urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
104.19.212.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d...
Effective URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_t...
Submission: On August 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 21 HTTP transactions. The main IP is 104.19.212.89, located in and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 60737.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 54.166.228.155 14618 (AMAZON-AES)
3 143.204.98.36 16509 (AMAZON-02)
1 8 104.19.212.89 13335 (CLOUDFLAR...)
1 104.18.30.78 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.190.26.57 15169 (GOOGLE)
1 2600:9000:235... 16509 (AMAZON-02)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 151.101.194.6 54113 (FASTLY)
1 152.195.34.116 15133 (EDGECAST)
21 12
3    54.166.228.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-228-155.compute-1.amazonaws.com
ci.criticalimpact.com
3    143.204.98.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-36.fra50.r.cloudfront.net
667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com
8    104.19.212.89 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.winred.com
1    104.18.30.78 (None, )

ASN13335 (CLOUDFLARENET, US)
performance.radar.cloudflare.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700::6812:1f13 (United States)

ASN13335 (CLOUDFLARENET, US)
benchmarks.cdn.compute-pipe.com
1    35.190.26.57 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 57.26.190.35.bc.googleusercontent.com
benchmark.1e100cdn.net
1    2600:9000:235a:2000:1b:9b5:7e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
p29.cedexis-test.com
1    2a02:26f0:7100::213:c6b2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cedexis-test.akamaized.net
1    151.101.194.6 (San Francisco, United States)

ASN54113 (FASTLY, US)
fastly.cedexis-test.com
1    152.195.34.116 (United States)

ASN15133 (EDGECAST, US)
p16999.cedexis-test.com
Apex Domain
Subdomains		 Transfer
8 winred.com
secure.winred.com — Cisco Umbrella Rank: 60737
13 KB
3 cedexis-test.com
p29.cedexis-test.com — Cisco Umbrella Rank: 17211
fastly.cedexis-test.com — Cisco Umbrella Rank: 16759
p16999.cedexis-test.com — Cisco Umbrella Rank: 15006
p17003.cedexis-test.com Failed
302 KB
3 awswaf.com
667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com
287 KB
3 criticalimpact.com
ci.criticalimpact.com
3 KB
1 akamaized.net
cedexis-test.akamaized.net — Cisco Umbrella Rank: 247090
100 KB
1 1e100cdn.net
benchmark.1e100cdn.net — Cisco Umbrella Rank: 15432
100 KB
1 compute-pipe.com
benchmarks.cdn.compute-pipe.com — Cisco Umbrella Rank: 220782
100 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 cloudflare.com
performance.radar.cloudflare.com — Cisco Umbrella Rank: 82989
4 KB
21 9
Domain Requested by
8 secure.winred.com 1 redirects ci.criticalimpact.com
secure.winred.com
static.cloudflareinsights.com
3 667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com ci.criticalimpact.com
667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com
3 ci.criticalimpact.com 1 redirects
1 p16999.cedexis-test.com
1 fastly.cedexis-test.com
1 cedexis-test.akamaized.net
1 p29.cedexis-test.com
1 benchmark.1e100cdn.net
1 benchmarks.cdn.compute-pipe.com secure.winred.com
1 static.cloudflareinsights.com secure.winred.com
1 performance.radar.cloudflare.com secure.winred.com
0 p17003.cedexis-test.com Failed
21 12

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
criticalimpact.com
Amazon RSA 2048 M03		 2024-05-17 -
2025-06-15		 a year crt.sh
*.cde1dde8.us-east-1.token.awswaf.com
Amazon RSA 2048 M02		 2024-05-05 -
2025-06-03		 a year crt.sh
secure.winred.com
Cloudflare Inc ECC CA-3		 2024-01-22 -
2024-12-31		 a year crt.sh
radar.cloudflare.com
E6		 2024-07-18 -
2024-10-16		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
benchmarks.cdn.compute-pipe.com
E6		 2024-06-19 -
2024-09-17		 3 months crt.sh
1e100cdn.net
WR3		 2024-07-11 -
2024-10-09		 3 months crt.sh
p29.cedexis-test.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-09		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
fastly.cedexis-test.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-03 -
2025-05-05		 a year crt.sh
p16999.cedexis-test.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-12 -
2025-03-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Frame ID: C90575EB3784878077A58E6D07B2ABC1
Requests: 20 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 60CBAF4498051320DA25F3306ABA9532
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access denied

