ib3MjtAmpV
etag
"3a5db93ba0fac8a091e310e3b923a122"
age
12031
via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
10661
x-amz-cf-id
LBjwYZuUGvNfwaF965XgXrKadeVdigwxm2Y66D5d1XC00Da22-EEeQ==
date
Thu, 07 Nov 2024 12:10:48 GMT
content-type
image/png
last-modified
Fri, 22 Dec 2023 19:16:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/
19 KB
7 KB
Image
General
Full URL
https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"d31530d4186af669daf4f47099614593"
age
3014
x-amz-version-id
f4pEcXiD8ytcKkhv6Jg8V_T5YyE04Z7F
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 19:31:18 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:18 GMT
content-type
image/svg+xml
last-modified
Sat, 02 Nov 2024 01:19:14 GMT
vary
Accept-Encoding
x-amz-id-2
j+n8sc6yBOSbNY1WWoK8we0pA58Rd9/RTFgIGcd60x7hS35bSjVtABVnjxqkDraSdqxM7v7dzu4=
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=14400
cf-ray
8dee5e995b0d41b5-EWR
x-amz-request-id
0R58VQ1AKC7E5YBS
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://secure.winred.com
Referer
https://secure.winred.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8dee5e9e7e640ce9-EWR
access-control-allow-origin
*
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/
506 KB
117 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27dbaab69f0d01d9bc7aab5bb4d37043371221c16fd78bcd5f2c9a77154862f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 07 Nov 2024 15:31:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 07 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
119261
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
219 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTKM2WZB
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb87f3a9a669b0e7437bd8318bb069fdc781803a8328dea86ee06180151a81f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 07 Nov 2024 15:31:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 07 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78445
x-xss-protection
0
server
Google Tag Manager
garvey.jpeg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/773/722/large/
139 KB
139 KB
Image
General
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/773/722/large/garvey.jpeg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01jba0vb03vxtjts0veej0kkyf/1730155747.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:9800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
760dbd247da466977a318534309ca9f5a4ad3873d560f0d133cfc0ade2c53457

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
6kAAnvRIFo3y33Pb9nqVGDI7PRMllb5F
etag
"01535e6430012689fb08019fe3a58c21"
age
70990
via
1.1 f5b6caeff9422ffe5c739ff6cf167922.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
142223
x-amz-cf-id
EiwnXcO7s0HjBwQRSDSYyes5IhMdTXDRAuzYyDrq2MlvtDorakXtWw==
date
Wed, 06 Nov 2024 19:48:08 GMT
content-type
image/jpeg
last-modified
Mon, 06 Nov 2023 17:29:39 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
main.js
secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ccb741a09fd3/ Frame 273A
Redirect Chain
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ccb741a09fd3/main.js?
8 KB
4 KB
Script
General
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ccb741a09fd3/main.js?
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0708bc50c2f804470dfc3de7b3c6d93ef91ef31d9f9147092730947879d6e2fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8dee5e9ee92441b5-EWR
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ccb741a09fd3/main.js?
