secure.winred.com Open in urlscan Pro
2606:4700:10::6814:443 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.i-d-pro.com/ls/click?upn=zbD-2BTAyWkr6XAy1fG-2B4y7qUw-2FPjcf061JS-2FaPU-2B90XPNOq2QY-2B61QvpVrA4yaMqvmGGxC7F...
Effective URL:
https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=...
Submission: On March 31 via manual (March 31st 2020, 12:27:02 pm UTC) from US

Summary HTTP 38 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 17 domains to perform 38 HTTP transactions. The main IP is 2606:4700:10::6814:443, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 14th 2019. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
7	2606:4700:10:... 2606:4700:10::6814:443	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.225.73.81 13.225.73.81	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	99.84.155.62 99.84.155.62	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.50.184.22 52.50.184.22	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 2	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	52.50.37.223 52.50.37.223	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
38	14

1 167.89.115.56 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

link.i-d-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:443 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.revv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.73.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-81.fra2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.155.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-62.txl52.r.cloudfront.net

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.184.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-184-22.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.37.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-37-223.eu-west-1.compute.amazonaws.com

prospergroupcorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googleapis.com maps.googleapis.com	194 KB
6	winred.com secure.winred.com	198 KB
4	facebook.com 1 redirects www.facebook.com	758 B
4	demdex.net dpm.demdex.net prospergroupcorp.demdex.net	6 KB
4	stripe.com js.stripe.com	41 KB
3	everesttech.net 3 redirects rtd-tm.everesttech.net cm.everesttech.net	1 KB
3	facebook.net connect.facebook.net	256 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	cloudfront.net d35ligi1n5bgzc.cloudfront.net	244 KB
2	gstatic.com maps.gstatic.com	5 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	82 KB
1	atdmt.com cx.atdmt.com	434 B
1	revv.co app.revv.co	1 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	i-d-pro.com 1 redirects link.i-d-pro.com	352 B
38	17

	Domain	Requested by
6	maps.googleapis.com	secure.winred.com maps.googleapis.com
6	secure.winred.com	secure.winred.com
4	www.facebook.com	1 redirects secure.winred.com connect.facebook.net
4	js.stripe.com	secure.winred.com js.stripe.com
3	connect.facebook.net	secure.winred.com connect.facebook.net
3	d35ligi1n5bgzc.cloudfront.net	secure.winred.com
2	prospergroupcorp.demdex.net	secure.winred.com
2	maps.gstatic.com	secure.winred.com
2	cm.g.doubleclick.net	1 redirects secure.winred.com
2	rtd-tm.everesttech.net	2 redirects
2	dpm.demdex.net	secure.winred.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	secure.winred.com
1	cm.everesttech.net	1 redirects
1	cx.atdmt.com	secure.winred.com
1	app.revv.co	secure.winred.com
1	www.google.de	secure.winred.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	link.i-d-pro.com	1 redirects
38	20

This site contains links to these domains. Also see Links.

Domain
winred.com

Subject Issuer	Validity	Valid
www.winred.com DigiCert SHA2 Extended Validation Server CA	`2019-08-14` - `2020-09-30`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-02-12` - `2020-06-03`	4 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.revv.co COMODO RSA Domain Validation Secure Server CA	`2018-10-01` - `2020-10-28`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Frame ID: 7A4B0F47B28FAEA6CA0DFA00B0111CFC
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: E1230F2D950B4DD02BE6C2073DCEF189
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-acfa331062b18d01cad8673800ca4369.html
Frame ID: F247A836D7B77124F5C31A4302277FC3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-9644e07c31a2896df020dd41f9592b8d.html
Frame ID: 00234E818B84950255C275FBA65C322A
Requests: 1 HTTP requests in this frame

Frame: https://prospergroupcorp.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 65CCA24076F93247EED31967D5E1E155
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://link.i-d-pro.com/ls/click?upn=zbD-2BTAyWkr6XAy1fG-2B4y7qUw-2FPjcf061JS-2FaPU-2B90XPNOq2QY-2B6... HTTP 302
https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_mediu... Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

