secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://securelink.gop/YZo5EBh1L
Effective URL:
https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
Submission: On September 24 via manual (September 24th 2024, 2:04:16 am UTC) from US — Scanned from US

Summary HTTP 68 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 68 HTTP transactions. The main IP is 2606:4700::6813:d459, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 23291.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.218.163.155 54.218.163.155	16509 (AMAZON-02) (AMAZON-02)
1 1	44.227.24.191 44.227.24.191	16509 (AMAZON-02) (AMAZON-02)
1 14	2606:4700::68... 2606:4700::6813:d459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.139.29.88 108.139.29.88	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
5	2600:9000:26f... 2600:9000:26fa:6800:0:7d26:ee00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
1	38.70.189.70 38.70.189.70	399647 (RUMBLE) (RUMBLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
7	108.139.29.91 108.139.29.91	16509 (AMAZON-02) (AMAZON-02)
68	19

1 54.218.163.155 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-163-155.us-west-2.compute.amazonaws.com

securelink.gop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.227.24.191 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-24-191.us-west-2.compute.amazonaws.com

env0.prompt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6813:d459 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.29.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-88.jfk50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26fa:6800:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)

lh7-us.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.70.189.70 (Toronto, Canada)

ASN399647 (RUMBLE, US)

a.ads.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.139.29.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-91.jfk50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	winred.com 1 redirects secure.winred.com — Cisco Umbrella Rank: 23291 gtm.winred.com Failed app.winred.com — Cisco Umbrella Rank: 128386	213 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	635 KB
9	stripe.com js.stripe.com — Cisco Umbrella Rank: 1083	160 KB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 131 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 td.doubleclick.net — Cisco Umbrella Rank: 189	5 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
5	cloudfront.net d35ligi1n5bgzc.cloudfront.net	2 MB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 450	228 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 137	128 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 946	1 KB
2	t.co t.co — Cisco Umbrella Rank: 844	1 KB
1	rmbl.ws a.ads.rmbl.ws — Cisco Umbrella Rank: 25949	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 863	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 685	7 KB
1	googleusercontent.com lh7-us.googleusercontent.com — Cisco Umbrella Rank: 5655	26 KB
1	prompt.io 1 redirects env0.prompt.io	248 B
1	securelink.gop 1 redirects securelink.gop	453 B
68	16

	Domain	Requested by
13	secure.winred.com	1 redirects secure.winred.com static.cloudflareinsights.com
11	www.googletagmanager.com	secure.winred.com www.googletagmanager.com www.google-analytics.com
9	js.stripe.com	secure.winred.com js.stripe.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.winred.com
5	d35ligi1n5bgzc.cloudfront.net	secure.winred.com
4	maps.googleapis.com	secure.winred.com maps.googleapis.com
3	td.doubleclick.net	www.googletagmanager.com
2	www.google.com	secure.winred.com
2	analytics.twitter.com	secure.winred.com
2	t.co	secure.winred.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
1	app.winred.com	secure.winred.com
1	analytics.google.com	www.googletagmanager.com
1	a.ads.rmbl.ws	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.cloudflareinsights.com	secure.winred.com
1	lh7-us.googleusercontent.com	secure.winred.com
1	env0.prompt.io	1 redirects
1	securelink.gop	1 redirects
0	gtm.winred.com Failed	www.googletagmanager.com
68	21

This site contains links to these domains. Also see Links.

Domain
txtterms.co
winred.com
www.donaldjtrump.com
swampthevoteusa.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2024-01-22` - `2024-12-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-08-29` - `2024-12-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.googleusercontent.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
a.ads.rmbl.ws E6	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
t.co E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
winred.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
Frame ID: 63BD6C206CB9E313FBF51EBD0D5B94C9
Requests: 56 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11091438865?random=1727143449751&cv=11&fst=1727143449751&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je49j0v9102512289z872350723za200zb72350723&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config%3BcookieDomain%3Dauto
Frame ID: AF9873C1301BF5F987DB174737F3CCAE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-HNR33QTX08&gacid=645824245.1727143450&gtm=45je49j0v9164375506za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=2121258049
Frame ID: A8903271C6295467CB76AA92A3C22C0D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
Frame ID: 996232A0744424ADBD3274E12263F0E0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6717151df347c019beb65800652fff2a.html
Frame ID: 4FD26644BAC67E83410179F1EE48C080
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
Frame ID: 69DAAF8370BBA0670EDD5CBC62F2D6B6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-ef6046d273736a898e518b9af0efd9ab.html
Frame ID: 74EA24AAC40AEB1D362A53F27B10DB2A
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-dbb275903b520ce29d0ea40e6d584453.html
Frame ID: 0BC3482B8599732D3D1C5EC2CA0F4393
Requests: 1 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 28B9D6F263D0B01022CE7A107714FAEC
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11094181768?random=1727143451465&cv=11&fst=1727143451465&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49j0h1v9102692410za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: D4BD6766E3C73B6D7017F1CEDE41E05E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-c15a46f3f222eaa598a2bf38f7f28f41.html
Frame ID: C26064C0073F07C2E42DD9F167CFEAEE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8AD122E2FCCDE3166D4B66864C17392B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MAGA

Page URL History Show full URLs

https://securelink.gop/YZo5EBh1L HTTP 301
https://env0.prompt.io/rest/1.0/smart_links/redirect/YZo5EBh1L HTTP 303
https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campa... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

68
Requests

94 %
HTTPS

60 %
IPv6

16
Domains

21
Subdomains

19
IPs

3
Countries

3145 kB
Transfer

6322 kB
Size

24
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://txtterms.co/88022-2/
Title: txtterms.co/88022-2

Search URL Search Domain Scan URL

URL: https://winred.com/terms/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://winred.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/join
Title: Interested in volunteering? Click here to sign up today.

Search URL Search Domain Scan URL

URL: https://swampthevoteusa.com/
Title: Do you have a plan to vote? Check your voter registration status, request a ballot, and pledge to vote by clicking HERE!

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/tnc-contributor-form
Title: Want to donate by mail? Click here to print out a donation form that you can send to our address.