Page URL History Show full URLs

  1. http://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba... HTTP 307
    https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba... Page URL
  2. https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba... HTTP 302
    https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.11348... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

21
Requests

90 %
HTTPS

36 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

916 kB
Transfer

1729 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763 HTTP 307
    https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763 Page URL
  2. https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763 HTTP 302
    https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763 HTTP 307
  • https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
Request Chain 11
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
47763
ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/
Redirect Chain
  • http://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
  • https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.166.228.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-228-155.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9e21f821161bcd4db616e7c09559b86cbd5ab1aae8eed093fde369006f326ad1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS,GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=0
content-length
2029
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 22:30:34 GMT
server
awselb/2.0
x-amzn-waf-action
challenge

Redirect headers

Location
https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
Non-Authoritative-Reason
HttpsUpgrades
challenge.js
667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/ 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/challenge.js
Requested by
Host: ci.criticalimpact.com
URL: https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-36.fra50.r.cloudfront.net
Software
/
Resource Hash
e8c826b8b4aedd4b63950ce73e504a9d5fdad7a301915c844e633371821f9f98

Request headers

Referer
https://ci.criticalimpact.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 22:30:35 GMT
content-encoding
gzip
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified
Fri, 2 Aug 2024 22:30:35 +0000
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66ad5e0b-5b5b4c7c72e8e8443fe5c45e
content-type
text/javascript
cache-control
private, max-age=86400, stale-while-revalidate=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JWaeaGNz4_heV5A-ZE-pm0FKuDhnSSZ61oujiT27bk_jBW93hfddJg==
expires
0
favicon.ico
ci.criticalimpact.com/ 		0
212 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ci.criticalimpact.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.166.228.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-228-155.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:36 GMT
server
awselb/2.0
x-amzn-waf-action
challenge
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, max-age=0
content-length
0
verify
667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/ 		308 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/verify
Requested by
Host: 667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com
URL: https://667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.98.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-36.fra50.r.cloudfront.net
Software
/
Resource Hash
cb147550a30e137ba8949b36cdb800d30e28de5e45c66d87bd46736d9334a23e

Request headers

Referer
https://ci.criticalimpact.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 22:30:36 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66ad5e0c-6d1eb0090ebb046631581cc1
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
308
x-amz-cf-id
m2_3p6PuwdeEXbzHLZbaGLXwbA-RjLEtv92WvAJUXRdGC3hB8MVvPA==
expires
0
telemetry
667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/ 		876 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/telemetry
Requested by
Host: 667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com
URL: https://667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com/667bfbde98c3/6817fbe068dd/9f9f5131d081/challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.98.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-36.fra50.r.cloudfront.net
Software
/
Resource Hash
3bc9241e2ae78c9a1f8fab759930fce1baab84b2e900928fe82cebdf1d21687f