38
Requests

100 %
HTTPS

58 %
IPv6

17
Domains

20
Subdomains

14
IPs

4
Countries

1046 kB
Transfer

3117 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://winred.com/terms/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://winred.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://winred.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://winred.com/about-our-ads/
Title: About Our Ads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.i-d-pro.com/ls/click?upn=zbD-2BTAyWkr6XAy1fG-2B4y7qUw-2FPjcf061JS-2FaPU-2B90XPNOq2QY-2B61QvpVrA4yaMqvmGGxC7FuEIraJnZhm-2BuiagKwxTIfeAeL8tWQhlBAx2JOHYXNzNGeNg9XIXOftQWBPkJVhvvr-2F-2B1I-2BeEl9WWgKSaTyh9fwQOr2iK8UHho5isKMOkIMKgfbEMS5MHy2bMlLfiC6h1a4SnK75P4wqAV6w-3D-3DV902_1hFkNcYLzltQBFn7GHj5FKP5REKdaVkIm4yOWLqMA98wI0DMoeM3VbPVXcL-2F6-2FnSx0VkUlwZfwwz7IQ-2BPROaoy5XCL93kU6wH2LKKY6dJC5yBwQr1w2CDrbwkvanJRjhhDQ8HrJ01tRjrUFbxWs8wBy12VzriaLCQ5IFSAUV9ITME3gJS7XA3tsoy9qdXL6d-2BBsRVIWxKmjpmVBfFOCIQOc5ThYRT3n8kgel5B76Hsir2IQjTSrkZOS3x4LxzPON6dhoX4w-2BTrFLm1teEXHErNPOD0gGpdkNUtBVk5CBk4Ti3JnwPdb-2BSs-2BnvvHTJeaT HTTP 302
https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=673215990&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fomarifaulkner%2Fe-eoq-2-03272020%3Futm_source%3Demail_PG%26utm_campaign%3Dof%26utm_medium%3DEmail%26utm_content%3DTime_is_Running_Out&ul=en-us&de=UTF-8&dt=Support%20Omari%20Faulkner%20For%20Virginia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=616868570&gjid=139120137&cid=1010781778.1585657592&tid=UA-73658561-7&_gid=1868127515.1585657592&_r=1&gtm=2wg3i0NTQZ9N&z=465671884 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_gid=1868127515.1585657592&gjid=139120137&_v=j81&z=465671884 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_v=j81&z=465671884 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_v=j81&z=465671884&slf_rd=1&random=533405139

Request Chain 24

https://rtd-tm.everesttech.net/upi/?sid=sSmRgJVXCgxaMwDRWAHn&cs=1 HTTP 302
https://rtd-tm.everesttech.net/ct/upi/?sid=sSmRgJVXCgxaMwDRWAHn&cs=1&_test=XoM2_gAAAHGB0woD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WG9NMl9nQUFBSEdCMHdvRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WG9NMl9nQUFBSEdCMHdvRA&google_tc=

Request Chain 30

https://www.facebook.com/tr/?id=511611799392494&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fomarifaulkner%2Fe-eoq-2-03272020%3Futm_source%3Demail_PG%26utm_campaign%3Dof%26utm_medium%3DEmail%26utm_content%3DTime_is_Running_Out&rl=&if=false&ts=1585657593281&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585657593194.572880067&it=1585657593091&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=4103450568771831184&f=AYyX0NbbdqLTkpyk7gSy5SX7GDj6NtmC6gOY3QdDUvaugeXK4i9Jeep8tmx0bKaK0Qn4cAnkCAU-_IQpaKuNkpJZ&id=511611799392494&l=3&v=0

Request Chain 36

https://cm.everesttech.net/cm/dd?d_uuid=29476200559946819000189455967752207253 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XoM3AAAAAZ0uGxTJ

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request e-eoq-2-03272020 Show response
secure.winred.com/omarifaulkner/
Redirect Chain

http://link.i-d-pro.com/ls/click?upn=zbD-2BTAyWkr6XAy1fG-2B4y7qUw-2FPjcf061JS-2FaPU-2B90XPNOq2QY-2B61QvpVrA4yaMqvmGGxC7FuEIraJnZhm-2BuiagKwxTIfeAeL8tWQhlBAx2JOHYXNzNGeNg9XIXOftQWBPkJVhvvr-2F-2B1I-2...
https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

