urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
2606:4700:10::6814:443  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.boomtrain.washtimesmail.com/click/Ed2NhcnRlckBzdGFuZGFyZC5jb20/CeyJtaWQiOiIxNTg0Nzk5MjY1NDc0ZTZhN2M4OTcxOWFiIiwiY3QiOiJwcm9t...
Effective URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na...
Submission: On March 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 7 countries across 24 domains to perform 81 HTTP transactions. The main IP is 2606:4700:10::6814:443, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 14th 2019. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 96.47.24.171 46263 (EDIALOG)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.111.234.113 16625 (AKAMAI-AS)
7 151.101.12.176 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
3 99.86.3.98 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
3 6 2001:4860:480... 15169 (GOOGLE)
6 2001:4860:480... 15169 (GOOGLE)
5 2a03:2880:f01... 32934 (FACEBOOK)
2 172.217.22.66 15169 (GOOGLE)
2 4 216.58.207.38 15169 (GOOGLE)
1 147.75.102.203 54825 (PACKET)
2 18.215.18.117 14618 (AMAZON-AES)
1 143.204.201.105 16509 (AMAZON-02)
1 2a00:1288:f03... 10310 (YAHOO-1)
2 151.101.112.157 54113 (FASTLY)
1 1 93.184.220.66 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1288:f03... 10310 (YAHOO-1)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 147.75.32.125 54825 (PACKET)
2 104.244.42.133 13414 (TWITTER)
2 35.186.226.184 15169 (GOOGLE)
1 147.75.32.13 54825 (PACKET)
2 34.203.98.27 14618 (AMAZON-AES)
2 104.244.42.67 13414 (TWITTER)
81 27
1    96.47.24.171 (United States)

ASN46263 (EDIALOG, US)
PTR: ralphlaurenapac.mx1.bm16.maas.zetaglobal.net
e.boomtrain.washtimesmail.com
7    2606:4700:10::6814:443 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.winred.com
app.revv.co
1    104.111.234.113 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-113.deploy.static.akamaitechnologies.com
cdn-pci.optimizely.com
7    151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
6    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
3    99.86.3.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-98.fra6.r.cloudfront.net
d35ligi1n5bgzc.cloudfront.net
4    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2001:4860:4802:34::75 (United States)

ASN15169 (GOOGLE, US)
www.google.com
6    2001:4860:4802:38::75 (United States)

ASN15169 (GOOGLE, US)
www.google.de
5    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net
www.googleadservices.com
4    216.58.207.38 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f6.1e100.net
9386837.fls.doubleclick.net
1    147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3
static.hotjar.com
2    18.215.18.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-18-117.compute-1.amazonaws.com
10964169.collect.igodigital.com
nova.collect.igodigital.com
1    143.204.201.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-105.fra53.r.cloudfront.net
sc-static.net
1    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
2    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
9    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14
script.hotjar.com
2    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    147.75.32.13 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
vars.hotjar.com
2    34.203.98.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-98-27.compute-1.amazonaws.com
errors.client.optimizely.com
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Domain Requested by
9 www.facebook.com secure.winred.com
connect.facebook.net
7 js.stripe.com secure.winred.com
js.stripe.com
6 www.google.de secure.winred.com
6 www.google.com 3 redirects secure.winred.com
6 maps.googleapis.com secure.winred.com
maps.googleapis.com
6 secure.winred.com secure.winred.com
5 connect.facebook.net secure.winred.com
connect.facebook.net
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
4 9386837.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 www.google-analytics.com 2 redirects www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com secure.winred.com
www.googletagmanager.com
3 s.yimg.com secure.winred.com
s.yimg.com
3 d35ligi1n5bgzc.cloudfront.net secure.winred.com
2 analytics.twitter.com static.ads-twitter.com
2 errors.client.optimizely.com cdn-pci.optimizely.com
2 tr.snapchat.com www.googletagmanager.com
2 t.co secure.winred.com
2 maps.gstatic.com secure.winred.com
2 static.ads-twitter.com secure.winred.com
2 www.googleadservices.com www.googletagmanager.com
2 stats.g.doubleclick.net 2 redirects
1 nova.collect.igodigital.com secure.winred.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 platform.twitter.com 1 redirects
1 sc-static.net secure.winred.com
1 10964169.collect.igodigital.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 app.revv.co secure.winred.com
1 cdn-pci.optimizely.com secure.winred.com
1 e.boomtrain.washtimesmail.com 1 redirects
81 31

This site contains links to these domains. Also see Links.

Domain
winred.com
Subject Issuer Validity Valid
www.winred.com
DigiCert SHA2 Extended Validation Server CA		 2019-08-14 -
2020-09-30		 a year crt.sh
cdn-pci.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-18 -
2021-04-18		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-02-12 -
2020-06-03		 4 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.revv.co
COMODO RSA Domain Validation Secure Server CA		 2018-10-01 -
2020-10-28		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
*.collect.igodigital.com
DigiCert SHA2 Secure Server CA		 2020-02-14 -
2021-02-18		 a year crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-03-13 -
2020-04-27		 a month crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2020-09-28		 2 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh

This page contains 12 frames:

Primary Page: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Frame ID: 313EB129F628B444C643C4B4B354D635
Requests: 70 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: 45E6B2A08219BBEBAE594F634E1A62F9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-40ee2e35c0e13e2e072320469122a918.html
Frame ID: A1B366388412DC260C49AC745E6DAC5B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-7117b627d6fabc5b8f474a6b545a2123.html
Frame ID: 488C5574943BB981AE0951012E398AC4
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-40ee2e35c0e13e2e072320469122a918.html
Frame ID: A1D5615EB5999F78F384FDDA01D754AF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-45f7ec6e1d8c6e62b8c6fe605ab6a830.html
Frame ID: 16754908A9B8500F1F4976146489862D
Requests: 1 HTTP requests in this frame

Frame: https://9386837.fls.doubleclick.net/activityi;dc_pre=CLfK6JHvrOgCFd7juwgdtPcLpA;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask
Frame ID: 2FD5493D1A84904D2C614108C8BBDF31
Requests: 1 HTTP requests in this frame

Frame: https://9386837.fls.doubleclick.net/activityi;dc_pre=CNKL6ZHvrOgCFf_juwgdDkoPxQ;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask
Frame ID: 1A4CA36142F0821ED932B15924094A8D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-892e8711f4a9d8e98492bb9297325f01.html
Frame ID: 99D0E07112FC13321129849438C8358D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cd1ba55e-6b42-409e-ac1e-6db77ea92054
Frame ID: C18EE6186E714A48B5CC24421CEF6596
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 3F9BCD79D30326E3F5B206525BD325E3
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: F0289A8A15F822665ACAC6865431BD8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e.boomtrain.washtimesmail.com/click/Ed2NhcnRlckBzdGFuZGFyZC5jb20/CeyJtaWQiOiIxNTg0Nzk5MjY1NDc0ZTZhN2M4OTcx... HTTP 302
    https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i

