urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
2606:4700::6813:d359  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trk.cp20.com/click/gj5f-a9urj-b4uw2i-qw3xn37/
Effective URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Submission: On September 24 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 2 countries across 18 domains to perform 59 HTTP transactions. The main IP is 2606:4700::6813:d359, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 23291.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.97.124.126 16509 (AMAZON-02)
1 11 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.0.176 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:247... 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 108.139.29.88 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.44.157 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 3.168.122.128 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
1 142.251.32.98 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.66.0.227 13335 (CLOUDFLAR...)
2 104.244.42.131 13414 (TWITTER)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
59 22
1    3.97.124.126 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-124-126.ca-central-1.compute.amazonaws.com
trk.cp20.com
11    2606:4700::6813:d359 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.winred.com
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
4    2607:f8b0:4006:808::200a (United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
5    2600:9000:247b:e400:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)
d35ligi1n5bgzc.cloudfront.net
5    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
7    108.139.29.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-88.jfk50.r.cloudfront.net
js.stripe.com
1    2606:4700::6813:d459 (United States)

ASN13335 (CLOUDFLARENET, US)
app.winred.com
1    151.101.44.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    3.168.122.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-128.jfk52.r.cloudfront.net
pixel.intersecttechnologies.com
4    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
www.googleadservices.com
1    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    2606:4700::6810:e534 (United States)

ASN13335 (CLOUDFLARENET, US)
gtm.winred.com
2    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
Apex Domain
Subdomains		 Transfer
14 winred.com
secure.winred.com — Cisco Umbrella Rank: 23291
app.winred.com — Cisco Umbrella Rank: 128386
gtm.winred.com — Cisco Umbrella Rank: 106176
217 KB
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1083
159 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
509 KB
5 cloudfront.net
d35ligi1n5bgzc.cloudfront.net
620 KB
4 doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 189
stats.g.doubleclick.net — Cisco Umbrella Rank: 131
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
428 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 450
228 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 11546
190 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 137
234 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 946
943 B
2 t.co
t.co — Cisco Umbrella Rank: 844
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
70 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 92
3 KB
1 intersecttechnologies.com
pixel.intersecttechnologies.com — Cisco Umbrella Rank: 356345
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 863
15 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 685
7 KB
1 cp20.com
trk.cp20.com — Cisco Umbrella Rank: 60004
514 B
59 18
Domain Requested by
11 secure.winred.com 1 redirects secure.winred.com
static.cloudflareinsights.com
8 js.stripe.com secure.winred.com
js.stripe.com
5 www.googletagmanager.com secure.winred.com
www.googletagmanager.com
5 d35ligi1n5bgzc.cloudfront.net secure.winred.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
secure.winred.com
4 maps.googleapis.com secure.winred.com
maps.googleapis.com
3 www.google.ca secure.winred.com
2 www.facebook.com secure.winred.com
2 stats.g.doubleclick.net www.google-analytics.com
secure.winred.com
2 analytics.twitter.com secure.winred.com
2 t.co secure.winred.com
2 gtm.winred.com www.googletagmanager.com
2 connect.facebook.net secure.winred.com
connect.facebook.net
1 analytics.google.com secure.winred.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 td.doubleclick.net www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 pixel.intersecttechnologies.com www.googletagmanager.com
secure.winred.com
1 static.ads-twitter.com www.googletagmanager.com
1 app.winred.com secure.winred.com
1 static.cloudflareinsights.com secure.winred.com
1 trk.cp20.com 1 redirects
59 23

This site contains links to these domains. Also see Links.

Domain
tandcs.us
winred.com
Subject Issuer Validity Valid
secure.winred.com
Cloudflare Inc ECC CA-3		 2024-01-22 -
2024-12-31		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
winred.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-03 -
2024-10-01		 3 months crt.sh
pixel.intersecttechnologies.com
Amazon RSA 2048 M02		 2024-07-01 -
2025-07-31		 a year crt.sh
*.googleadservices.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
t.co
E6		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.ca
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Frame ID: 58B0CF505264D61EF244E8F5F704F573
Requests: 49 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
Frame ID: 1B4A17A6170528ED96322A95BAFBD08E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6717151df347c019beb65800652fff2a.html
Frame ID: E1CF481269D0AD39619B9909AB8F0B8E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
Frame ID: 42B2501986614B07F93938E9D72542FE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-ef6046d273736a898e518b9af0efd9ab.html
Frame ID: 2D45AACDB998371203746504265BEABF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-dbb275903b520ce29d0ea40e6d584453.html
Frame ID: F970AF11B9E5E964DD7D4FBA7F3C9A97
Requests: 1 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 49452513615AF86B3BA0F1AF241454B2
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11371760235?random=1727192836605&cv=11&fst=1727192836605&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: 3980514D4FAD29468607B458B96BD041
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-c15a46f3f222eaa598a2bf38f7f28f41.html
Frame ID: B8BCCAC9E82F04465008A8466274FF6C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 14584B2747624C5830A4B156903F7505
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DEFEND AMERICA

Page URL History Show full URLs

  1. https://trk.cp20.com/click/gj5f-a9urj-b4uw2i-qw3xn37/ HTTP 302
    https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