x-content-type-options
nosniff
cf-ray
8dee5e9eb8e641b5-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 07 Nov 2024 15:31:19 GMT
vary
Accept-Encoding
server
cloudflare
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Thu, 07 Nov 2024 15:31:19 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
386 KB
126 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38afa3c97f1dbabc31cd9dc0c5b72065efe686747068359b498860b569f0b78c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 07 Nov 2024 15:31:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
129075
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&scrsrc=www.googletagmanager.com&frm=0&rnd=1870453521.1730993480&auid=1044843166.1730993480&npa=0&gtm=45He4au0v72410129za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629&tft=1730993479552&tfd=3727&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::93 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
gzip
age
580
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 17:21:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:21:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 663E
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsecure.winred.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
511557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 17:25:22 GMT
expires
Sat, 01 Nov 2025 17:25:22 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-vNpEitby' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-vNpEitby' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4456, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
4N1imoyMFKtGnb0oHj8vHZ738t+tmCpmcqQMhWUXep7KTaWigZzKKK+4jKg6dWoeTMHf6G67NeXnFdHsmuEd4g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
8dee5e967fc841b5
secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 273A
0
704 B
XHR
General
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/8dee5e967fc841b5
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-ray
8dee5ea04a9f41b5-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
collect
gtm.winred.com/g/
626 B
1 KB
XHR
General
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4au0v867905447z872410129za200zb72410129&_p=1730993478634&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=1140748632.1730993480&ecid=131196836&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1730993478634&sst.ude=0&_s=1&sid=1730993479&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&dt=Donate%20today!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe&epn.load_time_sec=-1730993475.8&epn.event_fire_time=1730993479533&ep.event_uuid=dbca3bd3-02e3-4d85-9d0b-4e3754c228f3&ep.isVideoPage=f&ep.referrer=&tfd=3949&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:e434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c5504a0be093ef2208b0ca5644ab39b0254481590908e4015bd47b32320ab8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
no-cache
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
8dee5ea0b89c4229-EWR
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain
vary
Accept-Encoding
server
cloudflare
collect
gtm.winred.com/g/
702 B
2 KB
XHR
General
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4au0v867905447z872410129za200zb72410129&_p=1730993478634&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=1140748632.1730993480&ecid=131196836&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1730993478634&sst.ude=0&_s=2&cu=USD&sid=1730993479&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&dt=Donate%20today!&en=purchase&_c=1&pr1=idrv_acct_ByKJFhYQhhfDyxBPhHuExi2Q~nmWinRed%20Donation~caWinRed~qt1&ep.pagepath=%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe&epn.load_time_sec=-1730993475.8&epn.event_fire_time=1730993479564&ep.event_uuid=263c9102-871b-45e6-91f3-d45c37776feb&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=purchase&ep.label=Donate%20today!&ep.donationRecurring=f&ep.splitDonation=f&ep.paymentMethod=Used%20Stored%20Credit%20Card&ep.Merchandise=f&ep.usercategory=temporary%20profile&_et=5&tfd=3956&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:e434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe704450e3c034e266a4d73ec71eb4f84c9bf84fc396a363309ddd7f4f503a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=czHsfVdMV3JfYpfZmQhw.LBD7Q_aGfO6NSxe2VW38i8-1730993479-1.0.1.1-hb0aceIferkPJuUXvuT2ADfOQLSvYWFF9M49HZKTxwV0zS9gUbzoEYTTG544MtZURmBAnhSmNfTE94y1M7Ll7EbvCxhdc2ub9WOK6h3XBRH1qoNnOCpb27tkn6lApCpMqN98g_G0e4agAyuQFTvdrQ"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