Search URL Search Domain Scan URL

URL: https://winred.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://winred.com/about-our-ads/
Title: About Our Ads

Search URL Search Domain Scan URL

URL: https://winred.com/support/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securelink.gop/YZo5EBh1L HTTP 301
https://env0.prompt.io/rest/1.0/smart_links/redirect/YZo5EBh1L HTTP 303
https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request lp-prsp-sms-vp-debate-2-weeks-vjd-bmd Show response
secure.winred.com/trump-national-committee-jfc/
Redirect Chain

https://securelink.gop/YZo5EBh1L
https://env0.prompt.io/rest/1.0/smart_links/redirect/YZo5EBh1L
https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

62 KB
15 KB

276ms
177ms

Document
text/html

2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39c5635b37eb230b6091d65e20546902b5af1b8c82ad51b69495c81645667131

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8c7f33ba8d0880d9-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 02:04:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-rack-cors: miss; no-origin
x-request-id: a70fbd5c-ba34-435d-81b7-0ac0b492522e
x-revv-cache: Hit from Revv
x-runtime: 0.034249
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 24 Sep 2024 02:04:08 GMT
Location: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
Server: nginx

GET
H2 200 / Show response
js.stripe.com/v3/ 654 KB
160 KB 164ms
36ms Script
text/javascript 108.139.29.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-88.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd1af6d66c0c20da619f4931e554a0504bfc5b415c48dfefb1b7889d389a0875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
etag: W/"c73bc29ee1d76aca02f19705332ea835"
age: 17
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: DMtr1cotN3MWTj3_QS0kZlfPxHhCgHKdnSbDM1p2q3ErtgbAVOiErw==
date: Tue, 24 Sep 2024 02:03:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 20:50:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P2
server: Cloudfront

GET
H3 200 landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
secure.winred.com/assets/ 220 KB
34 KB 53ms
50ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"0d589e3ee739618497567fffac3f6955"
x-amz-version-id: tOpBJg5htPvOaTyjGLLYiHKpyv._FiKY
cf-cache-status: HIT
age: 2718
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 06:04:08 GMT
cf-polished: origSize=227910
date: Tue, 24 Sep 2024 02:04:08 GMT
content-type: text/css
last-modified: Fri, 10 May 2024 01:11:53 GMT
vary: Accept-Encoding
x-amz-id-2: +22Hygp0CW+xKXOpFk7lvDgzYaaF5igPOo0cMGSIt4Rds9/3Fc3raQZ1HmuzXm6YdfNyRAEAf78=
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=14400
x-amz-request-id: DG3JRM30G9F55PFR
cf-ray: 8c7f33bbce5880d9-EWR
server: cloudflare

GET
H3 200 1727133712.css
secure.winred.com/stylesheets/rv_page_01j80fzj7b9zh7tche0k1wpd76/ 8 KB
2 KB 50ms
48ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/stylesheets/rv_page_01j80fzj7b9zh7tche0k1wpd76/1727133712.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1694bc98a0ceed60020743d1e22d3334194570814ce8bffc5c3cb0bbdf726002

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Response headers

x-request-id: 53b5d6f5-589b-479b-9109-77f4fc148b20
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 8722
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 07:53:20 GMT
cf-polished: origSize=8477
date: Tue, 24 Sep 2024 02:04:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.058063
last-modified: Mon, 23 Sep 2024 23:26:26 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=31556952
x-rack-cors: miss; no-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8c7f33bbce5d80d9-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 340 KB
111 KB 176ms
76ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

86362dc7d5ad54a4561c1fa9ef1a7fa014fea3cab2459eef3a0d38aa3286d59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: public, max-age=1800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113217
date: Tue, 24 Sep 2024 02:04:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js Show response
secure.winred.com/assets/ 492 KB
137 KB 70ms
69ms Script
application/javascript 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34dbbeedb5f41467c45409cfe22b5398a1e7410ae53e0f2a196a706db6d62107

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"e75fd1678f79abd85c65c4549db07868"
x-amz-version-id: oGPIy5aVL7BxCbStboHuyrjP9Quyigrl
cf-cache-status: HIT
age: 3153
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 06:04:08 GMT
cf-polished: origSize=503483
date: Tue, 24 Sep 2024 02:04:08 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 01:04:22 GMT
vary: Accept-Encoding
x-amz-id-2: eMvTFZeilAKcfqMLxiEr9EeZCxqCmOg482bweSCbmwxkJeqHZRXj8Z10AhdzaDRhyJHfCYrHbWM=
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=14400
x-amz-request-id: VQJMAYHB47SAJD5Q
cf-ray: 8c7f33bbce6280d9-EWR
server: cloudflare

GET
H2 200 FINAL-OFFICIAL-LOGO.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/038/249/large/ 319 KB
320 KB 141ms
24ms Image
image/png 2600:9000:26fa:6800:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/038/249/large/FINAL-OFFICIAL-LOGO.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:6800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06e2f41f28db2520c0066921dbc1482227a70af66822fffb2554d18ce1c27196

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: W8UOP9jglRoTPWz0Kd3MwFGKbvF5t1H_
etag: "38fc5fbd38587f1827bc9ddf2a67af9e"
age: 61339
via: 1.1 daebf63abf2bfb477063c6c713df85f0.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 326648
x-amz-cf-id: RqETHRcD7FUWM2HbivJbEgwJSRvxLx_03Pm7H2w_FYRU-BckGHiQOA==
date: Mon, 23 Sep 2024 09:01:51 GMT
content-type: image/png
last-modified: Thu, 25 Jul 2024 03:10:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256

GET
H2 200 AD_4nXeurYDWDQx9Trixmrt9dbAaCXl31wv1AViXprAw6l6sdUEfZ9q1qbEnREiKRdkWABSzX4WvTSZ9y31VzvpbmWylUqMKCI_psa7FmvcS41D7R7hAg2oNRCa1wcZIpZaZuee7Gnj7a8Zp1olXsGJbpimxyRY
lh7-us.googleusercontent.com/docsz/ 26 KB
26 KB 142ms
32ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/docsz/AD_4nXeurYDWDQx9Trixmrt9dbAaCXl31wv1AViXprAw6l6sdUEfZ9q1qbEnREiKRdkWABSzX4WvTSZ9y31VzvpbmWylUqMKCI_psa7FmvcS41D7R7hAg2oNRCa1wcZIpZaZuee7Gnj7a8Zp1olXsGJbpimxyRY?key=fPtC_GzPGUDg4E6l86zPgg

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd253a06bcea6bbf54e479b38aafb9df6b8fd3c0b3dcb11a2b06fec6a2f35751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 5460
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 00:33:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 00:33:09 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 26649
x-xss-protection: 0
server: fife