59
Requests

95 %
HTTPS

67 %
IPv6

18
Domains

23
Subdomains

22
IPs

2
Countries

1859 kB
Transfer

5014 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.cp20.com/click/gj5f-a9urj-b4uw2i-qw3xn37/ HTTP 302
    https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Request Chain 44
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCOrGsQIIm8exAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChAI8MbJtwYQnov6zenRwpVmEh0Apmzywm5zm0HOgzRdLu3OFU_lAt1M9_L6NMjQCw&pscrd=IhMImNr82_bbiAMV0g5oCB2rwja5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3NlY3VyZS53aW5yZWQuY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCOrGsQIIm8exAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMImNr82_bbiAMV0g5oCB2rwja5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3NlY3VyZS53aW5yZWQuY29tLw&is_vtc=1&cid=CAQSGwDpaXnf7VWmuNMbrPkLwqXVkv0SPffUwHxobg&eitems=ChAI8MbJtwYQnov6zenRwpVmEh0ApmzywtpU8KZYPzt_WPXNq44gytkHvTE6COQsPA&random=3496547103 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCOrGsQIIm8exAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMImNr82_bbiAMV0g5oCB2rwja5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3NlY3VyZS53aW5yZWQuY29tLw&is_vtc=1&cid=CAQSGwDpaXnf7VWmuNMbrPkLwqXVkv0SPffUwHxobg&eitems=ChAI8MbJtwYQnov6zenRwpVmEh0ApmzywtpU8KZYPzt_WPXNq44gytkHvTE6COQsPA&random=3496547103&ipr=y

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mtg_don_ste_er_me-tsa_rs_20240920
secure.winred.com/marjorie-greene-for-congress/
Redirect Chain
  • https://trk.cp20.com/click/gj5f-a9urj-b4uw2i-qw3xn37/
  • https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
87 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3130ff363421ce93b5dea9b6ef6c5814bcfdb13e712e07cf79b0ada2b58be8c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8c83e9740f5faaf4-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:47:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-rack-cors
miss; no-origin
x-request-id
463b3c5e-a41a-4c79-ad21-69d68de3b733
x-revv-cache
Hit from Revv
x-runtime
0.037178
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
220
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:47:14 GMT
location
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
refresh
0; URL=https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
server
cmp-trk-s1-05
x-aspnet-version
/
js.stripe.com/v3/ 		654 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
cd1af6d66c0c20da619f4931e554a0504bfc5b415c48dfefb1b7889d389a0875
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-request-id
242ec7c0-036a-48ce-a210-a01abc96c598
content-encoding
br
etag
"c73bc29ee1d76aca02f19705332ea835"
age
34
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 24 Sep 2024 15:47:15 GMT
last-modified
Mon, 23 Sep 2024 20:45:20 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-yul1970039-YUL
x-cache-hits
10
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
162082
server
Fastly
landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
secure.winred.com/assets/ 		220 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"0d589e3ee739618497567fffac3f6955"
x-amz-version-id
MNwkuZ34Hshc4nsjYIxjWSeNzmI6AIck
cf-cache-status
HIT
age
6580
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:47:15 GMT
cf-polished
origSize=227910
date
Tue, 24 Sep 2024 15:47:15 GMT
content-type
text/css
last-modified
Tue, 27 Aug 2024 01:09:32 GMT
vary
Accept-Encoding
x-amz-id-2
QYrgSBuR69HrlKjYI/EMzGjgHO7ZupEit4X4JdxO6rtIHWCwkG73Yn7+LkmHK3oHFr/HUq6A4BY=
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=14400
x-amz-request-id
FKMQFAK38Z95MA6B
cf-ray
8c83e974f881aaf4-YYZ
server
cloudflare
1726798120.css
secure.winred.com/stylesheets/rv_page_01j86hfqs2azqkzbmhpnwq254j/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/stylesheets/rv_page_01j86hfqs2azqkzbmhpnwq254j/1726798120.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc37263058ee42aac956bf9921f7cdd403ced53363e8da74f70663c354179fa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true

Response headers

x-request-id
6ca0f9c8-0783-45fd-82d4-aaf6aada4c12
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
20212
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 21:36:27 GMT
cf-polished
origSize=8450
date
Tue, 24 Sep 2024 15:47:15 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-runtime
0.047102
last-modified
Sat, 21 Sep 2024 13:21:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=31556952
x-rack-cors
miss; no-origin
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8c83e974f883aaf4-YYZ
x-xss-protection
1; mode=block
server
cloudflare
js
maps.googleapis.com/maps/api/ 		340 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1e559c1860af7af844bd68acbcfc875200234be1efd83200310678ff324a64f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
public, max-age=1800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113220
date
Tue, 24 Sep 2024 15:47:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js
secure.winred.com/assets/ 		492 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34dbbeedb5f41467c45409cfe22b5398a1e7410ae53e0f2a196a706db6d62107
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"e75fd1678f79abd85c65c4549db07868"
x-amz-version-id
oGPIy5aVL7BxCbStboHuyrjP9Quyigrl
cf-cache-status
HIT
age
6580
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:47:15 GMT
cf-polished
origSize=503483
date
Tue, 24 Sep 2024 15:47:15 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 01:04:22 GMT
vary
Accept-Encoding
x-amz-id-2
eMvTFZeilAKcfqMLxiEr9EeZCxqCmOg482bweSCbmwxkJeqHZRXj8Z10AhdzaDRhyJHfCYrHbWM=
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=14400
x-amz-request-id
VQJMAYHB47SAJD5Q
cf-ray
8c83e974f885aaf4-YYZ
server
cloudflare
MTGletterhead_Starbig_good.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/827/238/large/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/827/238/large/MTGletterhead_Starbig_good.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:e400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a34e5d96be34f47aeced5ec8c53527f41bec3a323976cb4b90d30af823c35626