29 KB
8 KB

820ms
788ms

Document
text/html

2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e31071252273919b2f1626b276a5dd0f5d9ff45948dc59438a2af7d3d62be65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.winred.com
:scheme: https
:path: /omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 31 Mar 2020 12:26:31 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d4726639956385aa5071a85c1a9b6aa0a1585657590; expires=Thu, 30-Apr-20 12:26:30 GMT; path=/; domain=.secure.winred.com; HttpOnly; SameSite=Lax _revv_v3_session=REZ4K2xKQUpmYldhYzJZcjFLSWNtMHU1S1g4MEVlc2tHOEpLbHB6eml6Ykw0L3RiY2pEV056ZTVkMTBNTDJVUCtZOVBxaDRWVDFNWHd3TnRSQVdWejB6T0doT2VSSkdMN1ZjdnZYWjNZbUx0L1hXaEZzL3pHTGE5YndybUUxVCsxZWNPM3pUL3hKZ2NaU3VsYlZ4blZqWjYrU095bkVSQXBnejBxb0VWZG9hRGRZWlN1NUl1YWtDVTVVeGxBV3VuaHRDdk9xSVowc1ZzOXN5TTZ3ajJiT29TaVBYbHpaMjlXMmJlZEp6QXl5RUVsb3N4TjlsbncvcXQ5QlF5RTJKNFdwZDZjOGx6R2djTmdDelJGM1pOT0EyeEw5MlZQaDQ2Z0J2K1RjYStCL2pPSmIxRU04QXpUSUF1OUV4UXUxZmhOOVY4YTRrMHREOE9LOTU3MnpRUmVUcWYxQlppN0RZTWVwYkhSdnozVnEycGE3eStYdjRnWmoxNVVrcGZFUExLLS1NdG9KeTdRTE5YMDdudXdRZFR0M2hBPT0%3D--91ebf7d2c9f4dede15aaedebd48302728de94c60; domain=.winred.com; path=/; HttpOnly; Secure; SameSite=None; Secure
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-revv-cache: Miss from Revv
x-request-id: 0b2c06ec-805b-4c91-bfdc-16e70fafc045
x-runtime: 0.618259
x-rack-cors: miss; no-origin
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57ca0f26e85197cc-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Redirect headers

Server: nginx
Date: Tue, 31 Mar 2020 12:26:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
X-Robots-Tag: noindex, nofollow

GET
H2 200 / Show response
js.stripe.com/v3/ 158 KB
41 KB 1122ms
34ms Script
application/javascript 13.225.73.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-81.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ea7d3acbfe8eb72727fc5a02065f1d88a7dbd6a414a261b0b2d0a895f7e4be65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
age: 105
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 27 Mar 2020 14:55:55 GMT
server: AmazonS3
date: Tue, 31 Mar 2020 12:24:47 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: flZV3SKMBdiFFfPBWZif4BBpCmJmV6j6zK6ELgPuJia_S40a_yX6Dw==

GET
H2 200 landing_page-61fb339f9ca1c8d831f11dc9d838ce52cded27e7ee25d017ae260db07ea2d78b.css
secure.winred.com/assets/ 198 KB
27 KB 29ms
27ms Stylesheet
text/css 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/landing_page-61fb339f9ca1c8d831f11dc9d838ce52cded27e7ee25d017ae260db07ea2d78b.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

453ca896cc60ea919fa28f7fa26d8c9b8a3c34276c18c0fb93f2703c326bab6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 31 Mar 2020 12:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 312598
cf-polished: origSize=205123
status: 200
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Fri, 29 Mar 2030 12:26:31 GMT
last-modified: Fri, 27 Mar 2020 21:34:05 GMT
server: cloudflare
etag: W/"5e7e714d-7651"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/css
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
cf-ray: 57ca0f2bddd597cc-FRA
cf-bgj: minify

GET
H2 200 1585338480.css
secure.winred.com/stylesheets/rv_page_UTpVyaNqY7tPxdkv7Af8mFKv/ 4 KB
1 KB 163ms
162ms Stylesheet
text/css 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/stylesheets/rv_page_UTpVyaNqY7tPxdkv7Af8mFKv/1585338480.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fabf13c4add84f4baf49cf57dde49e3d76d5185e029ee31153fe67793759893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-rack-cors: miss; no-origin
date: Tue, 31 Mar 2020 12:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: eed85027-2a2a-4304-9f22-d625bff91bdb
x-runtime: 0.020153
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31556952
cf-ray: 57ca0f2bdddb97cc-FRA
expires: Wed, 31 Mar 2021 18:15:43 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 122 KB
40 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