GET
H2 200 kUuht00m_400x400.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/ 9 KB
9 KB 28ms
27ms Image
image/jpeg 2600:9000:26fa:6800:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/kUuht00m_400x400.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:6800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: e6vRznToLKSFlkxhhZl3uvfZed2SXwEW
etag: "86e9d3432d2077771820250698fbb99b"
age: 80452
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: JUYK4oWbZEja5JPGi13MQgLXp-XxjE_zZGTx5y1SFTA5_h_kDPpygw==
date: Mon, 23 Sep 2024 03:43:18 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 20 Mar 2024 15:42:11 GMT
via: 1.1 daebf63abf2bfb477063c6c713df85f0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8995
x-amz-cf-pop: JFK52-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 9 KB
9 KB 44ms
44ms Image
image/webp 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Response headers

cf-bgj: imgq:85,h2pri
etag: "972c0cca8d1e490484e89513f902e847"
x-amz-version-id: oesBjmAh2inmGHKurJiAleCIzUb1YtH1
cf-cache-status: HIT
age: 5657
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 06:04:09 GMT
cf-polished: origFmt=png, origSize=11635
date: Tue, 24 Sep 2024 02:04:09 GMT
content-type: image/webp
content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
vary: Accept
last-modified: Tue, 10 Sep 2024 01:04:24 GMT
x-amz-id-2: AYzmGShDOmXo8Q2bCeb7r4a+6nfe84eP85B+yaidbojmSkkkCwZ6Dce54vuH0Nl5vl1uyHzsPIU=
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=14400
x-amz-request-id: RS79YJ8XJ8X3MRX1
cf-ray: 8c7f33bcff9c80d9-EWR
accept-ranges: bytes
content-length: 8708
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 492 KB
112 KB 168ms
60ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6fab389f729f9d0db64a64f8fa3e313a21a67a65150f526492b790ba084b3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 02:04:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 02:04:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 114254
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
113 KB 206ms
99ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

665ac162fe0384b9177b5dc92e2a3c887176277c39ef9ce71b3551d805ef5292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 02:04:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 02:04:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 115213
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 19 KB
7 KB 62ms
62ms Image
image/svg+xml 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"d31530d4186af669daf4f47099614593"
x-amz-version-id: 7TEpFXHt2aF8.KE5Ti.rVuJC42sutdw9
age: 3388
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 06:04:09 GMT
date: Tue, 24 Sep 2024 02:04:09 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Aug 2024 01:09:34 GMT
vary: Accept-Encoding
x-amz-id-2: 1nx5RzwJexogGXLJVZVp44f4qBV66w61nxAjzwYKeupsy6eyxLJ1ipacm+7EwBSfxtXCjf/v/OE=
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=14400
x-amz-request-id: B5A8Z1WS69FAV4XX
cf-ray: 8c7f33bd1fc580d9-EWR
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 1148ms
52ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://secure.winred.com
Referer: https://secure.winred.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8c7f33c49b5b41b2-EWR
access-control-allow-origin: *
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 DJT-BACKGROUND.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/114/294/large/ 1 MB
1 MB 25ms
25ms Image
image/png 2600:9000:26fa:6800:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/114/294/large/DJT-BACKGROUND.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01j80fzj7b9zh7tche0k1wpd76/1727133712.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:6800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37f1ef31d0508a47358ed4e2ef1ec7ea9a3334a71dbfd74920ed7e55f036e964

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: cU5riS_PP6nAakiIQew5rIf4lnywoVml
age: 16460
etag: "ccdea30a95d5bc3f3196769092936172"
via: 1.1 0ee1fe5fcafe794371111733608557fe.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 1529473
x-amz-cf-id: 9Qdd05xTPmmQt_w56L7S3ZHXlea9NcHQ3ErT3REc1NFoIuLmQn7dBQ==
date: Mon, 23 Sep 2024 21:29:50 GMT
content-type: image/png
last-modified: Mon, 23 Sep 2024 21:20:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256

GET
H3 200 icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ 290 B
798 B 45ms
44ms Image
image/webp 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Response headers

cf-bgj: imgq:85,h2pri
etag: "571ee659b7ee9af9291e7dd8176721d5"
x-amz-version-id: 1f3H9LroZLXkNNZjrMw0iaxNMbTYt2lY
cf-cache-status: HIT
age: 5516
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 06:04:09 GMT
cf-polished: origFmt=png, origSize=560
date: Tue, 24 Sep 2024 02:04:09 GMT
content-type: image/webp
content-disposition: inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
vary: Accept
last-modified: Tue, 10 Sep 2024 01:04:23 GMT
x-amz-id-2: UbGR7esZsVV741xB9E2cklaFEN6Ut0cc6m8Mr3Ze/BCtDq3U+fQEgD3drLRNMltwYypXDmiU2a4=
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=14400
x-amz-request-id: NXH4P03WCW02AZV1
cf-ray: 8c7f33bde8c380d9-EWR
accept-ranges: bytes
content-length: 290
server: cloudflare

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 148ms
44ms XHR
application/json 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Tue, 24 Sep 2024 02:04:09 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
102 KB 67ms
66ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e2262733368aa24afaa50fa705491c1f5c09e861a9e558bb23218904d486a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 24 Sep 2024 02:04:09 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104374
date: Tue, 24 Sep 2024 02:04:09 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
34ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 7085
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 02:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Tue, 24 Sep 2024 00:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 354 KB
117 KB 55ms
54ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3fb71cb0273d5eb6c12f3df9f3581da9baa11078f06bf9dfa2bf0bdb8ec99237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 24 Sep 2024 02:04:09 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119880
date: Tue, 24 Sep 2024 02:04:09 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 134ms
33ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
accept-ranges: bytes
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Tue, 24 Sep 2024 02:04:09 GMT
x-tw-cdn: FT
last-modified: Tue, 26 Mar 2024 20:58:07 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kjyo7100095-IAD
x-amz-server-side-encryption: AES256

GET
H2 200 ratag Show response
a.ads.rmbl.ws/ 3 KB
2 KB 256ms
100ms Script
application/javascript 38.70.189.70
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ads.rmbl.ws/ratag?id=AV-6622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.70.189.70 Toronto, Canada, ASN399647 (RUMBLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 706e4b2b1a0b48a95a2468ed5bbd10ea6cb9874aff64afd280e979c2f141cb0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: public, max-age=900
content-encoding: gzip
etag: W/"b467be32e4974b38f38aeb3d9a695138"
access-control-allow-credentials: true
access-control-allow-origin: *
date: Tue, 24 Sep 2024 02:04:09 GMT
content-type: application/javascript; charset=UTF-8
server: nginx