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
3g_zbfpDq8aLP5s0hiOA1GC7Gu7ChmKH
etag
"62bbfc91cfd51a1af656a154d423af47"
age
34914
via
1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
132296
x-amz-cf-id
04uGwd1OjT1Sz8rVVQ1-pm64-_72umKkOqBEuIVAGJnuejA50avuzg==
date
Tue, 24 Sep 2024 06:05:22 GMT
content-type
image/png
last-modified
Thu, 11 Jan 2024 18:27:55 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
mtgsig.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/067/268/original/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/067/268/original/mtgsig.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:e400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48b39c0b9c8a3176a8842792f031ed3e10836b6d089856f07e72d365f48d0bb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
vFKjhz2YxtGCSCbT65D71uM2DbXhheUM
etag
"869a08db67ad2d7ac5cdd9949a055940"
age
34914
via
1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
18048
x-amz-cf-id
1A4QgC2CT0aEMMp2IAs0eV5lI1G49AsbqotagU46EaLtaFK7Wfrnpg==
date
Tue, 24 Sep 2024 06:05:22 GMT
content-type
image/png
last-modified
Mon, 19 Aug 2024 21:55:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
50288871_2073306432959456_6856679189416771584_n_%281%29.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/041/821/square/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/041/821/square/50288871_2073306432959456_6856679189416771584_n_%281%29.jpg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:e400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53fddca43160716956c62ef7bc20ffc28a6c20cddedc8afab3b4f400c5b8c7ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
s4y_N1EvQg0ZFB6BOqIiPXWIphmG5Oi1
etag
"fc2b15cb7d0f5329fb049585681a0ce1"
age
34914
via
1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
4913
x-amz-cf-id
MblqrZT-NajBuuvFciDYAKC63pCDcTjdTMWExrro4WPO8wBx00osvQ==
date
Tue, 24 Sep 2024 06:05:22 GMT
content-type
image/jpeg
last-modified
Sat, 17 Jul 2021 19:40:56 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		492 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a59f7e5c0e68b914b14f58aa3745bef5e650e1c71211cf8cf42cc9c9e7bfaa12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 15:47:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
114280
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		281 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTX9RGNQ
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f9b356583055c0e07b4f0caee018ed49ae10eadff88c21431000992a8358d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 15:47:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
99458
x-xss-protection
0
server
Google Tag Manager
win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true

Response headers

cf-bgj
imgq:85,h2pri
etag
"972c0cca8d1e490484e89513f902e847"
x-amz-version-id
oesBjmAh2inmGHKurJiAleCIzUb1YtH1
cf-cache-status
HIT
age
4176
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Ekiy701UNXQ.1E.ufPGnEToiJExhEYGDXhLF5eo0yN0-1727192835-1.0.1.1-lBXJWIkPDJY7jVpYSPI0hX7hQe4rxlThT.eFUV9s4OIBl8nJ60pHbdJUbkBlhXwOTzDKk7HKLNgIEvwhO.2tBYcG7kWyP9nWWyqaDJHFXAG1secByryIrcUEnt1vV9ZY0P5kpcnGf6Ib3zP_Pw7NXb1wHylWHzPbKuMX67wVMjM"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:47:15 GMT
cf-polished
origFmt=png, origSize=11635
date
Tue, 24 Sep 2024 15:47:15 GMT
content-type
image/webp
content-disposition
inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
vary
Accept
last-modified
Tue, 10 Sep 2024 01:04:24 GMT
x-amz-id-2
AYzmGShDOmXo8Q2bCeb7r4a+6nfe84eP85B+yaidbojmSkkkCwZ6Dce54vuH0Nl5vl1uyHzsPIU=
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=14400
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Ekiy701UNXQ.1E.ufPGnEToiJExhEYGDXhLF5eo0yN0-1727192835-1.0.1.1-lBXJWIkPDJY7jVpYSPI0hX7hQe4rxlThT.eFUV9s4OIBl8nJ60pHbdJUbkBlhXwOTzDKk7HKLNgIEvwhO.2tBYcG7kWyP9nWWyqaDJHFXAG1secByryIrcUEnt1vV9ZY0P5kpcnGf6Ib3zP_Pw7NXb1wHylWHzPbKuMX67wVMjM; report-to cf-csp-endpoint
x-amz-request-id
RS79YJ8XJ8X3MRX1
cf-ray
8c83e977caeaaaf4-YYZ
accept-ranges
bytes
content-length
8708
server
cloudflare
win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 		19 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"d31530d4186af669daf4f47099614593"
x-amz-version-id
7TEpFXHt2aF8.KE5Ti.rVuJC42sutdw9
age
6580
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:47:15 GMT
date
Tue, 24 Sep 2024 15:47:15 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 01:09:34 GMT
vary
Accept-Encoding
x-amz-id-2
aPF160M29f003X7p0OTaZo1erDUOQ6+cZX1XV/4/OdU0X4ZAE5/zSA7u3s0c2PhOFk/due3UYAA=
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=14400
x-amz-request-id
C668RN5DHP6V54R9
cf-ray
8c83e977caecaaf4-YYZ
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.winred.com
Referer
https://secure.winred.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8c83e9791d5953dd-YYZ
access-control-allow-origin
*
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
Untitled.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/058/033/large/ 		465 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/058/033/large/Untitled.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01j86hfqs2azqkzbmhpnwq254j/1726798120.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:e400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c2b1f5ff36b6ec30844809b1a16223ad15bbfabc7b0307557a5280bf01d0fab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
0w6ElSUdr0JKc_MxicJJOcoHKkmz._ly
etag
"c32ad4f614f18b36fc1837d8cd9ddd46"
age
34915
via
1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
475902
x-amz-cf-id
cXlocJVNLlmKJC9WEmdlBbzQ1m1QXPghmQ65Vf-GlsYySLyHRx7oig==
date
Tue, 24 Sep 2024 06:05:21 GMT
content-type
image/png
last-modified
Mon, 12 Aug 2024 17:06:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
js.stripe.com/v3/ Frame 1B4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
42
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:46:37 GMT
etag
"47142b7a8256333f95d6c33cf3b94476"
last-modified
Mon, 23 Sep 2024 20:04:26 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-id
5edVnly2tg3IsD-29xgehLozfQNGgAf75aDTR2CVGLD3ctUioxYJQg==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-6717151df347c019beb65800652fff2a.html
js.stripe.com/v3/ Frame E1CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-6717151df347c019beb65800652fff2a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
2210
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:10:40 GMT
etag
W/"6717151df347c019beb65800652fff2a"
last-modified
Mon, 23 Sep 2024 20:04:26 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-id
sJJ45W_0w4oBeuvQcdb5uqX9tmfDUuzPSsrh34nl5KgbERXaXsRJTg==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
current_with_info
app.winred.com/api/v3/users/ 		162 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.winred.com/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c72de1b53158d30a284f30a0a9eb665f7424c4b89f1da4559cb133e5117a2ce
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.winred.com/