5200558503b67c8a5c553e764c2d332f9ad4afc67089b11cb757103dc999d0a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 12:26:31 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=43
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 40291
x-xss-protection: 0
expires: Tue, 31 Mar 2020 12:56:31 GMT

GET
H2 200 application-landing-page-e20478dd609f92f329e097e438eb6555904851d9e0b2a67fab13ca2057844c65.js Show response
secure.winred.com/assets/ 532 KB
145 KB 54ms
53ms Script
application/javascript 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/application-landing-page-e20478dd609f92f329e097e438eb6555904851d9e0b2a67fab13ca2057844c65.js

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af095c214f2b86e8fbfccce8c1517fe0a880a28a0f6709236fa6eb4295b14a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 12:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 312598
cf-polished: origSize=544938
status: 200
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Fri, 29 Mar 2030 12:26:31 GMT
last-modified: Fri, 27 Mar 2020 21:34:21 GMT
server: cloudflare
etag: W/"5e7e715d-260f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
cf-ray: 57ca0f2bdddc97cc-FRA
cf-bgj: minify

GET
H2 200 OmariLogo-FullColor.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/022/843/large/ 64 KB
64 KB 697ms
607ms Image
image/png 99.84.155.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/022/843/large/OmariLogo-FullColor.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-62.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a3fc6aa70ebd776e69a79ae60c2dc288f32720f0b81e481d91fc888809d5b95

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:33 GMT
via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
etag: "aa07e5ce28a018bba192e2dd958d8625"
last-modified: Tue, 12 Nov 2019 13:57:42 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-version-id: TB04j8y_LPjQJ519aIYlX8py24y6xmql
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 65406
x-amz-cf-id: MUGfa3vDy1xKd7vg_TekY4OoRGfyzDOa2d4qsSFRtF4H3xKjJiICFA==

GET
H2 200 omari.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/022/877/square/ 10 KB
10 KB 591ms
502ms Image
image/jpeg 99.84.155.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/022/877/square/omari.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-62.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 737ebc9af98c33fcb51d5146f519d9e2de982ad14d29b86454f8230cb1296310

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:33 GMT
via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
etag: "d8fad5e9a3a50a097b6c3fcd2e263623"
last-modified: Tue, 12 Nov 2019 20:01:26 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-version-id: k9I_D3eks044bVo5Ncn0jKQy6CgkXBlN
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 9793
x-amz-cf-id: ku_5FPYrqDvFAlDEZazXrAkR2LcV03maQujojfoM00fBO81sc5sntQ==

GET
H2 200 win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 8 KB
9 KB 74ms
74ms Image
image/webp 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6a847acb3c048136186ffe81a0d68f43e7e26d90d8ea10dc93031d51449795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1097697
cf-polished: origFmt=png, origSize=11635
status: 200
content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 8566
expires: Fri, 29 Mar 2030 12:26:32 GMT
last-modified: Wed, 20 Nov 2019 19:56:38 GMT
server: cloudflare
etag: "5dd59a76-2d73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: image/webp
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57ca0f2fba3297cc-FRA
cf-bgj: imgq:85

GET
H2 200 win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 19 KB
7 KB 36ms
36ms Image
image/svg+xml 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4257864
status: 200
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Wed, 20 Nov 2019 19:38:14 GMT
server: cloudflare
etag: W/"5dd59626-1e30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: image/svg+xml
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
cf-ray: 57ca0f300aa097cc-FRA
expires: Fri, 29 Mar 2030 12:26:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
26 KB 26ms
15ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2610290183a45808375698900201a44b9febd162a6440912b1c14659cd2d4c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 12:26:32 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25632
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Mar 2020 12:26:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
57 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56GR35P

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a88af15e2e680393680a255db7d65759562519040753904eb4321b1284acafaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 12:26:32 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 57909
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Mar 2020 12:26:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6477
date: Tue, 31 Mar 2020 10:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 31 Mar 2020 12:38:35 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=673215990&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fomarifaulkner%2Fe-eoq-2-03272020%3Futm_source%3Demail_PG%26utm_campaign%3Dof%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_gid=1868127515.1585657592&gjid=139120137&_v=j81&z=465671884
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_v=j81&z=465671884
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_v=j81&z=465671884&slf_rd=1&random=533405139