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 40ms
39ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=214121196&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&ul=en-us&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAEK~&jid=1999641092&gjid=1716659447&cid=645824245.1727143450&tid=UA-73658561-7&_gid=1554471294.1727143450&_slc=1&gtm=45He49j0n71NTQZ9Nv72410129za200&cd61=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=1576205536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
date: Tue, 24 Sep 2024 02:04:09 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 155ms
48ms XHR
text/plain 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=645824245.1727143450&jid=1999641092&gjid=1716659447&_gid=1554471294.1727143450&_u=YGBAiEABBAAAAGAEK~&z=233673017

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
date: Tue, 24 Sep 2024 02:04:09 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 49ms
48ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=214121196&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&ul=en-us&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAGAEK~&jid=705320338&gjid=1442279970&cid=645824245.1727143450&tid=UA-60901920-1&_gid=1554471294.1727143450&_r=1&_slc=1&gtm=45He49j0n71M27JCGv72350723za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529666&z=1209310837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2be40f02e37e46e793761339c8501e3a1f629b120a7e0335a0540606bdd5fb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
date: Tue, 24 Sep 2024 02:04:09 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET collect
gtm.winred.com/g/ 0
0

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 46ms
45ms Fetch
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0YWKLMCX4D&gtm=45je49j0v9102512289z872350723za200zb72350723&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=645824245.1727143450&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&tfd=1852
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:09 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/ 5 KB
2 KB 145ms
50ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/?random=1727143449751&cv=11&fst=1727143449751&bg=ffffff&guid=ON&async=1&gtm=45je49j0v9102512289z872350723za200zb72350723&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config%3BcookieDomain%3Dauto&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25049873d06f8b0f2d8c86f562ce6ccaf538ed69eb873e8f328af6fec0040700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2366
date: Tue, 24 Sep 2024 02:04:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11091438865
td.doubleclick.net/td/rul/ Frame AF98 0
0 222ms
119ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11091438865?random=1727143449751&cv=11&fst=1727143449751&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je49j0v9102512289z872350723za200zb72350723&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config%3BcookieDomain%3Dauto

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Sep 2024 02:04:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
99 KB 56ms
55ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

599041f3fe3318f05c1177c647b6c585915b0314ad765e845ec3098bd71965d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 24 Sep 2024 02:04:09 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100825
date: Tue, 24 Sep 2024 02:04:09 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 adsct
t.co/1/i/ 43 B
629 B 239ms
157ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c2f9cb60-8d47-4fd0-9c22-86bdf23b685d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=511025b2-e074-49ca-8915-57e63accee6c&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 55069c7e70afc44a
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 526455a8fc61fbf1ccbd2a1cbd6395dc026b4f60ba3a7b60f29c8d8912a83d54
cf-cache-status: DYNAMIC
cf-ray: 8c7f33c20e70c46d-EWR
x-response-time: 8
content-length: 43
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
539 B 249ms
120ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c2f9cb60-8d47-4fd0-9c22-86bdf23b685d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=511025b2-e074-49ca-8915-57e63accee6c&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: cc5ac836919cac12
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e4f5b4eaffb3c8e2b6767185e285485404b7a0d83703475a46c956eee424916b
x-response-time: 8
content-length: 43
date: Tue, 24 Sep 2024 02:04:09 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H2 200 adsct
t.co/1/i/ 43 B
470 B 269ms
188ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0c0ba21f-d117-4252-b481-03e9052122e7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=511025b2-e074-49ca-8915-57e63accee6c&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&tw_iframe_status=0&txn_id=ol48j&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 24d87f4d41e0a15f
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 094a6bd226788148d334a0d392c7aff4c57f4bf7509e83cedaebbd11fe43400d
cf-cache-status: DYNAMIC
cf-ray: 8c7f33c20e73c46d-EWR
x-response-time: 72
content-length: 43
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 247ms
120ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0c0ba21f-d117-4252-b481-03e9052122e7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=511025b2-e074-49ca-8915-57e63accee6c&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&tw_iframe_status=0&txn_id=ol48j&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 6c0d6be00e76d4d8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e4f5b4eaffb3c8e2b6767185e285485404b7a0d83703475a46c956eee424916b
x-response-time: 8
content-length: 43
date: Tue, 24 Sep 2024 02:04:09 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H3 200 /
www.google.com/pagead/1p-user-list/11091438865/ 42 B
64 B 135ms
44ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11091438865/?random=1727143449751&cv=11&fst=1727143200000&bg=ffffff&guid=ON&async=1&gtm=45je49j0v9102512289z872350723za200zb72350723&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config%3BcookieDomain%3Dauto&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfnOEeCNuCRLL65CLnyZTiT4m_ydNwgg&random=2468568308&rmt_tld=0&ipr=y

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Sep 2024 02:04:10 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 143ms
46ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HNR33QTX08&gtm=45je49j0v9164375506za200&_p=1727143448929&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=645824245.1727143450&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&sid=1727143449&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2103
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 39ms
37ms Ping
text/plain 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-HNR33QTX08&cid=645824245.1727143450&gtm=45je49j0v9164375506za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame A890 0
0 44ms
42ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-HNR33QTX08&gacid=645824245.1727143450&gtm=45je49j0v9164375506za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=2121258049

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Sep 2024 02:04:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
js.stripe.com/v3/ Frame 9962 0
0 114ms
34ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 02:03:16 GMT
etag: "47142b7a8256333f95d6c33cf3b94476"
last-modified: Mon, 23 Sep 2024 20:04:26 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: bgL_IxTY9SLt7xE4ti5aYzXAzTcv5Wy4Iu4Q2NkmxPX067vLt10bag==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-6717151df347c019beb65800652fff2a.html
js.stripe.com/v3/ Frame 4FD2 0
0 105ms
36ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-6717151df347c019beb65800652fff2a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 3224
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 01:11:22 GMT
etag: W/"6717151df347c019beb65800652fff2a"
last-modified: Mon, 23 Sep 2024 20:04:26 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: tXuP5JXGmhu896yTfRArNgNjG8QmAbYlJnL1ySCw0N5VWaM-CZNzaA==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 current_with_info Show response
app.winred.com/api/v3/users/ 162 B
1 KB 329ms
92ms XHR
application/vnd.api+json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.winred.com/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