Page Statistics

81
Requests

100 %
HTTPS

43 %
IPv6

24
Domains

31
Subdomains

27
IPs

7
Countries

1445 kB
Transfer

5095 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.boomtrain.washtimesmail.com/click/Ed2NhcnRlckBzdGFuZGFyZC5jb20/CeyJtaWQiOiIxNTg0Nzk5MjY1NDc0ZTZhN2M4OTcxOWFiIiwiY3QiOiJwcm9tb3Rpb25hbC13YXNoaW5ndG9uLXRpbWVzLTNmNTBjMTJhMGZkMmY3NTVmNmY4OTUwOGY4MWFmNGQ0LTEiLCJyZCI6InN0YW5kYXJkLmNvbSJ9/HWkhfd2FzaHRpbWVzX0RNQkFNMDMyMTIwMjAxOTE1NTExLHdhc2h0aW1lcyxodHRwczovL3NlY3VyZS53aW5yZWQuY29tL3RtYWdhYy8yMDIwLWZvdW5kaW5nLW1lbWJlcg/qP2Ftb3VudD00MiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Y2NfZXAmdXRtX2NhbXBhaWduPTIwMjAwMzIxX25hX2ZpcnN0LTIwMjAtZm91bmRpbmctbWVtYmVycy1lcF9kb25hbGRqdHJ1bXBjb21fdG1hZ2FjJnV0bV9jb250ZW50PWdvcF9kaXJlY3QtYXNr/s46ea96c141 HTTP 302
    https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=564785257&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&ul=en-us&de=UTF-8&dt=Trump%20Make%20America%20Great%20Again%20Committee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=2103981924&gjid=2139337030&cid=1968664091.1584838406&tid=UA-73658561-7&_gid=1613750084.1584838406&_r=1&gtm=2wg3b2NTQZ9N&z=1905805823 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_gid=1613750084.1584838406&gjid=2139337030&_v=j81&z=1905805823 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_v=j81&z=1905805823 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_v=j81&z=1905805823&slf_rd=1&random=3737349695
Request Chain 29
  • https://9386837.fls.doubleclick.net/activityi;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask HTTP 302
  • https://9386837.fls.doubleclick.net/activityi;dc_pre=CLfK6JHvrOgCFd7juwgdtPcLpA;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask
Request Chain 30
  • https://9386837.fls.doubleclick.net/activityi;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask HTTP 302
  • https://9386837.fls.doubleclick.net/activityi;dc_pre=CNKL6ZHvrOgCFf_juwgdDkoPxQ;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask
Request Chain 36
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 42
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=564785257&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&ul=en-us&de=UTF-8&dt=Trump%20Make%20America%20Great%20Again%20Committee&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEALB~&jid=1069752461&gjid=1286026887&cid=1968664091.1584838406&tid=UA-78271234-1&_gid=1613750084.1584838406&_r=1&gtm=2wg3b2KQQBPQZ&z=2078343737 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_gid=1613750084.1584838406&gjid=1286026887&_v=j81&z=2078343737 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_v=j81&z=2078343737 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_v=j81&z=2078343737&slf_rd=1&random=188435375
Request Chain 70
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850607854/?random=1584838406780&cv=9&fst=1584838406780&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&is_vtc=1&random=3430484804&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&is_vtc=1&random=3430484804&resp=GooglemKTybQhCsO&ipr=y

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2020-founding-member
secure.winred.com/tmagac/
Redirect Chain
  • https://e.boomtrain.washtimesmail.com/click/Ed2NhcnRlckBzdGFuZGFyZC5jb20/CeyJtaWQiOiIxNTg0Nzk5MjY1NDc0ZTZhN2M4OTcxOWFiIiwiY3QiOiJwcm9tb3Rpb25hbC13YXNoaW5ndG9uLXRpbWVzLTNmNTBjMTJhMGZkMmY3NTVmNmY4OTU...
  • https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_dire...
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5fd7cb3ce5bc662e54a7e81f08ddf070d3d1e8b4c097f85b805731f29ea68b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.winred.com
:scheme
https
:path
/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Sun, 22 Mar 2020 00:53:25 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d7771c7179390ceb064d72010a56bd8291584838405; expires=Tue, 21-Apr-20 00:53:25 GMT; path=/; domain=.secure.winred.com; HttpOnly; SameSite=Lax _revv_v3_session=N0ZZcFcvMVhYT0VRYWZyL1RLRUFXS001WW5wRCtrMm9YcEhraklXR0ZUV3FmWUdaSHNVNW5KWTk3dnYwaFRtaVJ0ZXF2UEpqN1QvVkFjSDhobEt6YmFFZHFXcFcxam56NGRHL0N5VnYzR0FwNU5iWCtDWkZNb0FDOE5iRmFNNHRKN0wweENaSTU5eHRLSG05S0Z5cU5JTlRYVWN5MUhjekFSRmRLYTFyRjJoUFlDL1phU3hreFVVcVFBVmFuZnhzMHVEeG9vQjNOdEVqOGJaSEVDckRpQ043TUZlZ3hjMDViUUxoZW04VDZPS3VSZnI3RUZ6eUxQQ1RKOFBIb01tVjA5Z1hQeTlFNWlGMHpkc0hWalV6NEk2V3B2UXVhdlVVanh4djNhbmxGUVRLQndTM2ZhdTMwWDZhVnkyTkx5blBmNFpJa1N1NnpDVWtlR2hWZGY5eVZYYTN6Y3VKK2llZjNWUkRFNVZPZlJ5MmNkM2h2dmZkVXBDT005L0c3dmU2VkFlb0lDWjJJTTVCek90dmpCdms4Uit0bWNycnJ4T1gyNzYvMWp0ODFuTWQwOXFUbUpZOFhjN3ZIbng5WGZoeGJvZlNWcEx6RzVzZ0h2QW91b2pJL1E9PS0tYnlSQTNBYXd6NGN0S245WjVaNVJCUT09--c7c47f75b21e1efb5df908a359beaee31f053be5; domain=.winred.com; path=/; HttpOnly; Secure; SameSite=None; Secure
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
x-revv-cache
Hit from Revv
x-request-id
6becd095-b5b4-430d-a5a4-f0c2b4b7b093
x-runtime
0.017289
x-rack-cors
miss; no-origin
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
577bef80b9f3d709-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Redirect headers

Date
Sun, 22 Mar 2020 00:53:25 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2p PHP/7.3.5 Phusion_Passenger/5.3.2
X-Powered-By
PHP/7.3.5
Location
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Strict-Transport-Security
max-age=60
8416096648.js
cdn-pci.optimizely.com/js/ 		560 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-pci.optimizely.com/js/8416096648.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.234.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
898d4f5103dfb5299e382789d58963b7ac3ced874376e7ebf65b4cc1f3fc8d97