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_v=j81&z=465671884&slf_rd=1&random=533405139

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 12:26:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Mar 2020 12:26:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1010781778.1585657592&jid=616868570&_v=j81&z=465671884&slf_rd=1&random=533405139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame E123 0
0 21ms
21ms Document
text/html 13.225.73.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-81.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 238
last-modified: Fri, 28 Feb 2020 23:42:06 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Tue, 31 Mar 2020 12:25:19 GMT
etag: "a0f6c1465b8d9aab778cf2913d1d3c86"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vi7L4Oq4x_d0B7xAzBE49ENkCzrNepyjXMOHs6GbebQhwqUC1CFceg==
age: 74

GET
H2 200 IMG_0005_copy.jpeg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/022/914/large/ 169 KB
170 KB 586ms
585ms Image
image/jpeg 99.84.155.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/022/914/large/IMG_0005_copy.jpeg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-e20478dd609f92f329e097e438eb6555904851d9e0b2a67fab13ca2057844c65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-62.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be54d520f62270c94a78b1954108f13efb2a079ec16298e967ff82feea6cdd7d

Request headers

Referer: https://secure.winred.com/stylesheets/rv_page_UTpVyaNqY7tPxdkv7Af8mFKv/1585338480.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:34 GMT
via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
etag: "2cd4d646a270dc8800a9a34cc0decacd"
last-modified: Tue, 12 Nov 2019 22:23:58 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-version-id: CRfQMK4Dih4KkpmTiez5tEuaZE1fZiA_
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 173467
x-amz-cf-id: J-NCYyGXZtdOgGoc9MjgvvZimUiZ2AxNXVigzXcxBOYmrBbSet7JNA==

GET
H2 200 controller-acfa331062b18d01cad8673800ca4369.html
js.stripe.com/v3/ Frame F247 0
0 21ms
21ms Document
text/html 13.225.73.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-acfa331062b18d01cad8673800ca4369.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-81.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-acfa331062b18d01cad8673800ca4369.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 345
last-modified: Fri, 27 Mar 2020 14:55:53 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Tue, 31 Mar 2020 12:22:20 GMT
etag: "acfa331062b18d01cad8673800ca4369"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: YKnCoDJHENymT2yixZ0RMdk7YBFAM4DF9TQFS6QeyJPi1_cj5bG3Wg==
age: 262

GET
H2 200 elements-inner-card-9644e07c31a2896df020dd41f9592b8d.html
js.stripe.com/v3/ Frame 0023 0
0 22ms
21ms Document
text/html 13.225.73.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-9644e07c31a2896df020dd41f9592b8d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-81.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-9644e07c31a2896df020dd41f9592b8d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Response headers

status: 200
content-type: text/html; charset=utf-8
last-modified: Fri, 27 Mar 2020 14:55:55 GMT
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Tue, 31 Mar 2020 12:22:20 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 2cKg0MqDQCwrvWjHu7wccBlFin_trmMfgN8Q0Qm8DhZsULj_SeTnZQ==
age: 272

GET
H2 200 current_with_info Show response
app.revv.co/api/v3/users/ 128 B
1 KB 268ms
163ms XHR
application/vnd.api+json 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-e20478dd609f92f329e097e438eb6555904851d9e0b2a67fab13ca2057844c65.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f925a7d474a7d96af3648a93a138c0ba74ae54b3436e99add4b681c10f39bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Origin: https://secure.winred.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin: https://secure.winred.com
date: Tue, 31 Mar 2020 12:26:33 GMT
x-rack-cors-original-access-control-max-age: 0
x-rack-cors-original-access-control-allow-credentials: true
cf-cache-status: DYNAMIC
x-rack-cors-original-access-control-allow-methods: GET, POST, OPTIONS
status: 200
access-control-max-age: 0
x-rack-cors-original-access-control-expose-headers
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: 24d5ea12-74e0-48b1-916c-4d6c3fe40ac8
x-runtime: 0.011215
server: cloudflare
etag: W/"55f925a7d474a7d96af3648a93a138c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.api+json
access-control-allow-origin: https://secure.winred.com
vary: Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 57ca0f349be4c272-FRA
x-rack-cors: hit
x-content-type-options: nosniff
access-control-expose-headers