Request headers

Referer
https://ci.criticalimpact.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 22:30:36 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66ad5e0c-6124c9610925d3b935349f3d
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
876
x-amz-cf-id
pCbNFsHItY0EBaUnKdGi7k_QtQWh4m38Dl1_QsWxzy5kZPqsegPA3g==
expires
0
Primary Request /
secure.winred.com/btvf/marsha-last-hope-lf/
Redirect Chain
  • https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
  • https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Requested by
Host: ci.criticalimpact.com
URL: https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.212.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8635c5cff583477c705e094ac00a6f4e80d65e5796294afc61a163aca7d38bf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ci.criticalimpact.com/go/1/1304936050388b50322761119fed00b9/47763/3e961f5e404964de3947229f28c3afba/6df5f4b41cee8f45c3d6b838967d376c/47763
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ad18372cd378fda-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 22:30:37 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
content-type
text/html;charset=UTF-8
date
Fri, 02 Aug 2024 22:30:37 GMT
location
https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
server
Apache/2.4.57 (codeit)
errors.css
secure.winred.com/cdn-cgi/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/styles/errors.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.212.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574b098b0c3e4a12f959bafb73cfa857b414f27ebe854f3910b3a45651ff7a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 21:55:42 GMT
server
cloudflare
etag
W/"66a9615e-183d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8ad183730d6a8fda-FRA
expires
Sat, 03 Aug 2024 00:30:37 GMT
beacon.js
performance.radar.cloudflare.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://performance.radar.cloudflare.com/beacon.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a9b7e760243d2d31b566019616e0683f926f0a43920df10fa38d758dc83af8e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, max-age=0
timing-allow-origin
*
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
cf-ray
8ad183734ab618fd-FRA
external.png
secure.winred.com/cdn-cgi/images/ 		265 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/cdn-cgi/images/external.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.212.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f03b2b292f718119a8203689d05692e054f1059112c981c1e20dec82e9f2ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 21:55:42 GMT
server
cloudflare
etag
"66a9615e-109"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8ad183730d6c8fda-FRA
content-length
265
expires
Sat, 03 Aug 2024 00:30:37 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
Origin
https://secure.winred.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8ad18373798f5d6d-FRA
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb5aa910369cd275c1a4e584616d76d92da0441c8002bd4803c53dd4f56a47e8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
r20-100KB.png
benchmarks.cdn.compute-pipe.com/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benchmarks.cdn.compute-pipe.com/r20-100KB.png?r=23615883
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-store
x-source
Cloudflare Radar
timing-allow-origin
*
cf-ray
8ad1837448339b33-FRA
content-length
102400
alt-svc
h3=":443"; ma=86400
main.js
secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 60CB
Redirect Chain
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Protocol
H3
Server
104.19.212.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a55cc8661d41262aaa12427dd732d0d78a45c076742d8f641e78acf1e4cad1fa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ad183742e2d8fda-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 02 Aug 2024 22:30:37 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ad18373fe048fda-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
8ad18372cd378fda
secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 60CB 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ad18372cd378fda
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.212.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
8ad18374ded18fda-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
rum
secure.winred.com/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.212.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://secure.winred.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8ad18375ef898fda-FRA
favicon.ico