Response headers

access-control-max-age
0
x-request-id
a1614b9b-b45f-449c-a790-a92f7c828762
access-control-expose-headers
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"3c72de1b53158d30a284f30a0a9eb665"
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
x-rack-cors-original-access-control-max-age
0
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
application/vnd.api+json
vary
Origin
x-runtime
0.011693
x-rack-cors-original-access-control-allow-origin
https://secure.winred.com
strict-transport-security
max-age=0; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
access-control-allow-credentials
true
x-rack-cors-original-access-control-expose-headers
cf-ray
8c83e97bbd5454d9-YYZ
x-rack-cors-original-access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://secure.winred.com
x-rack-cors-original-access-control-allow-credentials
true
server
cloudflare
controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
js.stripe.com/v3/ Frame 42B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-47142b7a8256333f95d6c33cf3b94476.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
42
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:46:37 GMT
etag
"47142b7a8256333f95d6c33cf3b94476"
last-modified
Mon, 23 Sep 2024 20:04:26 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-id
5edVnly2tg3IsD-29xgehLozfQNGgAf75aDTR2CVGLD3ctUioxYJQg==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-ef6046d273736a898e518b9af0efd9ab.html
js.stripe.com/v3/ Frame 2D45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-ef6046d273736a898e518b9af0efd9ab.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1625
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:20:11 GMT
etag
"ef6046d273736a898e518b9af0efd9ab"
last-modified
Mon, 23 Sep 2024 20:04:41 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-id
vQdTk0wBwggtr6rHkVefGgKn3v9MGWt7T6ejejgatV1-93NfU-KowA==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-dbb275903b520ce29d0ea40e6d584453.html
js.stripe.com/v3/ Frame F970 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-dbb275903b520ce29d0ea40e6d584453.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
32
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:46:44 GMT
etag
"dbb275903b520ce29d0ea40e6d584453"
last-modified
Mon, 23 Sep 2024 20:04:41 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-id
ubwe6PkhQCT_9hrZrCQKV9UtoBcb7gKZwRH_iLxoJ9W5oAt4VQI1Pg==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
100-d07eb176d872d4fb51cd3deb22cc4be5fcde4b471ba245415feed45c596fed4f.png
secure.winred.com/assets/emojis/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/emojis/100-d07eb176d872d4fb51cd3deb22cc4be5fcde4b471ba245415feed45c596fed4f.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0567e7bd395b2cb592e42f83b2e5f18b78866b0e40312fbe3fc9a50c96fa843
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true

Response headers

cf-bgj
imgq:85,h2pri
etag
"67b31b1791474edf862904b4b65544d4"
x-amz-version-id
FWh2uKVUpbpjyvdAa5DaxcgnaofXfGBf
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:47:16 GMT
cf-polished
origFmt=png, origSize=3678
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
image/webp
content-disposition
inline; filename="100-d07eb176d872d4fb51cd3deb22cc4be5fcde4b471ba245415feed45c596fed4f.webp"
vary
Accept
last-modified
Tue, 10 Sep 2024 01:04:23 GMT
x-amz-id-2
i5ujS10evHdFv5OpLKfGEovG7oVF2c8wa6Lfl4smNFk+/tNB4WlwI8kjNeli3+TYoWAftjuiGRY=
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=14400
x-amz-request-id
MNSGH65XXB9ZKT65
cf-ray
8c83e97aad6eaaf4-YYZ
accept-ranges
bytes
content-length
2572
server
cloudflare
main.js
secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 4945
Redirect Chain
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b266c6f846c8bdba71fa31aef3e921e3c95c350eaf19adc386ec5f466a0c5d05
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=0; includeSubDomains
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8c83e97b5e25aaf4-YYZ
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=0; includeSubDomains
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
x-content-type-options
nosniff
cf-ray
8c83e97aad70aaf4-YYZ
access-control-allow-origin
*
content-length
0
date
Tue, 24 Sep 2024 15:47:16 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		316 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0T17RV0DD9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTX9RGNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29ccdcb233628334a809f3e6596324e222c95795962f630c91932908e7f87422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Tue, 24 Sep 2024 15:47:16 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107356
date
Tue, 24 Sep 2024 15:47:16 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
destination
www.googletagmanager.com/gtag/ 		269 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11371760235&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTX9RGNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2023f7533ab543879eb0379321bd6cef9cea6c6fddf342189c66f70884b30fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 15:47:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
94681
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTX9RGNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.44.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Tue, 24 Sep 2024 15:47:16 GMT
x-tw-cdn
FT
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000023-IAD, cache-nyc-kteb1890069-NYC
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=5699, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
/OszOQJuLPPE7FrCqaqEIQmpl1KjhqDr8dPHMwLFxdyWlmrfCWWWymFTBmXSHkQi8Y2+5kc0+xY/OTaYqcjRBw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
origin-agent-cluster
?0
vpixel.js
pixel.intersecttechnologies.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.intersecttechnologies.com/vpixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTX9RGNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.122.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-122-128.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a529090ba270a0e61171eeb9f2b0af8f13686b4798d631c054e061a79f0ee27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-cf-pop
JFK52-P7
content-encoding
gzip
etag
W/"2c72455c99ad48f81781a94f665c0d0f"
age
74057
via
1.1 416370306e2f76e7a452344ce5011ce8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HgJT6Be5mi9pK8Z2qDwCHbXzSSqJRa6l3Git-QOB0dv-cPUHe57pkQ==
date
Mon, 23 Sep 2024 19:13:00 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Wed, 11 Sep 2024 17:31:22 GMT
x-amz-server-side-encryption
AES256
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Tue, 24 Sep 2024 15:47:16 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		302 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
815a7f0ffa6662befe6be7706fe9c9a7d855b0ec27ab7a1976e3356e3329cd4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Tue, 24 Sep 2024 15:47:16 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104500
date
Tue, 24 Sep 2024 15:47:16 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
989
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 17:30:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Tue, 24 Sep 2024 15:30:47 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
8c83e9740f5faaf4
secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4945 		0
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/8c83e9740f5faaf4
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