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 77 KB
29 KB 55ms
3ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a1c446a4b15a120ef3f91f6bda3a50a877a89785b62c2dc4870e440d9d2a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 499416
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28924
x-xss-protection: 0
expires: Thu, 25 Mar 2021 17:42:57 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 143 KB
53 KB 64ms
12ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd031c511ae18654a3853dbecf9e9c1cd54e9d47ab8db8b9b667da11ac1f9da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 499415
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 54062
x-xss-protection: 0
expires: Thu, 25 Mar 2021 17:42:58 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 208 KB
56 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f7498f9f4e6278cba762fe2ebef703edc32fc027c85c71fab167a05ca45dd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 10:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 267647
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 57595
x-xss-protection: 0
expires: Sun, 28 Mar 2021 10:05:46 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 41 KB
16 KB 66ms
14ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be781c0a58ce716562723e733ad5fcd61217b8652f923144ec30a80398d4a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 499250
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 16128
x-xss-protection: 0
expires: Thu, 25 Mar 2021 17:45:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 49ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: t/wIg6dlniuJ1Wim6tEB396cdYSKUstFnPhJwOiyKd3Zsy3WG+F7PjAMkg7FyyGmJ6rzIjgY/HLEuDbxqxxd6g==
x-fb-trip-id: 1850256238
date: Tue, 31 Mar 2020 12:26:33 GMT, Tue, 31 Mar 2020 12:26:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 7417ms
43ms XHR
application/json 52.50.184.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=74640A195C7E4CD00A495DAD%40AdobeOrg&d_nsid=0&ts=1585657593015

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.184.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-184-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d23c4ea085d3085d7cf37385d21ffc2f815fa4d23362549d3087b334fdbf5a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Origin: https://secure.winred.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v064-0d7a14cd6.edge-irl1.demdex.com 5.66.0.20200310121811 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: 8eka6DikRkA=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://secure.winred.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 963
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=sSmRgJVXCgxaMwDRWAHn&cs=1
https://rtd-tm.everesttech.net/ct/upi/?sid=sSmRgJVXCgxaMwDRWAHn&cs=1&_test=XoM2_gAAAHGB0woD
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WG9NMl9nQUFBSEdCMHdvRA
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WG9NMl9nQUFBSEdCMHdvRA&google_tc=

170 B
234 B

36ms
35ms

Image
image/png

172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WG9NMl9nQUFBSEdCMHdvRA&google_tc=

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 12:26:43 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Mar 2020 12:26:43 GMT
server: HTTP server (unknown)
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WG9NMl9nQUFBSEdCMHdvRA&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 57ms
40ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
expires: Tue, 31 Mar 2020 12:26:33 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 55ms
38ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
expires: Tue, 31 Mar 2020 12:26:33 GMT

GET
H2 200 1151452605057904 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1151452605057904?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dc517e8f0b9fcc9060b9e2535a4fd8b328dce0d5b3e94e39e0c08c5701fa217

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: KTEUoY/2zlzdI7OoY7rNt0NP2sKEllB/f/xYFM7SdHucXhJqa/jD4RUmYGyNEizsE31+XQOtkJo7h9fUF20kJw==
x-fb-trip-id: 1850256238
date: Tue, 31 Mar 2020 12:26:33 GMT, Tue, 31 Mar 2020 12:26:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 511611799392494 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/511611799392494?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7a06e627265fa37837c38896f0b4fecd6bd2ef2682999cb63641ecaba347bbe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tg33irFFFletgLpqd6+svkV8FxV5p1sHIIT1odrPgO5qOR2xhAk8FmGm7ZF167o3OycAOfxFBTZejx8vk/MaJg==
x-fb-trip-id: 1850256238
date: Tue, 31 Mar 2020 12:26:33 GMT, Tue, 31 Mar 2020 12:26:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
348 B 18ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1151452605057904&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fomarifaulkner%2Fe-eoq-2-03272020%3Futm_source%3Demail_PG%26utm_campaign%3Dof%26utm_medium%3DEmail%26utm_content%3DTime_is_Running_Out&rl=&if=false&ts=1585657593195&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585657593194.572880067&it=1585657593091&coo=false&rqm=GET