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-meta-pci_enabled
True
x-amz-version-id
jSd.ZIFIjrlemk2EdCKx.YvpmpSHWvGR
content-encoding
gzip
x-amz-request-id
A5910B59BE4F0B68
status
200
access-control-max-age
86400
date
Sun, 22 Mar 2020 00:53:25 GMT
x-amz-replication-status
COMPLETED
content-length
145077
x-amz-id-2
gwAM7/R6tJVWVnff+XCbfgHM2bR4bT+zK+9YlS0V0+UzE/KEMN7YnUVwG3jh0M3spvrAJlNT5nE=
last-modified
Sat, 21 Mar 2020 17:30:39 GMT
server
AmazonS3
etag
"d18a6cb5338f683f05b6ce7fbb9eb59d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
40719
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
/
js.stripe.com/v3/ 		158 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66c9bafab25db35d8470199f6b03bde87506fb27229420b36dd60b84bcf2884b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
94
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
41402
x-amz-id-2
HK+kTI8ugWPyBbHUybesX2vGZGvO4tf+RN1YWz9aPRp1J9FCcqUD3ekPyeunOB4z61GFtZfnBUs=
x-served-by
cache-fra19173-FRA
last-modified
Thu, 19 Mar 2020 18:07:30 GMT
server
AmazonS3
x-timer
S1584838406.519621,VS0,VE0
etag
"18a17f082d52c580ce86952b5963d764"
vary
Accept-Encoding
x-amz-request-id
5EF2444992260A90
via
1.1 varnish
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16
landing_page-d4c0cee488b514b769ce32544f9502784889211c9722f6884b411c800704060c.css
secure.winred.com/assets/ 		197 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/landing_page-d4c0cee488b514b769ce32544f9502784889211c9722f6884b411c800704060c.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5c014c177144ea25e4cf21dabf34ead1d8ff7bff6e49a2d381ba9543de635f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1581258
cf-polished
origSize=203934
status
200
strict-transport-security
max-age=31536000; includeSubdomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Wed, 20 Mar 2030 00:53:25 GMT
last-modified
Tue, 03 Mar 2020 17:32:28 GMT
server
cloudflare
etag
W/"5e5e94ac-75a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/css
access-control-expose-headers
ETag
cache-control
public, max-age=315360000
cf-ray
577bef822c40d709-FRA
cf-bgj
minify
1584540409.css
secure.winred.com/stylesheets/rv_page_GzCEMQ4mgZRPJCUwSwSvYcbD/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/stylesheets/rv_page_GzCEMQ4mgZRPJCUwSwSvYcbD/1584540409.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5eff245e0637fc6a7828f887b7c11018c0aa7bbefa61987ee50bea92db9db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-rack-cors
miss; no-origin
date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
267558
cf-polished
origSize=4814
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
12ff8873-58e1-488e-9186-923e327f32c3
x-runtime
0.057365
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=31556952
cf-ray
577bef822c43d709-FRA
expires
Mon, 22 Mar 2021 06:42:37 GMT
js
maps.googleapis.com/maps/api/ 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
99841cbe2d825c6fd01a99c4b4519c26ef7e467f1d3083a3303bcd087c468dac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=37
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
40289
x-xss-protection
0
expires
Sun, 22 Mar 2020 01:23:25 GMT
application-landing-page-eb2e27535f1fa55c580b17cf7ceb28c2c0670a2175c5c097718a0b01e03b0f81.js
secure.winred.com/assets/ 		530 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/application-landing-page-eb2e27535f1fa55c580b17cf7ceb28c2c0670a2175c5c097718a0b01e03b0f81.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d16b99f42d601857297694322755e36c5e02fe75b73f17b520f3794897f9352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
889039
cf-polished
origSize=543216
status
200
strict-transport-security
max-age=31536000; includeSubdomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Wed, 20 Mar 2030 00:53:25 GMT
last-modified
Wed, 11 Mar 2020 17:54:36 GMT
server
cloudflare
etag
W/"5e6925dc-25fbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/javascript
access-control-expose-headers
ETag
cache-control
public, max-age=315360000
cf-ray
577bef822c46d709-FRA
cf-bgj
minify
TP-45-stacked-334wide.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/005/540/large/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/005/540/large/TP-45-stacked-334wide.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-98.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acd4cc8745727c57b6de665a54aea9a3e6998436d64ed7f061f592c79684709e

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 21 Mar 2020 23:05:51 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2017 14:47:21 GMT
server
AmazonS3
age
6454
etag
"5df8070b623fe005b02f45198d38c8ee"
x-cache
Hit from cloudfront
x-amz-version-id
RzAh8B_2j7dFHsYpAIPCMpCMtQyXHSY6
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
4082
x-amz-cf-id
66kb09u9p6JRa_ErvauQiTknZO702uLmP2KbiFxG8oT8ML6Gnz6mDw==
17903454_10158949965035725_3181251005684687258_n.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/014/965/square/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/014/965/square/17903454_10158949965035725_3181251005684687258_n.jpg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-98.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7286e58b3cbce6587bba5408c0af450b4d94ce9492a8ab6e96246f479da172d6