strict-transport-security
max-age=0; includeSubDomains
cf-ray
8c83e97c7f40aaf4-YYZ
content-length
0
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
x-content-type-options
nosniff
/
www.googleadservices.com/pagead/conversion/11371760235/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11371760235/?random=1727192836605&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11371760235&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
5312aaabd2cd6c2187a052338675dfaac7e0a822907aff4b469664abfc9b6208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2627
date
Tue, 24 Sep 2024 15:47:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
11371760235
td.doubleclick.net/td/rul/ Frame 3980 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/11371760235?random=1727192836605&cv=11&fst=1727192836605&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11371760235&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Sep 2024 15:47:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0T17RV0DD9&gtm=45je49j0v9168862547z89168315308za200zb9168315308&_p=1727192835367&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1720234907.1727192837&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727192836&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&dt=DEFEND%20AMERICA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2069
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0T17RV0DD9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
text/plain
server
Golfe2
collect
gtm.winred.com/g/ 		902 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727192835367&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1720234907.1727192837&ecid=1982314916&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.etld=google.ca&sst.tft=1727192835367&sst.ude=0&_s=1&sid=1727192836&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&dt=DEFEND%20AMERICA&en=page_view&_fv=1&_ss=1&ep.pagepath=%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920&epn.load_time_sec=-1727192834.6&epn.event_fire_time=1727192836392&ep.event_uuid=4c6332a3-b234-4c18-aec0-1ce02e587217&ep.isVideoPage=f&ep.referrer=&tfd=2120&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:e534 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab6bb75c91647b5bfbd27e6ffcd1d9abb932ceef557b466277e9fb7d8be1163
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains
cache-control
no-cache
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
8c83e97f2dc2ac52-YYZ
access-control-allow-origin
https://secure.winred.com
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
text/plain
vary
Accept-Encoding
server
cloudflare
7735f45f-55c3-42b8-b8d4-bd04cc8e2fb6
pixel.intersecttechnologies.com/dot/ 		0
0
adsct
t.co/i/ 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=5&eci=2&event_id=f5d8b568-1240-4207-af3d-2c67e851eab6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8072ab56-7ca4-459d-b6dd-410123feb780&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=olg2d&type=javascript&version=2.3.30
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
05b702c88282bbde
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a94a23e776ca232580f2fc6263058e9a4701e66ee32cbb1bf60db2be53beea4e
cf-cache-status
DYNAMIC
cf-ray
8c83e97f0e3836bd-YYZ
x-response-time
46
content-length
43
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=5&eci=2&event_id=f5d8b568-1240-4207-af3d-2c67e851eab6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8072ab56-7ca4-459d-b6dd-410123feb780&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=olg2d&type=javascript&version=2.3.30
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
3aaeaed57be59b3e
cache-control
no-cache, no-store, max-age=0
x-connection-hash
1433b88c6795e9870d19819cd933099d2af3ded1be5049604f83b8e558b39f5f
x-response-time
114
content-length
43
date
Tue, 24 Sep 2024 15:47:16 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
adsct
t.co/1/i/ 		43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=1da626a2-9423-4721-89fa-c81e2ce0ddb9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8072ab56-7ca4-459d-b6dd-410123feb780&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&tw_iframe_status=0&txn_id=olg2d&type=javascript&version=2.3.30
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
0270e4413dd93466
cache-control
no-cache, no-store, max-age=0
x-connection-hash
646631f9dfc7ce3fe278cd236420d9ecb2350bf4c4a7c19c89ec7dec69cbfdb8
cf-cache-status
DYNAMIC
cf-ray
8c83e97f0e3736bd-YYZ
x-response-time
10
content-length
43
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=1da626a2-9423-4721-89fa-c81e2ce0ddb9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8072ab56-7ca4-459d-b6dd-410123feb780&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&tw_iframe_status=0&txn_id=olg2d&type=javascript&version=2.3.30
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
f984349dd4a8fb17
cache-control
no-cache, no-store, max-age=0
x-connection-hash
1433b88c6795e9870d19819cd933099d2af3ded1be5049604f83b8e558b39f5f
x-response-time
148
content-length
43
date
Tue, 24 Sep 2024 15:47:16 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
277232267964850
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/277232267964850?v=2.9.167&r=stable&domain=secure.winred.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
251afc544550808decbcba64f8327b91ecaacf5c7b263610e32fdf157d879273
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Tue, 24 Sep 2024 15:47:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=74, mss=1232, tbw=68371, tp=63, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
ZfFLwMksj35X1ub6L8iuSYETcthWirZYaZhHrjGk/xu0gIFlWcvlnPK9ox/UmQ33mAAVzL3KHf6sKNE+biL6Dw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
12958
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=873449730&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&ul=en-ca&de=UTF-8&dt=DEFEND%20AMERICA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=1438138744&gjid=683907429&cid=1720234907.1727192837&tid=UA-73658561-7&_gid=1890483289.1727192837&_slc=1&gtm=45He49j0n71NTQZ9Nv72410129za200&cd61=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=302949154
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
date
Tue, 24 Sep 2024 15:47:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=1720234907.1727192837&jid=1438138744&gjid=683907429&_gid=1890483289.1727192837&_u=YCDAiEABBAAAAGAEK~&z=1206632821
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
date
Tue, 24 Sep 2024 15:47:17 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/ 		35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=873449730&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&ul=en-ca&de=UTF-8&dt=DEFEND%20AMERICA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YCDAiEABBAAAAGAEK~&jid=&gjid=&cid=1720234907.1727192837&tid=UA-73658561-7&_gid=1890483289.1727192837&gtm=45He49j0n71NTQZ9Nv72410129za200&cd41=anonymous&cd58=f&cd61=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=239970620
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
36211
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Tue, 24 Sep 2024 05:43:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
/
www.google.ca/pagead/1p-conversion/11371760235/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb916831530...
  • https://www.google.com/pagead/1p-conversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dm...
  • https://www.google.ca/pagead/1p-conversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCOrGsQIIm8exAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMImNr82_bbiAMV0g5oCB2rwja5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3NlY3VyZS53aW5yZWQuY29tLw&is_vtc=1&cid=CAQSGwDpaXnf7VWmuNMbrPkLwqXVkv0SPffUwHxobg&eitems=ChAI8MbJtwYQnov6zenRwpVmEh0ApmzywtpU8KZYPzt_WPXNq44gytkHvTE6COQsPA&random=3496547103&ipr=y
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 24 Sep 2024 15:47:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.ca/pagead/1p-conversion/11371760235/?random=1231964801&cv=11&fst=1727192836605&bg=ffffff&guid=ON&async=1&gtm=45be49j0v9168851077z89168315308za201zb9168315308&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&label=gfgXCKj3_O0YEOuUva4q&hn=www.googleadservices.com&frm=0&tiba=DEFEND%20AMERICA&value=0&npa=0&pscdl=noapi&auid=1945785800.1727192836&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCOrGsQIIm8exAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMImNr82_bbiAMV0g5oCB2rwja5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3NlY3VyZS53aW5yZWQuY29tLw&is_vtc=1&cid=CAQSGwDpaXnf7VWmuNMbrPkLwqXVkv0SPffUwHxobg&eitems=ChAI8MbJtwYQnov6zenRwpVmEh0ApmzywtpU8KZYPzt_WPXNq44gytkHvTE6COQsPA&random=3496547103&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 24 Sep 2024 15:47:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=277232267964850&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&rl=&if=false&ts=1727192836917&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1727192836914.9143016583525343&ler=empty&cdl=API_unavailable&it=1727192836827&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=277232267964850&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&rl=&if=false&ts=1727192836917&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1727192836914.9143016583525343&ler=empty&cdl=API_unavailable&it=1727192836827&coo=false&rqm=FGET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418236749117874994"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
BtTchY5a68OTBkxSqPlwJQ2xT99ZUVq5ghECdV2m89TCuySIm2x90jI4bsOr1XVIn6a5t68xTh8QM29qVjkG/w==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418236749117874994", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1392, tbw=3112, tp=-1, tpl=-1, uplat=112, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
analytics.google.com/g/s/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.google.com/g/s/collect?dma=0&npa=0&gcd=13l3l3l3l1l1&gtm=45j91e49j1v867905447z872410129z9867900975za200zb72410129&tag_exp=0&_gsid=X6H0114PDF9aaS4Lgcx6PS7Oj0KpPfnw
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-X6H0114PDF&cid=kZWw%2BbAS7tpMjwTMplHRuGz5htG4JiqR4KgxU3qm8C8%3D.1727192837&gtm=45j91e49j1v867905447z872410129z9867900975za200zb72410129&tag_exp=0&aip=1&z=1274112628
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 24 Sep 2024 15:47:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-X6H0114PDF&cid=kZWw%2BbAS7tpMjwTMplHRuGz5htG4JiqR4KgxU3qm8C8%3D.1727192837&gtm=45j91e49j1v867905447z872410129z9867900975za200zb72410129&tag_exp=0&aip=1
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
text/plain
server
Golfe2
collect
gtm.winred.com/g/ 		381 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je49j0v867905447z872410129za200zb72410129&_p=1727192835367&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1720234907.1727192837&ecid=1982314916&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.etld=google.ca&sst.tft=1727192835367&sst.ude=0&_s=2&sid=1727192836&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue&dt=DEFEND%20AMERICA&en=user%20session%20start&ep.pagepath=%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920&epn.load_time_sec=-1727192834.6&epn.event_fire_time=1727192836419&ep.event_uuid=e6d14c7e-f7c5-4c15-b60c-068b535c3f21&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=7&tfd=2629&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:e534 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
768edbb5d7f3bc96a01c470fd0bd8712fbcaf9e5395d1c24a723088d595dec7e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains
cache-control
no-cache
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
8c83e9811fe6ac52-YYZ
access-control-allow-origin
https://secure.winred.com
date
Tue, 24 Sep 2024 15:47:17 GMT
content-type
text/plain
vary
Accept-Encoding
server
cloudflare
hcaptcha-invisible-c15a46f3f222eaa598a2bf38f7f28f41.html
js.stripe.com/v3/ Frame B8BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-c15a46f3f222eaa598a2bf38f7f28f41.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-9S9H7QYg5O/ua0nuFLz4q9YzOFYsvSDh5gWhB5HgAB8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
2528
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-9S9H7QYg5O/ua0nuFLz4q9YzOFYsvSDh5gWhB5HgAB8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:05:09 GMT
etag
W/"6fc7822c966d06dca8007051cf0a070a"
last-modified
Mon, 23 Sep 2024 20:04:40 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
x-amz-cf-id
Qc5DnMZBoqkcKnzigffBPOh4v350oRco4ijTUwIRKVSZ_nikP2-4Nw==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-X6H0114PDF&cid=kZWw%2BbAS7tpMjwTMplHRuGz5htG4JiqR4KgxU3qm8C8%3D.1727192837&gtm=45j91e49j1v867905447z872410129z9867900975za200zb72410129&tag_exp=0&aip=1&z=1629597093
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 24 Sep 2024 15:47:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
rum
secure.winred.com/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8c83e9861882aaf4-YYZ
access-control-allow-origin
https://secure.winred.com
date
Tue, 24 Sep 2024 15:47:18 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:247b:e400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