no-cache
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=czHsfVdMV3JfYpfZmQhw.LBD7Q_aGfO6NSxe2VW38i8-1730993479-1.0.1.1-hb0aceIferkPJuUXvuT2ADfOQLSvYWFF9M49HZKTxwV0zS9gUbzoEYTTG544MtZURmBAnhSmNfTE94y1M7Ll7EbvCxhdc2ub9WOK6h3XBRH1qoNnOCpb27tkn6lApCpMqN98g_G0e4agAyuQFTvdrQ; report-to cf-csp-endpoint
via
1.1 google
cf-ray
8dee5ea0c8a14229-EWR
access-control-allow-origin
https://secure.winred.com
server
cloudflare
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
age
1235
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 16:10:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:10:44 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/
3 B
422 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2066220134&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&ul=en-us&de=UTF-8&dt=Donate%20today!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEALBAAAACAEK~&jid=590283400&gjid=2124297656&cid=1140748632.1730993480&tid=UA-73658561-7&_gid=1091913641.1730993480&_slc=1&gtm=45He4au0n71NTQZ9Nv72410129za200&cd61=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629&z=1926218943
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://secure.winred.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:19 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://secure.winred.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/
1 B
647 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=1140748632.1730993480&jid=590283400&gjid=2124297656&_gid=1091913641.1730993480&_u=YCDAiEALBAAAAGAEK~&z=2125869125
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://secure.winred.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:19 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://secure.winred.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
1910579086031044
connect.facebook.net/signals/config/
68 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1910579086031044?v=2.9.176&r=stable&domain=secure.winred.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dec87765b79b04e0392a165607ecbfb06ca77117102c91d3441a27b45fc3719a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-u7UteL04' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-u7UteL04' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=77, mss=1232, tbw=70853, tp=68, tpl=0, uplat=76, ullat=0
pragma
public
x-fb-debug
uYQhJztOyjfBEqV8TKJMgFQyokBuxuHU/wqhD2y8jUUyByELj9yJXG5ZwnG+kAYZ4S52kKGom8iydio72AhEXg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2066220134&t=event&ni=0&cu=USD&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&ul=en-us&de=UTF-8&dt=Donate%20today!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=purchase&el=Donate%20today!&_u=aCDAiEALBAAAAGAMK~&jid=&gjid=&cid=1140748632.1730993480&tid=UA-73658561-7&_gid=1091913641.1730993480&gtm=45He4au0n71NTQZ9Nv72410129za200&cd12=f&cd41=temporary%20profile&cd46=f&cd51=Used%20Stored%20Credit%20Card&cd55=f&cd61=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629&ta=WinRed&pa=purchase&pr1id=rv_acct_ByKJFhYQhhfDyxBPhHuExi2Q&pr1nm=WinRed%20Donation&pr1ca=WinRed&pr1qt=1&z=470890734
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

age
2939
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 14:42:20 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1910579086031044&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&rl=&if=false&ts=1730993479938&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730993479936.567384160780469426&ler=empty&cdl=API_unavailable&it=1730993479818&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1328, tbw=3010, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
850 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1910579086031044&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&rl=&if=false&ts=1730993479938&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730993479936.567384160780469426&ler=empty&cdl=API_unavailable&it=1730993479818&coo=false&rqm=FGET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434560387626951609"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:20 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
YBMEZNvRfRuoTb4KyygB3xan3JQgR6Wd3ECwpFixUuEnjVlUGSRIOx2sXjgyQ6vukrwzh7rr2H2NppImSSUpxQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434560387626951609", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=18, mss=1328, tbw=9161, tp=-1, tpl=-1, uplat=192, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