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 21 Mar 2020 15:06:26 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
etag
"a67a8b1e6c96f96194878ff9369b28be"
last-modified
Wed, 10 Jul 2019 17:18:08 GMT
server
AmazonS3
age
35220
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-version-id
XaloBx4r3H8d38ZBfLXBNbb4x3qmhfkk
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5975
x-amz-cf-id
Hi-P6FA0KcUY5-7jqHZk0YKXkbqjFF2429V3G6qSWNFZCdkdEcJfLw==
win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6a847acb3c048136186ffe81a0d68f43e7e26d90d8ea10dc93031d51449795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
278510
cf-polished
origFmt=png, origSize=11635
status
200
content-disposition
inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
strict-transport-security
max-age=31536000; includeSubdomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
8566
expires
Wed, 20 Mar 2030 00:53:25 GMT
last-modified
Wed, 20 Nov 2019 19:56:38 GMT
server
cloudflare
etag
"5dd59a76-2d73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
image/webp
access-control-expose-headers
ETag
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
577bef829d0cd709-FRA
cf-bgj
imgq:85
win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 		19 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3438677
status
200
strict-transport-security
max-age=31536000; includeSubdomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 20 Nov 2019 19:38:14 GMT
server
cloudflare
etag
W/"5dd59626-1e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
image/svg+xml
access-control-expose-headers
ETag
cache-control
public, max-age=315360000
cf-ray
577bef829d0dd709-FRA
expires
Wed, 20 Mar 2030 00:53:25 GMT
gtm.js
www.googletagmanager.com/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6ae73d3e5b6923ec3c282771ceae2597f78f2f2d89d2949d1f96930f98b9790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
25615
x-xss-protection
0
last-modified
Sun, 22 Mar 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Mar 2020 00:53:25 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
890
date
Sun, 22 Mar 2020 00:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sun, 22 Mar 2020 02:38:35 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=564785257&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_gid=1613750084.1584838406&gjid=2139337030&_v=j81&z=1905805823
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_v=j81&z=1905805823
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_v=j81&z=1905805823&slf_rd=1&random=3737349695
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_v=j81&z=1905805823&slf_rd=1&random=3737349695
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:25 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1968664091.1584838406&jid=2103981924&_v=j81&z=1905805823&slf_rd=1&random=3737349695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		167 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86a5cf1f80d9ea619ed02e5b845b4674dc65e35c0a37ee698c8fc6a3a84243f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
36964
x-xss-protection
0
last-modified
Sun, 22 Mar 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Mar 2020 00:53:25 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
Y10YsTEjGmn3pABmJjzGzpcLkwtld6EcLXACL75SlvLo8vXu7Wa/ONVl3j2pFOlkvQV/nr5GnVrJ9zx5r1BCnA==
x-fb-trip-id
2000377899
date
Sun, 22 Mar 2020 00:53:25 GMT, Sun, 22 Mar 2020 00:53:25 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame 45E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
x-amz-id-2
N6MlfKC1U/ZjKBrQrc+VUR2nYxMsSCW7QB0JsaQ4tfnIhJ0evfSGhLTx4I1vBDlHlS9rLF8o4OU=
x-amz-request-id
0BD9D8BC409F5224
last-modified
Fri, 28 Feb 2020 23:42:06 GMT
etag
"a0f6c1465b8d9aab778cf2913d1d3c86"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sun, 22 Mar 2020 00:53:25 GMT
via
1.1 varnish
age
99
x-served-by
cache-fra19173-FRA
x-cache
HIT
x-cache-hits
17
x-timer
S1584838406.824737,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
content-length
203
20200309_GOP_TMAGAC_2020-nominee_card_web_winred.jpg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/035/329/large/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/035/329/large/20200309_GOP_TMAGAC_2020-nominee_card_web_winred.jpg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-eb2e27535f1fa55c580b17cf7ceb28c2c0670a2175c5c097718a0b01e03b0f81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-98.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d96e0c843a72ee98a286216a8ca806d706ab807b0240f8754ed14f24fdcf0564