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 12:26:33 GMT, Tue, 31 Mar 2020 12:26:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Mar 2020 12:26:33 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=511611799392494&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fomarifaulkner%2Fe-eoq-2-03272020%3Futm_source%3Demail_PG%26utm_campaign%3Dof%26utm_medium%3DEmail%26...
https://cx.atdmt.com/?c=4103450568771831184&f=AYyX0NbbdqLTkpyk7gSy5SX7GDj6NtmC6gOY3QdDUvaugeXK4i9Jeep8tmx0bKaK0Qn4cAnkCAU-_IQpaKuNkpJZ&id=511611799392494&l=3&v=0

42 B
434 B

55ms
40ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=4103450568771831184&f=AYyX0NbbdqLTkpyk7gSy5SX7GDj6NtmC6gOY3QdDUvaugeXK4i9Jeep8tmx0bKaK0Qn4cAnkCAU-_IQpaKuNkpJZ&id=511611799392494&l=3&v=0
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 31 Mar 2020 12:26:33 GMT, Tue, 31 Mar 2020 12:26:33 GMT, Tue, 31 Mar 2020 12:26:33 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-27=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Mar 2020 12:26:33 GMT, Tue, 31 Mar 2020 12:26:33 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=4103450568771831184&f=AYyX0NbbdqLTkpyk7gSy5SX7GDj6NtmC6gOY3QdDUvaugeXK4i9Jeep8tmx0bKaK0Qn4cAnkCAU-_IQpaKuNkpJZ&id=511611799392494&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

POST
H2 200 /
www.facebook.com/tr/ 0
76 B 7ms
7ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Origin: https://secure.winred.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2POmlrgBBI0SoVTA

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://secure.winred.com
date: Tue, 31 Mar 2020 12:26:33 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Origin: https://secure.winred.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryUbNpITdqsDx4qkmo

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://secure.winred.com
date: Tue, 31 Mar 2020 12:26:33 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
269 B 57ms
56ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fsecure.winred.com%2Fomarifaulkner%2Fe-eoq-2-03272020%3Futm_source%3Demail_PG%26utm_campaign%3Dof%26utm_medium%3DEmail%26utm_content%3DTime_is_Running_Out&4sAIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&callback=_xdc_._a80aas&key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&token=64793

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/40/6/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

1f3a7a50c64c7ebd84f4d51fcf3b616ace78e46246ef25c5ee7bef362a0e6b4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 12:26:37 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=42
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
prospergroupcorp.demdex.net/ Frame 65CC 0
0 190ms
40ms Document
text/html 52.50.37.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prospergroupcorp.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.37.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-37-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: prospergroupcorp.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=29476200559946819000189455967752207253
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 18 Mar 2020 12:22:38 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=29476200559946819000189455967752207253;Path=/;Domain=.demdex.net;Expires=Sun, 27-Sep-2020 12:26:40 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 2r/Y3c4jT94=
Content-Length: 2785
Connection: keep-alive

POST
H/1.1 200
OK event Show response
prospergroupcorp.demdex.net/ 2 KB
3 KB 245ms
54ms XHR
application/json 52.50.37.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prospergroupcorp.demdex.net/event?d_dil_ver=9.3&_ts=1585657593017

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.37.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-37-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a8fe519c5a7937868f45f456ee41a06cb125f5151733b841d2f82b38ba23175f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
Origin: https://secure.winred.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v064-0796ae4ac.edge-irl1.demdex.com 5.66.0.20200310121811 6ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 56yu1+OKSIg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://secure.winred.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 2408
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XoM3AAAAAZ0uGxTJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29476200559946819000189455967752207253
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XoM3AAAAAZ0uGxTJ