103 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1910579086031044&ev=Purchase&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&rl=&if=false&ts=1730993479941&cd[currency]=USD&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1730993479936.567384160780469426&ler=empty&cdl=API_unavailable&it=1730993479818&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1328, tbw=3297, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
5 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1910579086031044&ev=Purchase&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&rl=&if=false&ts=1730993479941&cd[currency]=USD&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1730993479936.567384160780469426&ler=empty&cdl=API_unavailable&it=1730993479818&coo=false&rqm=FGET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434560387378234247"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:20 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434560387378234247", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
uBFBu5LqlZkFMbp5suItGUqnCnQcZ/FoYfz2o/w2Dy7LJ9QPypWu+8DvrU3XaxmegAiD6aoSKB4BE4XdMQq+Xw==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=18, mss=1328, tbw=3485, tp=-1, tpl=-1, uplat=131, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1910579086031044&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&rl=&if=false&ts=1730993479942&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=4126&fbp=fb.1.1730993479936.567384160780469426&ler=empty&cdl=API_unavailable&it=1730993479818&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1328, tbw=3297, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
845 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1910579086031044&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&rl=&if=false&ts=1730993479942&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=4126&fbp=fb.1.1730993479936.567384160780469426&ler=empty&cdl=API_unavailable&it=1730993479818&coo=false&rqm=FGET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434560387117600389"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:20 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
x07h239uM2Nsc7Y4PAOlk4sOXoEfM/U7yd0KeyrdcAa/p+fKq2sGbBezMlcCBXFi0ApQtcZAO7TRqwsvBH9/zg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434560387117600389", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=18, mss=1328, tbw=8294, tp=-1, tpl=-1, uplat=140, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
analytics.google.com/g/s/
0
510 B
Image
General
Full URL
https://analytics.google.com/g/s/collect?dma=0&npa=0&gcd=13l3l3l3l1l1&gtm=45j91e4av1h1v867905447z872410129z9867900975za200zb72410129&tag_exp=101823848~101925629&_gsid=X6H0114PDFLbBTw8Zr6UMDb_N0-Gb6Jw
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
261 B
Image
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-X6H0114PDF&cid=dBiIPZzIX0mJ4P%2BPhv8W6ukFNhJskdiU2QNYNQ3BgvQ%3D.1730993480&gtm=45j91e4av1h1v867905447z872410129z9867900975za200zb72410129&tag_exp=101823848~101925629&aip=1
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:19 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/s/
0
47 B
Image
General
Full URL
https://analytics.google.com/g/s/collect?dma=0&npa=0&gcd=13l3l3l3l1l1&gtm=45j91e4av1v867905447z872410129z9867900975za200zb72410129&tag_exp=101823848~101925629&_gsid=X6H0114PDFPRnbJEEcg9C6p6UycxQPWw
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 15:31:20 GMT
content-type
text/plain
server
Golfe2
register-conversion
www.google-analytics.com/privacy-sandbox/
0
22 B
Image
General
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=dBiIPZzIX0mJ4P%2BPhv8W6ukFNhJskdiU2QNYNQ3BgvQ%3D.1730993480&dbk=17422342086265757687&dma=0&en=purchase&gtm=45j91e4av1v867905447z872410129z9867900975za200zb72410129&npa=0&tid=G-X6H0114PDF&dl=https%3A%2F%2Fsecure.winred.com%3F
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
attribution-reporting-info
preferred-platform=os
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger
"https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=dBiIPZzIX0mJ4P%2BPhv8W6ukFNhJskdiU2QNYNQ3BgvQ%3D.1730993480&dbk=17422342086265757687&dma=0&en=purchase&gtm=45j91e4av1v867905447z872410129z9867900975za200zb72410129&npa=0&tid=G-X6H0114PDF&dl=https%3A%2F%2Fsecure.winred.com%3F"
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x6786b02831a7e930","source_keys":["1"]},{"key_piece":"0xd5054c9dbe1b7842","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"17422342086265757687","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["919193553"],"5":["11-07","11-06","11-05"]}}