145b3a2173ad84c270301fc4527e6291a81ae3432e3f78c5a4077bdb68c90256

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/

Response headers

access-control-max-age: 0
x-request-id: 85db2001-dcfc-4813-bcc7-57c152dd7745
access-control-expose-headers
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"145b3a2173ad84c270301fc4527e6291"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
x-rack-cors-original-access-control-max-age: 0
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: application/vnd.api+json
vary: Origin
x-runtime: 0.011718
x-rack-cors-original-access-control-allow-origin: https://secure.winred.com
strict-transport-security: max-age=0; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
access-control-allow-credentials: true
x-rack-cors-original-access-control-expose-headers
cf-ray: 8c7f33c6fa9f4352-EWR
x-rack-cors-original-access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://secure.winred.com
x-rack-cors-original-access-control-allow-credentials: true
server: cloudflare

GET
H3 200 rv_page_01j80fzj7b9zh7tche0k1wpd76-b4f45118dc90acc2d01dda89dcaca9602b101e11 Show response
secure.winred.com/api/v3/donations/live/ 453 B
528 B 70ms
69ms XHR
application/json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/api/v3/donations/live/rv_page_01j80fzj7b9zh7tche0k1wpd76-b4f45118dc90acc2d01dda89dcaca9602b101e11?stream_id=9965f9743561f1c2125118d6b8dde8e30a00118f&_=1727143449191

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3067bc13fdbe9ec5310a2635e9d019fdf9769fc6229a593a6d1072328eee9160

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-CSRF-Token: 53g3FAz5MGPXvJaQdnJFa150kas2Xb00Yh+gpHiqgyqhppCsubu5zEORVSbhzjWfTNgEozvDRHlt3d9P7HyhXQ==
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

x-request-id: 1a704615-1415-4eba-9411-787f619e48c6
content-encoding: br
cf-cache-status: HIT
etag: W/"3067bc13fdbe9ec5310a2635e9d019fd"
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 02:05:10 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: application/json
vary: Origin, Accept-Encoding
x-runtime: 0.010060
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=60
x-rack-cors: miss; no-origin
cf-ray: 8c7f33c5897b80d9-EWR
server: cloudflare

GET
H3 200 rv_page_01j80fzj7b9zh7tche0k1wpd76-8e8dbfddea1981bd91b5c896b7024e991e6c1c2b Show response
secure.winred.com/api/v3/donations/live/ 442 B
499 B 60ms
59ms XHR
application/json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/api/v3/donations/live/rv_page_01j80fzj7b9zh7tche0k1wpd76-8e8dbfddea1981bd91b5c896b7024e991e6c1c2b?stream_id=2282a255493bfd6b086d0ca43469c4a265dba994&_=1727143449192

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84ca21cf14069c3fe5b0f487353ddf28d95978634ded7ebb411dac344241121

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-CSRF-Token: 53g3FAz5MGPXvJaQdnJFa150kas2Xb00Yh+gpHiqgyqhppCsubu5zEORVSbhzjWfTNgEozvDRHlt3d9P7HyhXQ==
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

x-request-id: 88ac3b79-d961-4914-835c-7f703ef574dc
content-encoding: br
cf-cache-status: HIT
etag: W/"e84ca21cf14069c3fe5b0f487353ddf2"
age: 48
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 02:05:10 GMT
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: application/json
vary: Origin, Accept-Encoding
x-runtime: 0.050713
strict-transport-security: max-age=0; includeSubDomains
cache-control: public, max-age=60
x-rack-cors: miss; no-origin
cf-ray: 8c7f33c5897c80d9-EWR
server: cloudflare

GET
H2 200 controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
js.stripe.com/v3/ Frame 69DA 0
0 51ms
51ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 02:03:16 GMT
etag: "47142b7a8256333f95d6c33cf3b94476"
last-modified: Mon, 23 Sep 2024 20:04:26 GMT
origin-agent-cluster: ?1
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: bgL_IxTY9SLt7xE4ti5aYzXAzTcv5Wy4Iu4Q2NkmxPX067vLt10bag==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-ef6046d273736a898e518b9af0efd9ab.html
js.stripe.com/v3/ Frame 74EA 0
0 43ms
35ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-ef6046d273736a898e518b9af0efd9ab.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2639
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 01:20:21 GMT
etag: "ef6046d273736a898e518b9af0efd9ab"
last-modified: Mon, 23 Sep 2024 20:04:41 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: wcHQPOwr4WjB1nR_dsjUKrspss0az8AR8tAwOUCugyzT84zjV4odEA==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-dbb275903b520ce29d0ea40e6d584453.html
js.stripe.com/v3/ Frame 0BC3 0
0 39ms
37ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-dbb275903b520ce29d0ea40e6d584453.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 56
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 02:03:15 GMT
etag: "dbb275903b520ce29d0ea40e6d584453"
last-modified: Mon, 23 Sep 2024 20:04:41 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: bR2v0h2WdYTwkkU7Vsxa_my7V64dop64IkWaj1OzrGLks3931NWxJw==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=214121196&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&ul=en-us&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=aGDAiEABBAAAAGAEK~&jid=&gjid=&cid=645824245.1727143450&tid=UA-73658561-7&_gid=1554471294.1727143450&gtm=45He49j0n71NTQZ9Nv72410129za200&cd41=anonymous&cd58=f&cd61=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=1018055070

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
age: 74512
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
date: Mon, 23 Sep 2024 05:22:18 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 DJT-FLAGEMOJI.png
d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/895/484/small_square/ 5 KB
5 KB 26ms
25ms Image
image/png 2600:9000:26fa:6800:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/895/484/small_square/DJT-FLAGEMOJI.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:6800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 420ac6c617ee74fe7974f174a88e74d415000487a2e515797094e02e099b48ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: M4KLoYbFwXBAms0NGtqd77injo3C.q8l
age: 75968
etag: "4911b815850d287208be1ce338439b2a"
via: 1.1 0ee1fe5fcafe794371111733608557fe.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 4937
x-amz-cf-id: 1NbzM26C9RiUrZrx25WnAIZ_ceE-nhMv5atnzLEirfSGE6lQ2Zo9QA==
date: Mon, 23 Sep 2024 04:58:03 GMT
content-type: image/png
last-modified: Thu, 21 Mar 2024 05:29:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256

GET
H3

200

main.js Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 28B9
Redirect Chain

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

47ms
46ms

Script
application/javascript

2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Protocol

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1303af524eec924da681ad45c15174f40e0fe38f0eb18d535303b3170c89110

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=0; includeSubDomains
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8c7f33c60a0f80d9-EWR
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=0; includeSubDomains
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
x-content-type-options: nosniff
cf-ray: 8c7f33c5c9ca80d9-EWR
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 02:04:10 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8c7f33ba8d0880d9 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 28B9 0
657 B 46ms
39ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/8c7f33ba8d0880d9