42 B
915 B

3155ms
42ms

Image
image/gif

52.50.184.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XoM3AAAAAZ0uGxTJ

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.184.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-184-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/omarifaulkner/e-eoq-2-03272020?utm_source=email_PG&utm_campaign=of&utm_medium=Email&utm_content=Time_is_Running_Out
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v064-09f83a1e2.edge-irl1.demdex.com 5.66.0.20200310121811 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: /QNJssR5Sn8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 31 Mar 2020 12:26:39 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XoM3AAAAAZ0uGxTJ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 12:46:49	Name: dextp Value: 992-1-1585657600669\|144230-1-1585657600772\|144231-1-1585657600874\|144232-1-1585657600975\|144233-1-1585657601078\|144234-1-1585657601184\|144235-1-1585657601284\|144236-1-1585657601388\|144237-1-1585657601490
.demdex.net/	1970-01-19 12:46:49	Name: demdex Value: 29476200559946819000189455967752207253
.winred.com/	1970-01-20 01:58:49	Name: AMCV_74640A195C7E4CD00A495DAD%40AdobeOrg Value: 1278862251%7CMCMID%7C23578767925341083300788628646178978067%7CMCAAMLH-1586262400%7C6%7CMCAAMB-1586262400%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1585664800s%7CNONE%7CMCSYNCSOP%7C411-18360%7CvVersion%7C4.0.0
.secure.winred.com/	1970-01-19 09:10:49	Name: aam_uuid Value: 29476200559946819000189455967752207253
.winred.com/	1969-12-31 23:59:59	Name: AMCVS_74640A195C7E4CD00A495DAD%40AdobeOrg Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.revv.co
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
cx.atdmt.com
d35ligi1n5bgzc.cloudfront.net
dpm.demdex.net
js.stripe.com
link.i-d-pro.com
maps.googleapis.com
maps.gstatic.com
prospergroupcorp.demdex.net
rtd-tm.everesttech.net
secure.winred.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.225.73.81
151.101.14.49
167.89.115.56
172.217.16.162
2606:4700:10::6814:443
2a00:1450:4001:800::2008
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:400c:c08::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
52.50.184.22
52.50.37.223
66.117.28.86
99.84.155.62
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f3a7a50c64c7ebd84f4d51fcf3b616ace78e46246ef25c5ee7bef362a0e6b4f
1f7498f9f4e6278cba762fe2ebef703edc32fc027c85c71fab167a05ca45dd1b
2610290183a45808375698900201a44b9febd162a6440912b1c14659cd2d4c02
3fabf13c4add84f4baf49cf57dde49e3d76d5185e029ee31153fe67793759893
453ca896cc60ea919fa28f7fa26d8c9b8a3c34276c18c0fb93f2703c326bab6a
4be781c0a58ce716562723e733ad5fcd61217b8652f923144ec30a80398d4a1a
5200558503b67c8a5c553e764c2d332f9ad4afc67089b11cb757103dc999d0a8
55f925a7d474a7d96af3648a93a138c0ba74ae54b3436e99add4b681c10f39bc
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
5dc517e8f0b9fcc9060b9e2535a4fd8b328dce0d5b3e94e39e0c08c5701fa217
67a1c446a4b15a120ef3f91f6bda3a50a877a89785b62c2dc4870e440d9d2a6c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
737ebc9af98c33fcb51d5146f519d9e2de982ad14d29b86454f8230cb1296310
7c6a847acb3c048136186ffe81a0d68f43e7e26d90d8ea10dc93031d51449795
9a3fc6aa70ebd776e69a79ae60c2dc288f32720f0b81e481d91fc888809d5b95
a7a06e627265fa37837c38896f0b4fecd6bd2ef2682999cb63641ecaba347bbe
a88af15e2e680393680a255db7d65759562519040753904eb4321b1284acafaa
a8fe519c5a7937868f45f456ee41a06cb125f5151733b841d2f82b38ba23175f
af095c214f2b86e8fbfccce8c1517fe0a880a28a0f6709236fa6eb4295b14a35
bd031c511ae18654a3853dbecf9e9c1cd54e9d47ab8db8b9b667da11ac1f9da1
be54d520f62270c94a78b1954108f13efb2a079ec16298e967ff82feea6cdd7d
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d23c4ea085d3085d7cf37385d21ffc2f815fa4d23362549d3087b334fdbf5a81
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e31071252273919b2f1626b276a5dd0f5d9ff45948dc59438a2af7d3d62be65b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7d3acbfe8eb72727fc5a02065f1d88a7dbd6a414a261b0b2d0a895f7e4be65
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

secure.winred.com Open in urlscan Pro 2606:4700:10::6814:443 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

58 %IPv6

17 Domains

20 Subdomains

14 IPs

4 Countries

1046 kBTransfer

3117 kBSize

5 Cookies

4 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

secure.winred.com Open in urlscan Pro
2606:4700:10::6814:443 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

58 %
IPv6

17
Domains

20
Subdomains

14
IPs

4
Countries

1046 kB
Transfer

3117 kB
Size

5
Cookies

38 HTTP transactions
0 data transactions