date
Thu, 07 Nov 2024 15:31:20 GMT
content-type
text/plain
server
Golfe2
rum
secure.winred.com/cdn-cgi/
0
142 B
XHR
General
Full URL
https://secure.winred.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://secure.winred.com/steve-garvey-for-us-senate/bmt664850e302bfe/thank-you/preview

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8dee5ea33dcc41b5-EWR
access-control-allow-origin
https://secure.winred.com
date
Thu, 07 Nov 2024 15:31:20 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/
1 KB
2 KB
Other
General
Full URL
https://d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26fa:9800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
FN8PLjpE4LnyaM50_d0emgSd0vAz496F
age
63341
etag
"7b9c8b7070c8f9c81fc9a133d26daf4e"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
gv968M8TKyuSnEwnBkFqQ3hMG3CJhKEpu0BrIIXHz_0eTaOKq9AcHQ==
date
Wed, 06 Nov 2024 21:55:40 GMT
content-type
image/png
vary
accept-encoding
last-modified
Wed, 10 Jul 2019 18:21:57 GMT
via
1.1 78a5d96d9c348edf8a3fca2ba77f8e64.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1512
x-amz-cf-pop
JFK52-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
gtm.winred.com/g/
65 B
387 B
XHR
General
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4au0v867905447z872410129za200zb72410129&_p=1730993478634&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=1140748632.1730993480&ecid=131196836&ul=en-us&sr=1600x1200&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1730993478634&sst.ude=0&_s=3&cu=USD&sid=1730993479&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&dt=Donate%20today!&en=page_load_time_event&ep.pagepath=%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe%2Fthank-you%2Fpreview&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fsteve-garvey-for-us-senate%2Fbmt664850e302bfe&epn.load_time_sec=4.4&epn.event_fire_time=1730993480198&ep.event_uuid=fea73065-be75-47fd-aba5-dee243b8c202&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=purchase&ep.label=Donate%20today!&ep.donationRecurring=f&ep.splitDonation=f&ep.paymentMethod=Used%20Stored%20Credit%20Card&ep.Merchandise=f&ep.usercategory=temporary%20profile&epn.loading_time_sec_on_window_load=4.37&_et=421&tfd=4879&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:e434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
no-cache
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
8dee5ea678b14229-EWR
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 15:31:20 GMT
content-type
text/plain
vary
Accept-Encoding
server
cloudflare
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame D7FF
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.31 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
269
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 15:26:56 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 01 Nov 2024 20:54:53 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 876bec0443fc8f764d98d36e203f84e0.cloudfront.net (CloudFront)
x-amz-cf-id
q3w5MAa9bdZfOe2BFXo4QEvBAdsVF0DV17BI2l-fRjLas44qmIwJPQ==
x-amz-cf-pop
JFK52-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
common.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/
267 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
age
81003
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 17:01:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 17:01:21 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56823
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/
191 KB
58 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
age
80993
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 17:01:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 17:01:31 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
59447
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer boolean| isWinRed string| app_platform object| webpackChunkStripeJSouter function| noop function| Stripe function| $ function| jQuery object| jQuery112406421803999059545 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass object| bioEp function| Cookies object| App object| picturefillCFG function| picturefill object| party function| UAParser function| gm_authFailure object| candidates string| affiliation string| userCategory string| label string| recurring string| moneyPledge string| splitDonation string| merchandise string| obj_name string| video_page object| antiClickjack object| __cfBeacon function| landingPageFormSubmitRecaptchaSuccess function| landingPageFormSubmitRecaptchaError object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