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=0; includeSubDomains
cf-ray: 8c7f33c70b3380d9-EWR
content-length: 0
date: Tue, 24 Sep 2024 02:04:10 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
x-content-type-options: nosniff

GET collect
gtm.winred.com/g/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 65ms
65ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cdb67a75255ee490f0caf98cd9515836b791fae04ff37cdfb690a3777f54e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 02:04:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 02:04:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 94700
x-xss-protection: 0
server: Google Tag Manager

POST
H3 204 rum Show response
secure.winred.com/cdn-cgi/ 0
142 B 42ms
39ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8c7f33cae82f80d9-EWR
access-control-allow-origin: https://secure.winred.com
date: Tue, 24 Sep 2024 02:04:11 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/ 1 KB
2 KB 25ms
25ms Other
image/png 2600:9000:26fa:6800:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:6800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: FN8PLjpE4LnyaM50_d0emgSd0vAz496F
age: 38982
etag: "7b9c8b7070c8f9c81fc9a133d26daf4e"
via: 1.1 0ee1fe5fcafe794371111733608557fe.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 1512
x-amz-cf-id: 3vlC5JCMePFr0UBuwnjTCgpFnKz5sCmRUUUi6Z1kjz8-7F_E7hVTJg==
date: Mon, 23 Sep 2024 15:14:30 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2019 18:21:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/ 5 KB
2 KB 48ms
48ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/?random=1727143451465&cv=11&fst=1727143451465&bg=ffffff&guid=ON&async=1&gtm=45be49j0h1v9102692410za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdb61f01a474edab4a60bc21aca66789be4e3d590225ece8c3ef6cbbddf12e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2357
date: Tue, 24 Sep 2024 02:04:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 11094181768
td.doubleclick.net/td/rul/ Frame D4BD 0
0 74ms
73ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11094181768?random=1727143451465&cv=11&fst=1727143451465&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49j0h1v9102692410za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Sep 2024 02:04:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 51ms
50ms Image
text/html 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-11094181768&v=3&t=t&pid=1858633642&cv=1&rv=49j0&tc=8&x=1&tag_exp=0&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:11 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 50ms
49ms Image
text/html 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-11094181768&v=3&t=t&pid=1858633642&cv=1&rv=49j0&tc=8&x=1&tag_exp=0&es=1&e=gtag.config&eid=0&h=Ag&tr=1ogtadsdatatos.1ogt1pdatav2.1ccdadsfirst.1ccdpreautopii.1ccdemform.1ccdadd1pdata.1ccdadslast&ti=2ogtadsdatatos.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdemform.2ccdadd1pdata.2ccdadslast&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:11 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 51ms
50ms Image
text/html 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-11094181768&v=3&t=t&pid=1858633642&cv=1&rv=49j0&tc=8&x=1&tag_exp=0&es=1&e=gtag.config&eid=1&h=Ag&tr=1rep&ti=1rep&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:11 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 51ms
50ms Image
text/html 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-11094181768&v=3&t=t&pid=1858633642&cv=1&rv=49j0&tc=8&x=1&tag_exp=0&es=1&e=gtm.dom&eid=33&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:11 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 77ms
76ms Image
text/html 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-11094181768&v=3&t=t&pid=1858633642&cv=1&rv=49j0&tc=8&x=1&tag_exp=0&es=1&e=gtag.config&eid=89&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 02:04:11 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/11094181768/ 42 B
64 B 47ms
47ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11094181768/?random=1727143451465&cv=11&fst=1727143200000&bg=ffffff&guid=ON&async=1&gtm=45be49j0h1v9102692410za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=9296438.1727143449&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfLjeRPKfm57S94lkLu-DMAf2_nyQqrwg-8umJi10m6A3Ghj7D&random=2230043420&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Sep 2024 02:04:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 hcaptcha-invisible-c15a46f3f222eaa598a2bf38f7f28f41.html
js.stripe.com/v3/ Frame C260 0
0 26ms
26ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-c15a46f3f222eaa598a2bf38f7f28f41.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-9S9H7QYg5O/ua0nuFLz4q9YzOFYsvSDh5gWhB5HgAB8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 3542
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-9S9H7QYg5O/ua0nuFLz4q9YzOFYsvSDh5gWhB5HgAB8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 01:05:09 GMT
etag: W/"6fc7822c966d06dca8007051cf0a070a"
last-modified: Mon, 23 Sep 2024 20:04:40 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
x-amz-cf-id: p8esW_0buVw1qMwPNSt55pzg_HZjJvm294Rwv2rUHoMLuPR7I2eTRg==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8AD1 0
0 26ms
26ms Document
text/html 108.139.29.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.139.29.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-91.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1505
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 01:39:10 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Thu, 19 Sep 2024 20:09:53 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
x-amz-cf-id: 2UB9ZN2mS3IlaIP82QNR2pAGaz3fRgu9mNG1AS8LgIhyDlnAK1fQow==
x-amz-cf-pop: JFK50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/5a/ 288 KB
62 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/5a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09511162a4b1556ea752a7e561ff864cf9ea62ca91a566df03beb2dbe60ab283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
age: 6995
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 00:07:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 00:07:39 GMT
last-modified: Tue, 17 Sep 2024 02:26:11 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 62793
x-xss-protection: 0
server: sffe

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/5a/ 181 KB
55 KB 27ms
27ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/5a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b74bba32a64c0671ea7d1897dcec2a9f5662eca6761feba5da9fb2579e1c677a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
age: 28250
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 18:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 18:13:24 GMT
last-modified: Tue, 17 Sep 2024 02:26:11 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56235
x-xss-protection: 0
server: sffe

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
693 B 26ms
25ms Script
text/javascript 108.139.29.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-88.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

etag: "96f5b26d366f47393b3ff36fe7471474"
age: 2263
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FRchbQTqetqBzqE9IhuwCs8VCgugQ3KoinkbJhJ8k7D197FI8BURVA==
date: Tue, 24 Sep 2024 01:26:34 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 20:09:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
x-amz-cf-pop: JFK50-P2
server: Cloudfront

GET collect
gtm.winred.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gtm.winred.com
URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=1&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=page_view&_fv=1&_ss=1&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=-1727143447.9&epn.event_fire_time=1727143449482&ep.event_uuid=8b430fba-0a55-4bd0-9656-3df47b8a2a21&ep.isVideoPage=f&ep.referrer=&tfd=1795&richsstsse

Domain: gtm.winred.com
URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=2&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=user%20session%20start&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=-1727143447.9&epn.event_fire_time=1727143450454&ep.event_uuid=41e1575d-1f80-4686-a17f-9b2393845a6d&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=767&tfd=3064&richsstsse