Request headers

Referer
https://secure.winred.com/stylesheets/rv_page_GzCEMQ4mgZRPJCUwSwSvYcbD/1584540409.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 21 Mar 2020 17:13:28 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
etag
"3bf0ecf818763635e8f4eb301ab44ead"
last-modified
Tue, 17 Mar 2020 16:09:04 GMT
server
AmazonS3
age
27597
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-version-id
dwQ85ShQHUKc_I6PoWOlMYeb7CVlmTef
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
116035
x-amz-cf-id
qRkoGJGMfn47YGArQcUIhxEZFS3A__tIDNJpzIqQNpjhCBix6QjhqQ==
controller-40ee2e35c0e13e2e072320469122a918.html
js.stripe.com/v3/ Frame A1B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-40ee2e35c0e13e2e072320469122a918.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-40ee2e35c0e13e2e072320469122a918.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
x-amz-id-2
06kV/VAra1HkeAiLTB5lROEWHxC6BdN4yG6vvRyY4RgTjJptQfOIiUHTJBcGQN8aK2VYq1wZdSM=
x-amz-request-id
EB111F2F125A4EC3
last-modified
Thu, 19 Mar 2020 18:07:30 GMT
etag
"40ee2e35c0e13e2e072320469122a918"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sun, 22 Mar 2020 00:53:25 GMT
via
1.1 varnish
age
260
x-served-by
cache-fra19173-FRA
x-cache
HIT
x-cache-hits
6
x-timer
S1584838406.860846,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length
239
elements-inner-card-7117b627d6fabc5b8f474a6b545a2123.html
js.stripe.com/v3/ Frame 488C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-7117b627d6fabc5b8f474a6b545a2123.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/elements-inner-card-7117b627d6fabc5b8f474a6b545a2123.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
x-amz-id-2
v1vfGAid+LowP3KnaGsnyFXF8bZmAfPi/FIVjfLeXT6TNKIduh6MHTnSOsvUGxdMjVdFlpjcBAg=
x-amz-request-id
8DE29E5DDBBA442A
last-modified
Thu, 19 Mar 2020 18:07:30 GMT
etag
"7117b627d6fabc5b8f474a6b545a2123"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sun, 22 Mar 2020 00:53:25 GMT
via
1.1 varnish
age
207
x-served-by
cache-fra19173-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1584838406.864608,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length
1350
current_with_info
app.revv.co/api/v3/users/ 		128 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-eb2e27535f1fa55c580b17cf7ceb28c2c0670a2175c5c097718a0b01e03b0f81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f925a7d474a7d96af3648a93a138c0ba74ae54b3436e99add4b681c10f39bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin
https://secure.winred.com
date
Sun, 22 Mar 2020 00:53:26 GMT
x-rack-cors-original-access-control-max-age
0
x-rack-cors-original-access-control-allow-credentials
true
cf-cache-status
DYNAMIC
x-rack-cors-original-access-control-allow-methods
GET, POST, OPTIONS
status
200
access-control-max-age
0
x-rack-cors-original-access-control-expose-headers
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id
014f1fce-c382-4d48-9d63-2750395b2ffb
x-runtime
0.009240
server
cloudflare
etag
W/"55f925a7d474a7d96af3648a93a138c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.api+json
access-control-allow-origin
https://secure.winred.com
vary
Origin
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
577bef853cddc2d1-FRA
x-rack-cors
hit
x-content-type-options
nosniff
access-control-expose-headers
common.js
maps.googleapis.com/maps-api-v3/api/js/40/5/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/40/5/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6c9c244b60a3d20ed80c7aa099a32700154b50519ca960d1c97bc51197e7d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 18:01:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2020 21:39:35 GMT
server
sffe
age
283889
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28917
x-xss-protection
0
expires
Thu, 18 Mar 2021 18:01:56 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/40/5/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/40/5/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e64efc83d88982acf3558abb6a6d475121bdd6eed88d1e88c2ebdb88421c2024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 18:01:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2020 21:39:35 GMT
server
sffe
age
283889
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
54042
x-xss-protection
0
expires
Thu, 18 Mar 2021 18:01:56 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/40/5/ 		208 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/40/5/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd332aabb307cab19eb20117fc6e980926db0d7e8ede8f39a1e9e88721ead2c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 18:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2020 21:39:35 GMT
server
sffe
age
283840
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
57604
x-xss-protection
0
expires
Thu, 18 Mar 2021 18:02:45 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/40/5/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/40/5/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c6b8a49c4225f88c0082af488f37089d46fd88957e778dc7e79ab4195218d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 18:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2020 21:39:35 GMT
server
sffe
age
283807
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
16126
x-xss-protection
0
expires
Thu, 18 Mar 2021 18:03:18 GMT
controller-40ee2e35c0e13e2e072320469122a918.html
js.stripe.com/v3/ Frame A1D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-40ee2e35c0e13e2e072320469122a918.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-40ee2e35c0e13e2e072320469122a918.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
x-amz-id-2
06kV/VAra1HkeAiLTB5lROEWHxC6BdN4yG6vvRyY4RgTjJptQfOIiUHTJBcGQN8aK2VYq1wZdSM=
x-amz-request-id
EB111F2F125A4EC3
last-modified
Thu, 19 Mar 2020 18:07:30 GMT
etag
"40ee2e35c0e13e2e072320469122a918"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sun, 22 Mar 2020 00:53:25 GMT
via
1.1 varnish
age
260
x-served-by
cache-fra19173-FRA
x-cache
HIT
x-cache-hits
7
x-timer
S1584838406.901565,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length
239
payment-request-inner-browser-45f7ec6e1d8c6e62b8c6fe605ab6a830.html
js.stripe.com/v3/ Frame 1675 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-45f7ec6e1d8c6e62b8c6fe605ab6a830.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/payment-request-inner-browser-45f7ec6e1d8c6e62b8c6fe605ab6a830.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
x-amz-id-2
6NPek2C9uzM8ZEADHEbv7ez53gTHLns/x/pFsqZkJcp8yEjKKulENVkgs3J5byVJ0Zr/OAMYaJU=
x-amz-request-id
08F15CCEE5C63EDD
last-modified
Thu, 19 Mar 2020 18:07:30 GMT
etag
"45f7ec6e1d8c6e62b8c6fe605ab6a830"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sun, 22 Mar 2020 00:53:25 GMT
via
1.1 varnish
age
131
x-served-by
cache-fra19173-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1584838406.906052,VS0,VE1
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length
253
1859648330995027
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1859648330995027?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2b96e4e8728843db8cca1147170e5c62e899394bb71182392b86e6978c850b80
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114919
x-xss-protection
0
pragma
public
x-fb-debug
7fp3MfI2EMcjhbJzc9GIHK+HzM2q2AgTpwhaX5ofHFWHjbcF60s6sLUtDmi+q6j31wTzMDDimIm6v0qB65iZng==
x-fb-trip-id
2000377899
date
Sun, 22 Mar 2020 00:53:25 GMT, Sun, 22 Mar 2020 00:53:25 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9947
x-xss-protection
0
server
cafe
etag
2742097851886756974
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 Mar 2020 00:53:26 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2033
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Sun, 22 Mar 2020 01:19:32 GMT
activityi;dc_pre=CLfK6JHvrOgCFd7juwgdtPcLpA;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-foundin...
9386837.fls.doubleclick.net/ Frame 2FD5
Redirect Chain
  • https://9386837.fls.doubleclick.net/activityi;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-found...
  • https://9386837.fls.doubleclick.net/activityi;dc_pre=CLfK6JHvrOgCFd7juwgdtPcLpA;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecur...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9386837.fls.doubleclick.net/activityi;dc_pre=CLfK6JHvrOgCFd7juwgdtPcLpA;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9386837.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLfK6JHvrOgCFd7juwgdtPcLpA;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 22 Mar 2020 00:53:26 GMT
expires
Sun, 22 Mar 2020 00:53:26 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
439
x-xss-protection
0
set-cookie
IDE=AHWqTUlQeU7X5wdQ9xmcURDRxEK5tT5MNvRhZuf-JnNJyfdWRQpM_PcF-A691xSJ; expires=Fri, 16-Apr-2021 00:53:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 22 Mar 2020 00:53:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9386837.fls.doubleclick.net/activityi;dc_pre=CLfK6JHvrOgCFd7juwgdtPcLpA;src=9386837;type=pagev0;cat=tmaga0;ord=1778046987441;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 22-Mar-2020 01:08:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
activityi;dc_pre=CNKL6ZHvrOgCFf_juwgdDkoPxQ;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-foundin...
9386837.fls.doubleclick.net/ Frame 1A4C
Redirect Chain
  • https://9386837.fls.doubleclick.net/activityi;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-found...
  • https://9386837.fls.doubleclick.net/activityi;dc_pre=CNKL6ZHvrOgCFf_juwgdDkoPxQ;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecur...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9386837.fls.doubleclick.net/activityi;dc_pre=CNKL6ZHvrOgCFf_juwgdDkoPxQ;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9386837.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNKL6ZHvrOgCFf_juwgdDkoPxQ;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 22 Mar 2020 00:53:26 GMT
expires
Sun, 22 Mar 2020 00:53:26 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
441
x-xss-protection
0
set-cookie
IDE=AHWqTUlMgB2YU5EcZhVOOan1MZfxEscNpnkDIUoxicIIevAhaCHLMBPRRe9I2nwQ; expires=Fri, 16-Apr-2021 00:53:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 22 Mar 2020 00:53:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9386837.fls.doubleclick.net/activityi;dc_pre=CNKL6ZHvrOgCFf_juwgdDkoPxQ;src=9386837;type=pagev0;cat=tmaga0;ord=2278698160931;gtm=2wg3b2;auiddc=183023336.1584838406;~oref=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 22-Mar-2020 01:08:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
hotjar-957761.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-957761.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress3
Software
/
Resource Hash
4c9ffcaa9c71961ed9d7946a3aa285ae2156b5dc83d6a519c5d552beba974a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
177
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1618
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/2020192ca6f6a26ccac1d1aed7c6acdf
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.072
accept-ranges
bytes
section-io-id
540d1b6587a2e3bac26c8589a584bbc9
section-origin-responded
true
collect.js
10964169.collect.igodigital.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10964169.collect.igodigital.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.18.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-18-117.compute-1.amazonaws.com
Software
/
Resource Hash
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
last-modified
Sat, 21 Mar 2020 15:10:34 GMT
vary
Accept-Encoding
content-type
application/javascript
scevent.min.js
sc-static.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.201.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-105.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 21 Mar 2020 22:09:31 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 22:48:01 GMT
server
AmazonS3
age
9835
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
09RMCyOebHp4s7u0Tgr-1m4NyXljqJe-f3Nv8It_5baEtGaNo9vkwQ==
via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
ytc.js
s.yimg.com/wi/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
da5d59b3200e322f2dc723505bd974e642d013f8261ed7be36bbab88b2044324
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

ats-carp-promotion
1
date
Sun, 22 Mar 2020 00:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2463
x-amz-server-side-encryption
AES256
status
200
strict-transport-security
max-age=15552000
content-length
5097
x-amz-id-2
rzq2h2D2W0HerlqqZDRu/ci8fwZ01Ta+k+ReFqDXvLMKCb5DL056wzlLMH0c1+xRkqvQlyFLBq4=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 02 Apr 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 26 Feb 2020 09:47:57 GMT
server
ATS
etag
"d699f9d2abb1c3bd39981db583d3cf0f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-request-id
F8E823FBB2C09D1D
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
mKvbwHik1MhSUT4X3Aour3fBLLG6vD9V
accept-ranges
bytes
content-type
application/javascript
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
age
59971
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4034-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1584838406.180219,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
age
59968
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4034-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1584838406.217572,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes

Redirect headers

Access-Control-Allow-Origin
*
Date
Sun, 22 Mar 2020 00:53:26 GMT
Server
ECS (amb/6B77)
Content-Length
0
Location
https://static.ads-twitter.com/oct.js
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
access-control-allow-origin
*
content-type
image/png
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1616
x-xss-protection
0
expires
Sun, 22 Mar 2020 00:53:26 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
access-control-allow-origin
*
content-type
image/png
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
3351
x-xss-protection
0
expires
Sun, 22 Mar 2020 00:53:26 GMT
564185864375656
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/564185864375656?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
92d7a2eb480c306f6a74048525a2dac4f17244aae0f642ae366d599d2e0cd33a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114917
x-xss-protection
0
pragma
public
x-fb-debug
nfFa8zUEurdWUGqi5aJWv9jURgAqLerkt5CZWNFvLh5SV2gDdih9nKnboweXFm5STfTLtpER9sVg1fvlhzLcvA==
x-fb-trip-id
2000377899
date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1859648330995027&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&rl=&if=false&ts=1584838406233&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584838406232.929080491&it=1584838405923&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sun, 22 Mar 2020 00:53:26 GMT
/
www.facebook.com/tr/ 		44 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1859648330995027&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&rl=&if=false&ts=1584838406234&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1584838406232.929080491&it=1584838405923&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sun, 22 Mar 2020 00:53:26 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=564785257&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_gid=1613750084.1584838406&gjid=1286026887&_v=j81&z=2078343737
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_v=j81&z=2078343737
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_v=j81&z=2078343737&slf_rd=1&random=188435375
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_v=j81&z=2078343737&slf_rd=1&random=188435375
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78271234-1&cid=1968664091.1584838406&jid=1069752461&_v=j81&z=2078343737&slf_rd=1&random=188435375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10077806.json
s.yimg.com/wi/config/ 		2 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10077806.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Mar 2020 00:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
7E5F2C6E4780FCFC
x-amz-id-2
rJgTynDUwvedg9F2KFGDXXNqHYoFWN1a3y1tvGujQgsRJN84N9FtQBiq+Tq/ENMp/ujXi2O3maY=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
10098131.json
s.yimg.com/wi/config/ 		2 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10098131.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
A6173A1359A39A60
x-amz-id-2
ilRPzM1aLVfTp9ybq93vlH8zEBhJET6M9j39FA/k15GYwViLFfbMz1rhCiBAvFOS16EJCdqAwjM=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/792810525/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/792810525/?random=1584838406260&cv=9&fst=1584838406260&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c32727900cbf2bffa92abfd16126f77059f584b3222020284a9d46a352b46964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1124
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.9f37fb83092047dae924.js
script.hotjar.com/ 		405 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9f37fb83092047dae924.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-957761.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress14
Software
/
Resource Hash
affca200cedd429d3a29dea7beb6a102849588c6a2f8bdfd15411683007ddc34

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:25 GMT
content-encoding
br
content-type
application/javascript
age
120436
status
200
section-io-cache
Hit
content-length
74830
last-modified
Fri, 20 Mar 2020 15:23:19 GMT
etag
"18203b54fb508ea1e20e44b02a0544b0"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
accept-ranges
bytes
section-io-id
09f1774532df7a073b2259414ab166de
section-origin-responded
true
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2cc5&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Sun, 22 Mar 2020 00:53:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0c8f9d6bcf6552230e52160ebfbb333a
x-transaction
00d920eb004601a8
expires
Tue, 31 Mar 1981 05:00:00 GMT
elements-inner-payment-request-892e8711f4a9d8e98492bb9297325f01.html
js.stripe.com/v3/ Frame 99D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-892e8711f4a9d8e98492bb9297325f01.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/elements-inner-payment-request-892e8711f4a9d8e98492bb9297325f01.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
x-amz-id-2
Qc4je6Ufoctvrp/5/jDq48B1d1dRJzkUsKmpwrbGOdMxZrPuQN4nQYikY9VEtZlNE+ILYtJh0Nk=
x-amz-request-id
19A4637BBF1BA5C8
last-modified
Thu, 19 Mar 2020 18:07:30 GMT
etag
"892e8711f4a9d8e98492bb9297325f01"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sun, 22 Mar 2020 00:53:26 GMT
via
1.1 varnish
age
57
x-served-by
cache-fra19173-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1584838406.283176,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length
1982
i
tr.snapchat.com/cm/ Frame C18E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=cd1ba55e-6b42-409e-ac1e-6db77ea92054
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=cd1ba55e-6b42-409e-ac1e-6db77ea92054
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
server
nginx/1.17.3
date
Sun, 22 Mar 2020 00:53:26 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
459215611087055
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/459215611087055?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94bee83d6aa6a8a95df192ff0b2b2979d62f749714d434cdc7ea011e52c28e0c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114917
x-xss-protection
0
pragma
public
x-fb-debug
iJLn5IOoe+lkejcqHioZs/8L1mEcL9F/UiZZVYP8RH3W9598SRM4fkoK8dZ2725M9v3zuZCm/c1poy8F/8Zqqw==
x-fb-trip-id
2000377899
date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=564185864375656&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&rl=&if=false&ts=1584838406288&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584838406232.929080491&it=1584838405923&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sun, 22 Mar 2020 00:53:26 GMT
/
www.google.com/pagead/1p-user-list/792810525/ 		42 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/792810525/?random=1584838406260&cv=9&fst=1584835200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&fmt=3&is_vtc=1&random=2179217156&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/792810525/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/792810525/?random=1584838406260&cv=9&fst=1584835200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&fmt=3&is_vtc=1&random=2179217156&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/ Frame 3F9B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
491
pragma
no-cache
cache-control
no-cache
origin
https://secure.winred.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Origin
https://secure.winred.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
server
nginx/1.17.3
date
Sun, 22 Mar 2020 00:53:26 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ2AQAgDwIlIQPqkjqOxnYLhvYMFP1RUnjsgK6h3ghjV9dnd3q1DsImczR8W//FUMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
181084665799192
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/181084665799192?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1b868a3462765a316461a922a33da5f2f4e5f8e6c0f18dbc1574ae2aebf8b2fa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114943
x-xss-protection
0
pragma
public
x-fb-debug
KtCW0H7ZfAkLRzjZMzU4xLTVQdA5o1Y3cWDOVACWaFZcrarWrw3XCJ1OyaWY/eJaN8yc9VHqZ5pKA5W6yM/wIg==
x-fb-trip-id
2000377899
date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame F028 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-957761.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.13 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress9
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask

Response headers

status
200
date
Sun, 22 Mar 2020 00:53:26 GMT
content-type
text/html
content-length
851
last-modified
Wed, 29 Jan 2020 12:33:12 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.093
section-origin-responded
true
age
4537028
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
e483396138dd2ac056a351d2b344fb49
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=459215611087055&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&rl=&if=false&ts=1584838406383&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584838406232.929080491&it=1584838405923&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sun, 22 Mar 2020 00:53:26 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=181084665799192&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&rl=&if=false&ts=1584838406384&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584838406232.929080491&it=1584838405923&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT, Sun, 22 Mar 2020 00:53:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sun, 22 Mar 2020 00:53:26 GMT
track_page_view
nova.collect.igodigital.com/c2/10964169/ 		43 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10964169/track_page_view?payload=%7B%22title%22%3A%22Trump%20Make%20America%20Great%20Again%20Committee%22%2C%22url%22%3A%22https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask%22%2C%22referrer%22%3A%22%22%7D
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.18.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-18-117.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-runtime
0.003865
date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"db04c7b378cb2db912c3ba8a5a774ee3"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
5fe6366c-6ed4-4986-be15-13865c39ecdf
adsct
t.co/i/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2kwx&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Sun, 22 Mar 2020 00:53:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0c8f9d6bcf6552230e52160ebfbb333a
x-transaction
00a3600000c6b88f
expires
Tue, 31 Mar 1981 05:00:00 GMT
log
errors.client.optimizely.com/ 		13 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8416096648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.98.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-98-27.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.winred.com
Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Sun, 22 Mar 2020 00:53:27 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://secure.winred.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
adsct
analytics.twitter.com/i/ 		31 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2cc5&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
120
pragma
no-cache
last-modified
Sun, 22 Mar 2020 00:53:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
05b957d709783d68efc6f25ac8cfda13
x-transaction
0094fee10020ceb9
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2kwx&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Sun, 22 Mar 2020 00:53:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
05b957d709783d68efc6f25ac8cfda13
x-transaction
002ed2fd00658a8e
expires
Tue, 31 Mar 1981 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-855990581
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
020d606e96d8ea528a99f27d2fb645717db6b9373083760a0409af0ad23c20a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28649
x-xss-protection
0
last-modified
Sun, 22 Mar 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Mar 2020 00:53:26 GMT
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-850607854
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04b4458951f0faba074d104d3f6ebb532673ac77497b49ea1e57d86720bcf5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28649
x-xss-protection
0
last-modified
Sun, 22 Mar 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Mar 2020 00:53:26 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-855990581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9947
x-xss-protection
0
server
cafe
etag
2742097851886756974
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 Mar 2020 00:53:26 GMT
/
www.facebook.com/tr/ 		0
84 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarycVkvbqM9uaNx2MeA

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://secure.winred.com
date
Sun, 22 Mar 2020 00:53:26 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/855990581/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855990581/?random=1584838406779&cv=9&fst=1584838406779&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502939afa75ad91f227163ec2bd11876d5d0524c0b823d530ee963ef7b6305fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1148
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850607854/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850607854/?random=1584838406780&cv=9&fst=1584838406780&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91e75f507770d30c4c52c7735eda18b21a972f1d3eabc36a837e0aa57d4f630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1145
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/850607854/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850607854/?random=1584838406780&cv=9&fst=1584838406780&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=...
  • https://www.google.de/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=f...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&is_vtc=1&random=3430484804&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&is_vtc=1&random=3430484804&resp=GooglemKTybQhCsO&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryekqBLbMuQL5zG2ok

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://secure.winred.com
date
Sun, 22 Mar 2020 00:53:26 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
/
www.google.com/pagead/1p-user-list/850607854/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&fmt=3&is_vtc=1&random=378351028&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/850607854/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/850607854/?random=1584838406780&cv=9&fst=1584835200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&fmt=3&is_vtc=1&random=378351028&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/855990581/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/855990581/?random=1584838406779&cv=9&fst=1584835200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&fmt=3&is_vtc=1&random=2987194004&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/855990581/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/855990581/?random=1584838406779&cv=9&fst=1584835200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3b2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&tiba=Trump%20Make%20America%20Great%20Again%20Committee&async=1&fmt=3&is_vtc=1&random=2987194004&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryOLnOEB826TTODQwB

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://secure.winred.com
date
Sun, 22 Mar 2020 00:53:26 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryILVQrIYcokeR4tfe

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://secure.winred.com
date
Sun, 22 Mar 2020 00:53:26 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
log
errors.client.optimizely.com/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.98.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-98-27.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
Origin
https://secure.winred.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://secure.winred.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Sun, 22 Mar 2020 00:53:27 GMT
Content-Type
text/plain
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fsecure.winred.com%2Ftmagac%2F2020-founding-member%3Famount%3D42%26utm_medium%3Demail%26utm_source%3Dcc_ep%26utm_campaign%3D20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac%26utm_content%3Dgop_direct-ask&4sAIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&callback=_xdc_._c4hqmi&key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&token=36319
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/40/5/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
a8c1806fffbdec23b1246a40b6c151e1cdbb6dc23d53ddcf2a39fd44d7de8f66
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 22 Mar 2020 00:53:30 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=50
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| _ function| fbq function| _fbq function| Stripe object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| BestInPlaceEditor function| $ function| jQuery object| jQuery112409601586543670608 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass function| Cookies object| App object| picturefillCFG function| picturefill function| UAParser function| gm_authFailure function| tmpl object| ActionCable object| antiClickjack function| hj object| _hjSettings function| snaptr object| r object| dotq object| optimizely function| twq object| __e3_ object| YAHOO function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| twttr object| _etmc object| _etmc_temp string| func_name object| args string| collect_url function| urlpath object| currentQ function| gtag object| _xdc_