15 Cookies

Domain/Path Name / Value
.secure.winred.com/ Name: __cf_bm
Value: 0MwRq.6tfh_Sqduda2YINGr7PjqqMOJdNMsnSXrV6Bg-1730993477-1.0.1.1-srcoYyozZFKPKDLjuyricTD8dGmlOGC0MNNvJs1aN_pN_w8OnrJD7kb_fM9cFMSg.6ytjy3oICiY4VwGmx9UGw
secure.winred.com/ Name: __production_revv_csrftoken
Value: 1730993478%7Ci6vns%2FgTdjETgKwb5WfRZSOqH0htuRipHGBSLqFn%2FA4%3D%7CC4melTx4U3fDsNGLINqNI6vEtuRPHPdiVhCTEhNOjOM%3D
.winred.com/ Name: _revv_v3_session
Value: Zms5cExiVXBtcTBVamVhYmozVjIydFl2eHIzb3hTZW1aeTJIVm4yTWo4Qmorb2svUW9XTDFreStla2todFowczB3MGpIYkQ2UFo3bEtHa0FEcWdyU3dyV2taRHIvNmwzakc1K0V1N1RaQy9xaDFHeGd5R2NReGhVZVU5amlDdml0NTNzeXN2ckw1djZ6eHRqaEZRN1B6bTdmVEZUM091WmM3ejZWOUdhOTM2TGI3S2Foc050bEhXK1FETWVJYWZuMjVmVkQ4RWV5Vkk1MDNIQzhXYXNDYWtNSU5ZT1VuZHJZNGdVQ1hCOCtrcXZqMXdZNGNOQnRnY253elQxN3h6eC9MVWpDS3BRWG5JMDNkczVPKzBFQ3VKaFlJeFgxTFU2cFZyOUMvMTUrTTA9LS04QlFkYVFILzRYSWJzNE5JNm5qRXF3PT0%3D--e23f4c80ec0e6ca0ec68195171ad4bc4a45c31be
.winred.com/ Name: _gcl_au
Value: 1.1.1044843166.1730993480
.secure.winred.com/ Name: cf_clearance
Value: 5BVPUQIt3gVAWSuslE.RKrMRbTmqoWAvcIIvfCfOvwc-1730993479-1.2.1.1-pX9VGGqYq_VL27RKp7ZekRsiDt5Fxj3dQeGmPNx8DfXPJ4iboms.ztbhHLo8Yr8HTN6CkrqpizUUYtSBTOnSp7zbxu11NYrPgoTyCX4Uicxmy9M4Vrc5.6ay5NLt44Gzan_lJu86Ls0LCkxPUXbIgkCC7RnPyclU3MhNOFPvEkkLbZa8obzM.fbD6ptDtc21T46lWrxdOOxL6YWRMM3W0Wds7KWuCRIRvOgfcZCsT1Ss7qA7XvxYbuV79CmYApEor2El.0ShnVSmQH8JvdzL_CtU2hlIDDwZHi5C9qprDDFwRvHlKr49GFwJ7LnQlrBL1XRoVGBDcZ8j0tsgp_sgrXBQDXfb_em9MLjWvqarIxKt9OOrdkZjG7BcNATGaYqY
.winred.com/ Name: _ga
Value: GA1.2.1140748632.1730993480
.winred.com/ Name: _gid
Value: GA1.2.1091913641.1730993480
.winred.com/ Name: _dc_gtm_UA-73658561-7
Value: 1
.winred.com/ Name: FPID
Value: FPID2.2.dBiIPZzIX0mJ4P%2BPhv8W6ukFNhJskdiU2QNYNQ3BgvQ%3D.1730993480
.winred.com/ Name: _fbp
Value: fb.1.1730993479936.567384160780469426
.winred.com/ Name: FPLC
Value: wImwvlXpL1bfb0L7YBFEIu%2Fr2ODJPaTWhUoxvwRciY57Lr1XV%2BC9ySDx0PMpl6otCDRJxBzq85aZ32kOyoZYya3hQfEnklBrtbP6TEgF6ik0vX1dugJNFlSNPy9M9w%3D%3D
.winred.com/ Name: FPGSID
Value: 1.1730993479.1730993479.G-X6H0114PDF.PRnbJEEcg9C6p6UycxQPWw
.winred.com/ Name: __cf_bm
Value: ZokoCZ4qhd28s_1.1DvJ163pcvIl.BHJEdcSTq.9XCs-1730993479-1.0.1.1-PHUxjZcozui7YesXf0Zp6i9P4MrOZGT9tkKTGlNgAD9k6GZH6zqCtUU9jFeI2rnjGbPJr2Ty2cpExR5V67909w
.www.google-analytics.com/ Name: ar_debug
Value: 1
.winred.com/ Name: _ga_X6H0114PDF
Value: GS1.1.1730993479.1.0.1730993480.0.0.131196836

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
env0.prompt.io
gtm.winred.com
js.stripe.com
maps.googleapis.com
secure.winred.com
securelink.gop
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
151.101.128.176
18.238.49.31
2600:9000:26fa:9800:0:7d26:ee00:93a1
2606:4700::6810:5049
2606:4700::6810:e434
2606:4700::6813:d459
2607:f8b0:4004:c06::61
2607:f8b0:4004:c1f::8a
2607:f8b0:400d:c07::65
2607:f8b0:400d:c07::93
2607:f8b0:400d:c0b::5f
2607:f8b0:400d:c0b::9c
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
44.227.24.191
54.218.163.155
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0708bc50c2f804470dfc3de7b3c6d93ef91ef31d9f9147092730947879d6e2fd
15f4ceb5e7f66a7393aa318443fb716f911f61a4550bf08f3592c7ed89559a10
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
27dbaab69f0d01d9bc7aab5bb4d37043371221c16fd78bcd5f2c9a77154862f2
38afa3c97f1dbabc31cd9dc0c5b72065efe686747068359b498860b569f0b78c
41da751d66f5e9d67513bc0ed38fcc5d9b5e27b102efc8a1f46fa0448b253922
505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b
68c5504a0be093ef2208b0ca5644ab39b0254481590908e4015bd47b32320ab8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
760dbd247da466977a318534309ca9f5a4ad3873d560f0d133cfc0ade2c53457
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bc3336dd5d35c90d1186d534cd012c28a1dfb65ccac9a867a832db162131c1d5
bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630
c77c9dff95c1d31f3c06e5207172e59841b9efee71a86dcc4e7eb408390c8266
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbaa39d690682c8a091914cb5e3d5cd0bb86790159462fb5adbc864b043780f1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec87765b79b04e0392a165607ecbfb06ca77117102c91d3441a27b45fc3719a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
eb87f3a9a669b0e7437bd8318bb069fdc781803a8328dea86ee06180151a81f5
efe704450e3c034e266a4d73ec71eb4f84c9bf84fc396a363309ddd7f4f503a9
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902