x-amz-version-id
FN8PLjpE4LnyaM50_d0emgSd0vAz496F
age
35231
etag
"7b9c8b7070c8f9c81fc9a133d26daf4e"
via
1.1 c28d583393bad4965b8efa4ef27ccc9e.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
1512
x-amz-cf-id
QAPaVBunWV7wuoy_ETZfxYr7cm-ruDqajf1y8CmqJy-Vz2JXVcsN1A==
date
Tue, 24 Sep 2024 06:00:07 GMT
content-type
image/png
last-modified
Wed, 10 Jul 2019 18:21:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 1458 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
491
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 15:39:10 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 19 Sep 2024 20:09:53 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
x-amz-cf-id
qjXw4NRtTJC0WPRnSuDSfPckqM-UpCAzOAGl02VQc6fZZ4jYsHhZxw==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
common.js
maps.googleapis.com/maps-api-v3/api/js/58/5a/ 		288 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/5a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09511162a4b1556ea752a7e561ff864cf9ea62ca91a566df03beb2dbe60ab283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
age
11157
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 12:41:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 12:41:24 GMT
last-modified
Tue, 17 Sep 2024 02:26:11 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
62793
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/5a/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/5a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b74bba32a64c0671ea7d1897dcec2a9f5662eca6761feba5da9fb2579e1c677a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.winred.com/