16 Cookies

Domain/Path Name / Value
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ2AQAgDwIlIQPqkjqOxnYLhvYMFP1RUnjsgK6h3ghjV9dnd3q1DsImczR8W//FUMgAAAA==
.doubleclick.net/ Name: IDE
Value: AHWqTUlMgB2YU5EcZhVOOan1MZfxEscNpnkDIUoxicIIevAhaCHLMBPRRe9I2nwQ
.winred.com/ Name: _gat_UA-78271234-1
Value: 1
secure.winred.com/ Name: origin_url
Value: https://secure.winred.com/tmagac/2020-founding-member?amount=42&utm_medium=email&utm_source=cc_ep&utm_campaign=20200321_na_first-2020-founding-members-ep_donaldjtrumpcom_tmagac&utm_content=gop_direct-ask
.winred.com/ Name: _fbp
Value: fb.1.1584838406232.929080491
.winred.com/ Name: _gcl_au
Value: 1.1.183023336.1584838406
.winred.com/ Name: _scid
Value: a9e985ef-fcc9-42f4-837d-9f295ba226cf
.secure.winred.com/ Name: __stripe_sid
Value: 75d43393-0aa9-46ca-84cc-2d5fbecfac3d
.winred.com/ Name: _hjid
Value: 6a3b315e-d5b0-48ec-9b47-29a136d45b59
.secure.winred.com/ Name: __stripe_mid
Value: fe65d7eb-00ae-4a6a-80a9-2d76ec814fe1
.winred.com/ Name: _gat_UA-73658561-7
Value: 1
secure.winred.com/ Name: sso_tries
Value: 1
.winred.com/ Name: _gid
Value: GA1.2.1613750084.1584838406
.winred.com/ Name: _ga
Value: GA1.2.1968664091.1584838406
.winred.com/ Name: _revv_v3_session
Value: N0ZZcFcvMVhYT0VRYWZyL1RLRUFXS001WW5wRCtrMm9YcEhraklXR0ZUV3FmWUdaSHNVNW5KWTk3dnYwaFRtaVJ0ZXF2UEpqN1QvVkFjSDhobEt6YmFFZHFXcFcxam56NGRHL0N5VnYzR0FwNU5iWCtDWkZNb0FDOE5iRmFNNHRKN0wweENaSTU5eHRLSG05S0Z5cU5JTlRYVWN5MUhjekFSRmRLYTFyRjJoUFlDL1phU3hreFVVcVFBVmFuZnhzMHVEeG9vQjNOdEVqOGJaSEVDckRpQ043TUZlZ3hjMDViUUxoZW04VDZPS3VSZnI3RUZ6eUxQQ1RKOFBIb01tVjA5Z1hQeTlFNWlGMHpkc0hWalV6NEk2V3B2UXVhdlVVanh4djNhbmxGUVRLQndTM2ZhdTMwWDZhVnkyTkx5blBmNFpJa1N1NnpDVWtlR2hWZGY5eVZYYTN6Y3VKK2llZjNWUkRFNVZPZlJ5MmNkM2h2dmZkVXBDT005L0c3dmU2VkFlb0lDWjJJTTVCek90dmpCdms4Uit0bWNycnJ4T1gyNzYvMWp0ODFuTWQwOXFUbUpZOFhjN3ZIbng5WGZoeGJvZlNWcEx6RzVzZ0h2QW91b2pJL1E9PS0tYnlSQTNBYXd6NGN0S245WjVaNVJCUT09--c7c47f75b21e1efb5df908a359beaee31f053be5
.secure.winred.com/ Name: __cfduid
Value: d7771c7179390ceb064d72010a56bd8291584838405

2 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 459215611087055.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 181084665799192.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10964169.collect.igodigital.com
9386837.fls.doubleclick.net
analytics.twitter.com
app.revv.co
cdn-pci.optimizely.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
e.boomtrain.washtimesmail.com
errors.client.optimizely.com
googleads.g.doubleclick.net
js.stripe.com
maps.googleapis.com
maps.gstatic.com
nova.collect.igodigital.com
platform.twitter.com
s.yimg.com
sc-static.net
script.hotjar.com
secure.winred.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.111.234.113
104.244.42.133
104.244.42.67
143.204.201.105
147.75.102.203
147.75.32.125
147.75.32.13
151.101.112.157
151.101.12.176
172.217.22.66
18.215.18.117
2001:4860:4802:34::75
2001:4860:4802:38::75
216.58.207.38
2606:4700:10::6814:443
2a00:1288:f03d:1fa::2000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:809::2002
2a00:1450:4001:815::2003
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200a
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.203.98.27
35.186.226.184
93.184.220.66
96.47.24.171
99.86.3.98
020d606e96d8ea528a99f27d2fb645717db6b9373083760a0409af0ad23c20a8
04b4458951f0faba074d104d3f6ebb532673ac77497b49ea1e57d86720bcf5ec
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1b868a3462765a316461a922a33da5f2f4e5f8e6c0f18dbc1574ae2aebf8b2fa
1c6b8a49c4225f88c0082af488f37089d46fd88957e778dc7e79ab4195218d05
1d16b99f42d601857297694322755e36c5e02fe75b73f17b520f3794897f9352
2b5fd7cb3ce5bc662e54a7e81f08ddf070d3d1e8b4c097f85b805731f29ea68b
2b96e4e8728843db8cca1147170e5c62e899394bb71182392b86e6978c850b80
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
4c9ffcaa9c71961ed9d7946a3aa285ae2156b5dc83d6a519c5d552beba974a58
502939afa75ad91f227163ec2bd11876d5d0524c0b823d530ee963ef7b6305fa
55f925a7d474a7d96af3648a93a138c0ba74ae54b3436e99add4b681c10f39bc
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
66c9bafab25db35d8470199f6b03bde87506fb27229420b36dd60b84bcf2884b
6e5c014c177144ea25e4cf21dabf34ead1d8ff7bff6e49a2d381ba9543de635f
7286e58b3cbce6587bba5408c0af450b4d94ce9492a8ab6e96246f479da172d6
7c6a847acb3c048136186ffe81a0d68f43e7e26d90d8ea10dc93031d51449795
86a5cf1f80d9ea619ed02e5b845b4674dc65e35c0a37ee698c8fc6a3a84243f1
898d4f5103dfb5299e382789d58963b7ac3ced874376e7ebf65b4cc1f3fc8d97
92d7a2eb480c306f6a74048525a2dac4f17244aae0f642ae366d599d2e0cd33a
94bee83d6aa6a8a95df192ff0b2b2979d62f749714d434cdc7ea011e52c28e0c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99841cbe2d825c6fd01a99c4b4519c26ef7e467f1d3083a3303bcd087c468dac
a8c1806fffbdec23b1246a40b6c151e1cdbb6dc23d53ddcf2a39fd44d7de8f66
a91e75f507770d30c4c52c7735eda18b21a972f1d3eabc36a837e0aa57d4f630
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd4cc8745727c57b6de665a54aea9a3e6998436d64ed7f061f592c79684709e
affca200cedd429d3a29dea7beb6a102849588c6a2f8bdfd15411683007ddc34
c32727900cbf2bffa92abfd16126f77059f584b3222020284a9d46a352b46964
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d6ae73d3e5b6923ec3c282771ceae2597f78f2f2d89d2949d1f96930f98b9790
d96e0c843a72ee98a286216a8ca806d706ab807b0240f8754ed14f24fdcf0564
da5d59b3200e322f2dc723505bd974e642d013f8261ed7be36bbab88b2044324
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64efc83d88982acf3558abb6a6d475121bdd6eed88d1e88c2ebdb88421c2024
e6c9c244b60a3d20ed80c7aa099a32700154b50519ca960d1c97bc51197e7d51
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5
ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee5eff245e0637fc6a7828f887b7c11018c0aa7bbefa61987ee50bea92db9db4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd332aabb307cab19eb20117fc6e980926db0d7e8ede8f39a1e9e88721ead2c1