secure.winred.com/ 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.212.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8609c968591ddda2fe1a044e18ddcc969572d8912bbd16a13b419f5162eb3f7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:37 GMT
strict-transport-security
max-age=0; includeSubDomains
referrer-policy
same-origin
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kMh0oV.0PJreDqEFYuYHLHAGL.dHzvdnFXdBe782ByA-1722637837-1.0.1.1-tqiBBi8hfMWwdp1NeF2ly1.m_XQmoMSwq0JFQDahZZwvCmMgSaPRt1HA0x2JtnWA8x726Ld163ZJ9Qd88mTV9T8hTamgENJCCatnSgcCwWe4akq4zmxyl9E5y_pTTp9cXf8KkDRGVBDWtUBYKNoOBpKDSaSoMdN_XudEm7m261E; report-to cf-csp-endpoint
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=kMh0oV.0PJreDqEFYuYHLHAGL.dHzvdnFXdBe782ByA-1722637837-1.0.1.1-tqiBBi8hfMWwdp1NeF2ly1.m_XQmoMSwq0JFQDahZZwvCmMgSaPRt1HA0x2JtnWA8x726Ld163ZJ9Qd88mTV9T8hTamgENJCCatnSgcCwWe4akq4zmxyl9E5y_pTTp9cXf8KkDRGVBDWtUBYKNoOBpKDSaSoMdN_XudEm7m261E"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary
Accept-Encoding
cf-ray
8ad18375ef8d8fda-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
r20-100KB.png
benchmark.1e100cdn.net/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benchmark.1e100cdn.net/r20-100KB.png?r=47963061
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.26.57 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
57.26.190.35.bc.googleusercontent.com
Software
/
Resource Hash
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 01:14:14 GMT
via
1.1 google
age
767783
etag
"5939ad35-19000"
content-type
image/png
cache-control
public,max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102400
r20-100KB.png
p29.cedexis-test.com/img/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p29.cedexis-test.com/img/r20-100KB.png?r=32891948
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2000:1b:9b5:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 14:32:39 GMT
Via
1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA60-P9
Age
1065479
X-Cache
Hit from cloudfront
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
102400
Last-Modified
Wed, 07 Sep 2022 08:47:01 GMT
Server
nginx
ETag
"63185a85-19000"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2629743, public
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
vHoo6FQI3McBdRJdkYzNnuok4tBIlvS8UexBiSD3iGD7QiTpi8P64w==
r20-100KB.png
cedexis-test.akamaized.net/img/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cedexis-test.akamaized.net/img/r20-100KB.png?r=73635061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::213:c6b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 02 Aug 2024 22:30:38 GMT
Last-Modified
Wed, 07 Sep 2022 08:47:01 GMT
Server
nginx
ETag
"63185a85-19000"
X-Cache
RequestInfo=605027937,2a02:26f0:7100::213:c6b2,1fc6f720,1722637838,46387,19,c80596a
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2629743
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
102400
Expires
Mon, 02 Sep 2024 08:59:41 GMT
r20-100KB.png
fastly.cedexis-test.com/img/20367/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.cedexis-test.com/img/20367/r20-100KB.png?r=76708558
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.6 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 02 Aug 2024 22:30:38 GMT
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Age
1936527
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
102400
X-Served-By
cache-dfw-kdfw8210038-DFW, cache-fra-etou8220111-FRA
Last-Modified
Wed, 07 Sep 2022 08:46:26 GMT
Server
nginx
X-Timer
S1722637838.408090,VS0,VE0
ETag
"63185a62-19000"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2629743, public
X-Cedexis-UNI
ETOU|{"pop":"ETOU","sip":"151.101.194.6","rtt":28039,"min_rtt":27936,"ip_ver":"v4","info_state":"HIT","tls":"TLSv1.3","server_name":"cache-fra-etou8220111"}
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
631, 7826
r20-100KB.png
p16999.cedexis-test.com/img/16999/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16999.cedexis-test.com/img/16999/r20-100KB.png?r=50001598
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.34.116 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67C9) /
Resource Hash
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 22:30:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Sep 2022 08:46:26 GMT
server
ECAcc (frb/67C9)
age
784483
etag
"63185a62-19000"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Server
cache-control
max-age=2629743, public
accept-ranges
bytes
timing-allow-origin
*
content-length
102400
r20-100KB.png
p17003.cedexis-test.com/img/17003/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p17003.cedexis-test.com
URL
https://p17003.cedexis-test.com/img/17003/r20-100KB.png?r=63625407