Response headers

content-encoding
br
age
30848
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 07:13:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 07:13:13 GMT
last-modified
Tue, 17 Sep 2024 02:26:11 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56235
x-xss-protection
0
server
sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.intersecttechnologies.com
URL
https://pixel.intersecttechnologies.com/dot/7735f45f-55c3-42b8-b8d4-bd04cc8e2fb6?cbust=2436042214306123.5&url_path=https%3A%2F%2Fsecure.winred.com%2Fmarjorie-greene-for-congress%2Fmtg_don_ste_er_me-tsa_rs_20240920%3Frecurring%3Dtrue

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer boolean| isWinRed string| app_platform object| webpackChunkStripeJSouter function| noop function| Stripe function| $ function| jQuery object| jQuery1124001412601271090641 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass object| bioEp function| Cookies object| App object| picturefillCFG function| picturefill object| party function| UAParser function| gm_authFailure object| antiClickjack object| __cfBeacon function| landingPageFormSubmitRecaptchaSuccess function| landingPageFormSubmitRecaptchaError object| google_tag_manager object| google_tag_data function| twq function| fbq function| _fbq object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| vpixel object| viqPixel object| regeneratorRuntime object| twttr object| gaplugins object| gaData

24 Cookies

Domain/Path Name / Value
app.winred.com/api/v3/users Name: rvid
Value: e8869627-ed4f-4503-9688-36b6412b385c
.secure.winred.com/ Name: __cf_bm
Value: ji3RVWAXVgP747W_IlNFxjH1ipaX6zlJmw814aGX5QQ-1727192835-1.0.1.1-mCW.5LbOVNnFsJLk7Zlb_ZS56kS1WErVc7IPNFLJ2mrCHCCbl5mGwITegFzo302sYsg0sormALcG6B99WE94ew
secure.winred.com/ Name: origin_url
Value: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
.winred.com/ Name: _gcl_au
Value: 1.1.1945785800.1727192836
.winred.com/ Name: _revv_v3_session
Value: TFhiYU9jSEh1NURma0JUMnF3MTdsUGxObUp5ekZuSnpicWVMYU9lcDR4SzhTQmNrQ3hwTE9NOEZ6Sm9ibFFFdGNsWUNWdU5FY29JbnpTYW52K0NvNFVzV25UQVU3bVZCM0F0U0w5eno2QUpmRkdBR201VHFUZUtOazlqQy82bTRmNUtTM1hGdWpsTE96NmRiQzFhV0dKaTF5T3QxOTY1TDh6K1RhdTRibTJ2eTA2b3pQV0hEblExa2ZyOHFFOW5QNmtxQjBSZjE2VkU3NmxzYlUyQTN6aURXbHg3VFhzVWRhblRaZkZVeDVKcnNmaUhBYWEwZHJ6SDA1UVJlMWhZbFNGODJiNmtJR20xLzk5VjlCSng5cndoKzZMZC9QT2JEanVSeXhSc2FaMzFWeS9hdkhRcEVoV1JRb0RZMUJDaXd3bXJzRDlJU0FSZnhDaU53K3p1b0dobUlFNGRzLzlGbE9Ha1VvSC9kOUNNPS0tbWlPOXB6M2lwUE15WmN1eis3eEZ5dz09--2e43e3b2b541d4050fb79849362a530578bd5763
secure.winred.com/ Name: sso_tries
Value: 1
secure.winred.com/ Name: rvid
Value: e8869627-ed4f-4503-9688-36b6412b385c
.secure.winred.com/ Name: cf_clearance
Value: i1OfQJkf2V29VBGYHLezKWOjg7HKV4fTCfJc7LF3b4Y-1727192836-1.2.1.1-rX7p5_T_2YgCKaL8zWaJ_6r1GSS63tHUJkXdTLK7XA6dkQLWcBkFu3BcOXwdb_iLji203R7vGEolUXEd7qEIbMrbhDupJQiVJJ4eOKS0OmgKwuY8wQYdyjR70ozCAVuMsaCrFLtwATTTbox5C0XIIPPzJYeMM64fHo7YHPOz5pgDY.N1tEMIwu3Bn.PkcG98PeJwHJ2EjFVbrszV4fRMKNleNTsnrxLaXMyCslYegJDZ4fsopAJ6yvblVHz9y098CDWs1J_HP04E85BIx1.C9TUIpICrrvAZu9_w19R0ONpQfT87I50.UjpwPplC89TQLq1K4ZyL.LMBVr5738HgckR7roLdVAqCXGrMj5Qj1foRwOB.H1LTej3dFQFqA0RL
.winred.com/ Name: _ga_0T17RV0DD9
Value: GS1.1.1727192836.1.0.1727192836.0.0.0
.winred.com/ Name: _ga
Value: GA1.2.1720234907.1727192837
.winred.com/ Name: _gid
Value: GA1.2.1890483289.1727192837
.winred.com/ Name: _dc_gtm_UA-73658561-7
Value: 1
.winred.com/ Name: _fbp
Value: fb.1.1727192836914.9143016583525343
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.t.co/ Name: muc_ads
Value: 87ce1297-0a07-4954-aa9a-61b8e4422bab
.t.co/ Name: __cf_bm
Value: 2E1glR2X_aXx3LgLl1JOOZay6lWJO09wSYTlchUWtXI-1727192837-1.0.1.1-xcbiCtEPGTAFxIYl5aJPGehslTjCqrzDDN.8oKdApRAiBWXDgSEhFBCmT3AD7CWGqHdGIR.lPU7poXx3m6RK2w
.winred.com/ Name: FPID
Value: FPID2.2.kZWw%2BbAS7tpMjwTMplHRuGz5htG4JiqR4KgxU3qm8C8%3D.1727192837
.winred.com/ Name: FPGSID
Value: 1.1727192837.1727192837.G-X6H0114PDF.9aaS4Lgcx6PS7Oj0KpPfnw
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172719283716771715
.twitter.com/ Name: guest_id_ads
Value: v1%3A172719283716771715
.twitter.com/ Name: personalization_id
Value: "v1_EXxScG90NxgKfnD6CYgHEg=="
.twitter.com/ Name: guest_id
Value: v1%3A172719283716771715
.winred.com/ Name: FPLC
Value: v5uwMU47LhQJ3qKMPDWosgIG6zXaoLXuZoVrZqt65FAX8kPCYqpITUAqpaLzW5VHaVlYrAjNe1Rx3E2DV9H9RA1qzlbnryv2Cs5%2BhKpAfDZTlfYtp%2FVa8oWnT0XOOQ%3D%3D
.winred.com/ Name: _ga_X6H0114PDF
Value: GS1.1.1727192836.1.0.1727192838.0.0.1982314916