Domain: gtm.winred.com
URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=3&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=page_load_time_event&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=3.4&epn.event_fire_time=1727143451318&ep.event_uuid=8d5e22a8-9339-41c4-a2e4-932ebdef2669&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=3.42&_et=867&tfd=8432&richsstsse

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.winred.com/api/v3/users	1970-01-21 09:21:43	Name: rvid Value: beb55b7e-f8b5-4694-b0d1-7ce311a89a87
.secure.winred.com/	1970-01-20 23:45:45	Name: __cf_bm Value: xtRmljiD3_WkVtalZPJ1yvgV_jfaLDPocrTjQvZcKGs-1727143448-1.0.1.1-1LpdH7PcQIzPC0CSf12a7HkKwrEs9Z7OGjIN8ABkwJILGfOcUEcwYS3wVjOvUZOoWWwXt6g7.twf4lY2sZQKZg
.winred.com/	1970-01-21 01:55:19	Name: _gcl_au Value: 1.1.9296438.1727143449
.winred.com/	1970-01-20 23:47:09	Name: _gid Value: GA1.2.1554471294.1727143450
.winred.com/	1970-01-20 23:45:43	Name: _dc_gtm_UA-73658561-7 Value: 1
.winred.com/	1970-01-20 23:45:43	Name: _gat_UA-60901920-1 Value: 1
.winred.com/	1970-01-21 09:21:43	Name: _ga_0YWKLMCX4D Value: GS1.1.1727143449.1.0.1727143449.0.0.0
secure.winred.com/	1970-01-21 02:09:43	Name: _cids Value: W10=
.winred.com/	1970-01-21 09:21:43	Name: _ga_HNR33QTX08 Value: GS1.2.1727143449.1.0.1727143449.60.0.0
.twitter.com/	1970-01-21 09:21:43	Name: guest_id_marketing Value: v1%3A172714345003990578
.twitter.com/	1970-01-21 09:21:43	Name: guest_id_ads Value: v1%3A172714345003990578
.twitter.com/	1970-01-21 09:21:43	Name: personalization_id Value: "v1_V4noxi7Iki/ct4Z4W1rZow=="
.twitter.com/	1970-01-21 09:21:43	Name: guest_id Value: v1%3A172714345003990578
.t.co/	1970-01-21 09:21:43	Name: muc_ads Value: 2e95aee8-f98f-44fe-b351-9a21e36cc919
.t.co/	1970-01-20 23:45:45	Name: __cf_bm Value: mbjSvFvKgprhGqijKUK4n3fDbG6hL1339YXM.9KLFz4-1727143450-1.0.1.1-XGN3sAZYht_vqSfMB2EqUVWRx6ywJwTWQAbE_jK2rRsXo80YG68J4I0_3q7MsEt2fr.Q74C2V0IDvBa0E9ZUeg
.doubleclick.net/	1970-01-21 09:21:43	Name: IDE Value: AHWqTUn92kXKwKrpYI3kDva99r0kAKBj_P-2q7jg5HEeWv4ZUpTNBs2z3e8UtTgI
.winred.com/	1970-01-21 09:21:43	Name: _ga Value: GA1.2.645824245.1727143450
secure.winred.com/	1969-12-31 23:59:59	Name: origin_url Value: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670
.secure.winred.com/	1970-01-21 08:31:19	Name: cf_clearance Value: yILoYMJb9CO3sihCoy2Jw2QbDm_1J0GNaKqhmNNW_rE-1727143450-1.2.1.1-Ce_K2TDH302B3.R.qPYVQcskV4AEjWM_TMS.H6NYcA7Lb1vJU6mUC7Xg3Xy8rxW4M_zzJt9JFycJRCam0GnADYYOQwDoU.zju4pcGaYjgVSmG6Yng2vmrDcLM_nKkBPyclMQzH7Nc8b8UefZPT2qUXIB5zSmrIpTC7Papx1VFHOBDs9CnQEk6PtMJFxVLZOOxMx.PwI_xYPSNxV1Y8o4iVRE6nJjbc5IzW2h8RrEnC.pJqtczWG95uZ0W1i6jdYhklsK1yIVqY4a28C8qkrqFAcqw3AX6.uJww1UKrHiIKIBoyzwyYR7tIiBAVABhi0.T3pkMFcuj0HuG.Opqxi3DmzoUYHZS1xrqN5VJwr_4ImMidqgtgBXXrBf8moyFvdl
.winred.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: L3BhbG5HZnRlamthQXM1dlIzTjRLQkorRFJhaTZqOW9YRGZFNU1Vbnl2V05NSy9XcXdrQ1c4Q2hYdDhEcjYxL1pPaXpBQ3pHSkRHYklZQkdPMlBGOVI4QWZhalA5OHRJSm8wVUx4K3VqaDhyc0VtcWtmNXVMUzBTNkFQVGN3YUFscjBJclZHaVhoc09uSEExTURMM29vMmw2MldRZ0JCRVNYb0paWVFVdzJQc00vdGVuM0hQOXRpclR4UnU3azVYTUMvV3ExNCs4S0xIVUpsUzVlWGxxNWdPR3JQNFBpek16dVplSG1VcGZabHZJNjB2QXlrKy9vV2JGb0h4M3FQOXIzMklaYXYyM2QvWXNKNU5qWUF1UVBsWElqS1VkWFlvYytrYlo4VVFZMWVsWXpXU1N3SUFJVUtmV0JrQ1NVbHByOWVOSXpUQk1Wc21sZlVsdGE2K2ZuMUZwRkRhNmg4QnR6dXVKVUw3MUlNPS0tdTg3TUZ5U3YrRkZxcG54bHB5d2JPUT09--f1d1bfb82fff18860a688bd1230934c6ffd63ee6
secure.winred.com/	1969-12-31 23:59:59	Name: sso_tries Value: 1
secure.winred.com/	1970-01-21 09:21:43	Name: rvid Value: beb55b7e-f8b5-4694-b0d1-7ce311a89a87
.winred.com/	1970-01-21 09:21:43	Name: _ga_X6H0114PDF Value: GS1.1.1727143449.1.0.1727143451.0.0.498860888
api2.hcaptcha.com/	1970-01-20 23:45:45	Name: __cflb Value: 0H28vk2VKwPbLoawFincekpozDKK5F2cdS6XMgxGivZ