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfBeacon

10 Cookies

Domain/Path Name / Value
.ci.criticalimpact.com/ Name: aws-waf-token
Value: 95756e26-2666-4f0e-a9f9-e48b90c0cf5b:EQoAb9qdduQhAAAA:OrJknBW9mFQ4ckh1x0px4CUz2V9ibtCNiqIg2n11GCh4EXzdENDqCGEaEWvtJ/R2YZ+RET+bN+MKEdCRUgU7gvyWt83PCU8Uu9S9DdE67H5SGkbW3bAAgDhFP/BYm33oj0vTL11M4BfR7AvWKp5jPzcWCjVmOxpodl8kRxGxjiYEPp/I/IIsLbW6Ff/+uINBBWUcJLymTMag7HAGgUCzG499yR0By7eXfSX8ecPosZam07A4aYjytzPuDBdJi0yFpuXDUQbQWdwlXzNY1M4yrQ==
ci.criticalimpact.com/ Name: JSESSIONIDTC1
Value: 2F79FBC56A28972906429C455DC5BC83
ci.criticalimpact.com/ Name: cfid
Value: 1a531f04-7c54-4911-be5d-328236258ba2
ci.criticalimpact.com/ Name: cftoken
Value: 0
ci.criticalimpact.com/ Name: CF_CLIENT_TCICRITICALIMPACTCOM_LV
Value: 1722637837109
ci.criticalimpact.com/ Name: CF_CLIENT_TCICRITICALIMPACTCOM_TC
Value: 1722637837109
ci.criticalimpact.com/ Name: CF_CLIENT_TCICRITICALIMPACTCOM_HC
Value: 2
.secure.winred.com/ Name: __cf_bm
Value: KHmJjTP4ZIy57B17e6U2SZRw1bcNot9OIF25qQE76cg-1722637837-1.0.1.1-_Jdw7i2jks0N__DqL0GjR88ctgp1Ij1JrfyMTR9paPPNSDv.kk6nMw8gNatmED_.otaJEsT6xqO55RrMJn8GpQ
.radar.cloudflare.com/ Name: __cf_bm
Value: ILzeVhIKnFPbLc1.Ig5YCFEd.8PHBdEiUz4YjJTmz.o-1722637837-1.0.1.1-5zq5RVJoh1IJ1WUsh9qdj2PLM.sC0nC_RroaykHdrGo9798bb66i6ZHUHfCw8See6wTy1uLWaAqm7U_Rz70xQA
.secure.winred.com/ Name: cf_clearance
Value: eiznFMrReczXKdE9vEvY1WSrJhix3WHqYdM8.tC06.A-1722637837-1.0.1.1-4u4hyO.mUlO.c_.7dc55Ma1LCIoUB10T8WASSrHGojqP1.Nznu0KeZtgnonXFhan10Qa0m5Un3LRR_9sGOpx7g

3 Console Messages

Source Level URL
Text
network error URL: https://secure.winred.com/btvf/marsha-last-hope-lf/?recurring=true&utm_campaign=20240729_MM-GOP2.113482_t1522042-1043&ex_tid=20240729_MM-GOP2.113482_t1522042-1043
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.winred.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p17003.cedexis-test.com/img/17003/r20-100KB.png?r=63625407
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

667bfbde98c3.cde1dde8.us-east-1.token.awswaf.com
benchmark.1e100cdn.net
benchmarks.cdn.compute-pipe.com
cedexis-test.akamaized.net
ci.criticalimpact.com
fastly.cedexis-test.com
p16999.cedexis-test.com
p17003.cedexis-test.com
p29.cedexis-test.com
performance.radar.cloudflare.com
secure.winred.com
static.cloudflareinsights.com
p17003.cedexis-test.com
104.18.30.78
104.19.212.89
143.204.98.36
151.101.194.6
152.195.34.116
2600:9000:235a:2000:1b:9b5:7e00:93a1
2606:4700::6810:5049
2606:4700::6812:1f13
2a02:26f0:7100::213:c6b2
35.190.26.57
54.166.228.155
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
3a9b7e760243d2d31b566019616e0683f926f0a43920df10fa38d758dc83af8e
3bc9241e2ae78c9a1f8fab759930fce1baab84b2e900928fe82cebdf1d21687f
574b098b0c3e4a12f959bafb73cfa857b414f27ebe854f3910b3a45651ff7a0f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9e21f821161bcd4db616e7c09559b86cbd5ab1aae8eed093fde369006f326ad1
9f03b2b292f718119a8203689d05692e054f1059112c981c1e20dec82e9f2ddb
a55cc8661d41262aaa12427dd732d0d78a45c076742d8f641e78acf1e4cad1fa
a8609c968591ddda2fe1a044e18ddcc969572d8912bbd16a13b419f5162eb3f7
a8635c5cff583477c705e094ac00a6f4e80d65e5796294afc61a163aca7d38bf
cb147550a30e137ba8949b36cdb800d30e28de5e45c66d87bd46736d9334a23e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c826b8b4aedd4b63950ce73e504a9d5fdad7a301915c844e633371821f9f98
eb5aa910369cd275c1a4e584616d76d92da0441c8002bd4803c53dd4f56a47e8