10 Console Messages

Source Level URL
Text
recommendation warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
[DOM] Found 2 elements with non-unique id #conduit_employer_name: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
[DOM] Found 2 elements with non-unique id #conduit_mobile_number: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
[DOM] Found 2 elements with non-unique id #conduit_not_employed: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
[DOM] Found 2 elements with non-unique id #conduit_occupation: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://secure.winred.com/marjorie-greene-for-congress/mtg_don_ste_er_me-tsa_rs_20240920?recurring=true
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.twitter.com
app.winred.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
gtm.winred.com
js.stripe.com
maps.googleapis.com
pixel.intersecttechnologies.com
secure.winred.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
trk.cp20.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
pixel.intersecttechnologies.com
104.244.42.131
108.139.29.88
142.251.32.98
151.101.0.176
151.101.44.157
172.66.0.227
2001:4860:4802:32::181
2001:4860:4802:34::178
2600:9000:247b:e400:0:7d26:ee00:93a1
2606:4700::6810:5049
2606:4700::6810:e534
2606:4700::6813:d359
2606:4700::6813:d459
2607:f8b0:4004:c06::9a
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::200a
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::2004
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::2002
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.168.122.128
3.97.124.126
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
09511162a4b1556ea752a7e561ff864cf9ea62ca91a566df03beb2dbe60ab283
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e559c1860af7af844bd68acbcfc875200234be1efd83200310678ff324a64f3
2023f7533ab543879eb0379321bd6cef9cea6c6fddf342189c66f70884b30fd8
251afc544550808decbcba64f8327b91ecaacf5c7b263610e32fdf157d879273
29ccdcb233628334a809f3e6596324e222c95795962f630c91932908e7f87422
2a529090ba270a0e61171eeb9f2b0af8f13686b4798d631c054e061a79f0ee27
34dbbeedb5f41467c45409cfe22b5398a1e7410ae53e0f2a196a706db6d62107
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
3c72de1b53158d30a284f30a0a9eb665f7424c4b89f1da4559cb133e5117a2ce
3f9b356583055c0e07b4f0caee018ed49ae10eadff88c21431000992a8358d7f
48b39c0b9c8a3176a8842792f031ed3e10836b6d089856f07e72d365f48d0bb4
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5312aaabd2cd6c2187a052338675dfaac7e0a822907aff4b469664abfc9b6208
53fddca43160716956c62ef7bc20ffc28a6c20cddedc8afab3b4f400c5b8c7ee
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
5cc37263058ee42aac956bf9921f7cdd403ced53363e8da74f70663c354179fa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
768edbb5d7f3bc96a01c470fd0bd8712fbcaf9e5395d1c24a723088d595dec7e
7ab6bb75c91647b5bfbd27e6ffcd1d9abb932ceef557b466277e9fb7d8be1163
815a7f0ffa6662befe6be7706fe9c9a7d855b0ec27ab7a1976e3356e3329cd4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c2b1f5ff36b6ec30844809b1a16223ad15bbfabc7b0307557a5280bf01d0fab
a34e5d96be34f47aeced5ec8c53527f41bec3a323976cb4b90d30af823c35626
a59f7e5c0e68b914b14f58aa3745bef5e650e1c71211cf8cf42cc9c9e7bfaa12
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0567e7bd395b2cb592e42f83b2e5f18b78866b0e40312fbe3fc9a50c96fa843
b266c6f846c8bdba71fa31aef3e921e3c95c350eaf19adc386ec5f466a0c5d05
b74bba32a64c0671ea7d1897dcec2a9f5662eca6761feba5da9fb2579e1c677a
c3130ff363421ce93b5dea9b6ef6c5814bcfdb13e712e07cf79b0ada2b58be8c
c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd1af6d66c0c20da619f4931e554a0504bfc5b415c48dfefb1b7889d389a0875
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902