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: Access to XMLHttpRequest at 'https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=1&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=page_view&_fv=1&_ss=1&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=-1727143447.9&epn.event_fire_time=1727143449482&ep.event_uuid=8b430fba-0a55-4bd0-9656-3df47b8a2a21&ep.isVideoPage=f&ep.referrer=&tfd=1795&richsstsse' from origin 'https://secure.winred.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=1&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=page_view&_fv=1&_ss=1&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=-1727143447.9&epn.event_fire_time=1727143449482&ep.event_uuid=8b430fba-0a55-4bd0-9656-3df47b8a2a21&ep.isVideoPage=f&ep.referrer=&tfd=1795&richsstsse Message: Failed to load resource: net::ERR_FAILED
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: [DOM] Found 2 elements with non-unique id #conduit_employer_name: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: [DOM] Found 2 elements with non-unique id #conduit_mobile_number: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: [DOM] Found 2 elements with non-unique id #conduit_not_employed: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: [DOM] Found 2 elements with non-unique id #conduit_occupation: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: Access to XMLHttpRequest at 'https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=2&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=user%20session%20start&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=-1727143447.9&epn.event_fire_time=1727143450454&ep.event_uuid=41e1575d-1f80-4686-a17f-9b2393845a6d&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=767&tfd=3064&richsstsse' from origin 'https://secure.winred.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=2&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=user%20session%20start&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=-1727143447.9&epn.event_fire_time=1727143450454&ep.event_uuid=41e1575d-1f80-4686-a17f-9b2393845a6d&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=767&tfd=3064&richsstsse Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
javascript	error	URL: https://secure.winred.com/trump-national-committee-jfc/lp-prsp-sms-vp-debate-2-weeks-vjd-bmd?utm_campaign=TXT026670 Message: Access to XMLHttpRequest at 'https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=3&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=page_load_time_event&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=3.4&epn.event_fire_time=1727143451318&ep.event_uuid=8d5e22a8-9339-41c4-a2e4-932ebdef2669&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=3.42&_et=867&tfd=8432&richsstsse' from origin 'https://secure.winred.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727143448929&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=645824245.1727143450&ecid=498860888&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1727143448929&sst.ude=0&_s=3&sid=1727143449&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd%3Futm_campaign%3DTXT026670&dt=MAGA&en=page_load_time_event&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-prsp-sms-vp-debate-2-weeks-vjd-bmd&epn.load_time_sec=3.4&epn.event_fire_time=1727143451318&ep.event_uuid=8d5e22a8-9339-41c4-a2e4-932ebdef2669&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=3.42&_et=867&tfd=8432&richsstsse Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ads.rmbl.ws
analytics.google.com
analytics.twitter.com
app.winred.com
d35ligi1n5bgzc.cloudfront.net
env0.prompt.io
googleads.g.doubleclick.net
gtm.winred.com
js.stripe.com
lh7-us.googleusercontent.com
maps.googleapis.com
secure.winred.com
securelink.gop
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
gtm.winred.com
104.244.42.67
108.139.29.88
108.139.29.91
146.75.32.157
162.159.140.229
2001:4860:4802:34::181
2600:9000:26fa:6800:0:7d26:ee00:93a1
2606:4700::6810:5049
2606:4700::6813:d459
2607:f8b0:4004:c1f::9b
2607:f8b0:4006:80b::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::2001
2607:f8b0:4006:824::2002
38.70.189.70
44.227.24.191
54.218.163.155
06e2f41f28db2520c0066921dbc1482227a70af66822fffb2554d18ce1c27196
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
09511162a4b1556ea752a7e561ff864cf9ea62ca91a566df03beb2dbe60ab283
145b3a2173ad84c270301fc4527e6291a81ae3432e3f78c5a4077bdb68c90256
1694bc98a0ceed60020743d1e22d3334194570814ce8bffc5c3cb0bbdf726002
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9
25049873d06f8b0f2d8c86f562ce6ccaf538ed69eb873e8f328af6fec0040700
2be40f02e37e46e793761339c8501e3a1f629b120a7e0335a0540606bdd5fb2d
3067bc13fdbe9ec5310a2635e9d019fdf9769fc6229a593a6d1072328eee9160
34dbbeedb5f41467c45409cfe22b5398a1e7410ae53e0f2a196a706db6d62107
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
37f1ef31d0508a47358ed4e2ef1ec7ea9a3334a71dbfd74920ed7e55f036e964
39c5635b37eb230b6091d65e20546902b5af1b8c82ad51b69495c81645667131
3fb71cb0273d5eb6c12f3df9f3581da9baa11078f06bf9dfa2bf0bdb8ec99237
420ac6c617ee74fe7974f174a88e74d415000487a2e515797094e02e099b48ba
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e2262733368aa24afaa50fa705491c1f5c09e861a9e558bb23218904d486a77
599041f3fe3318f05c1177c647b6c585915b0314ad765e845ec3098bd71965d5
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
5cdb67a75255ee490f0caf98cd9515836b791fae04ff37cdfb690a3777f54e4f
665ac162fe0384b9177b5dc92e2a3c887176277c39ef9ce71b3551d805ef5292
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
706e4b2b1a0b48a95a2468ed5bbd10ea6cb9874aff64afd280e979c2f141cb0e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86362dc7d5ad54a4561c1fa9ef1a7fa014fea3cab2459eef3a0d38aa3286d59d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
a6fab389f729f9d0db64a64f8fa3e313a21a67a65150f526492b790ba084b3a5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b74bba32a64c0671ea7d1897dcec2a9f5662eca6761feba5da9fb2579e1c677a
bdb61f01a474edab4a60bc21aca66789be4e3d590225ece8c3ef6cbbddf12e94
c1303af524eec924da681ad45c15174f40e0fe38f0eb18d535303b3170c89110
c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd1af6d66c0c20da619f4931e554a0504bfc5b415c48dfefb1b7889d389a0875
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84ca21cf14069c3fe5b0f487353ddf28d95978634ded7ebb411dac344241121
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902
fd253a06bcea6bbf54e479b38aafb9df6b8fd3c0b3dcb11a2b06fec6a2f35751

secure.winred.com Open in urlscan Pro 2606:4700::6813:d459 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

94 %HTTPS

60 %IPv6

16 Domains

21 Subdomains

19 IPs

3 Countries

3145 kBTransfer

6322 kBSize

24 Cookies

9 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

94 %
HTTPS

60 %
IPv6

16
Domains

21
Subdomains

19
IPs

3
Countries

3145 kB
Transfer

6322 kB
Size

24
Cookies

68 HTTP transactions
0 data transactions