secure.winred.com Open in urlscan Pro
104.20.5.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.texasgop.org/
Effective URL:
https://secure.winred.com/republican-party-of-texas/hack
Submission: On September 17 via api (September 17th 2021, 12:00:18 am UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 104.20.5.67, located in and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 15th 2020. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.255.121.2 185.255.121.2	49372 (TRUONGIS) (TRUONGIS)
22	104.20.5.67 104.20.5.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	3

1 185.255.121.2 (United Kingdom) 1 redirects

ASN49372 (TRUONGIS, GB)

www.texasgop.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.20.5.67 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.168.131 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	winred.com secure.winred.com	116 KB
4	hcaptcha.com 2 redirects hcaptcha.com newassets.hcaptcha.com	54 KB
1	texasgop.org 1 redirects www.texasgop.org	270 B
25	3

	Domain	Requested by
22	secure.winred.com	secure.winred.com
2	newassets.hcaptcha.com
2	hcaptcha.com	2 redirects
1	www.texasgop.org	1 redirects
25	4

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
www.cloudflare.com

Subject Issuer	Validity	Valid
www.winred.com DigiCert SHA2 Extended Validation Server CA	`2020-09-15` - `2021-10-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secure.winred.com/republican-party-of-texas/hack
Frame ID: 21FBE668CBF5C10B0AA2DD65BD6D054A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

http://www.texasgop.org/ HTTP 301
https://secure.winred.com/republican-party-of-texas/hack Page URL
https://secure.winred.com/republican-party-of-texas/hack Page URL

Detected technologies

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

<style[^>]+[^<]+#cf-hcaptcha-container[^<]+</style>

Page Statistics

25
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

170 kB
Transfer

423 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/privacy-pass/ajhmfdgkijocedmfjonnpjfojldioehi
Title: Chrome Web Store

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/5xx-error-landing
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.texasgop.org/ HTTP 301
https://secure.winred.com/republican-party-of-texas/hack Page URL
https://secure.winred.com/republican-party-of-texas/hack Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.texasgop.org/ HTTP 301
https://secure.winred.com/republican-party-of-texas/hack

Request Chain 7

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP 302
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

Request Chain 20

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP 302
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

hack Show response
secure.winred.com/republican-party-of-texas/
Redirect Chain

http://www.texasgop.org/
https://secure.winred.com/republican-party-of-texas/hack

13 KB
7 KB

190ms
18ms

Document
text/html

104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a38ed9f177527cfc7f7c9eb9a66e3642d9b5d7f13dbdcba42afc743bb07a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: secure.winred.com
:scheme: https
:path: /republican-party-of-texas/hack
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; path=/; expires=Fri, 17-Sep-21 00:30:12 GMT; domain=.secure.winred.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 68fe0d8b0dd82151-DUS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server: nginx/1.19.4
Date: Fri, 17 Sep 2021 00:00:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://secure.winred.com/republican-party-of-texas/hack
Content-Type: text/html
Access-Control-Allow-Origin: *

GET
H2 200 cf.errors.css
secure.winred.com/cdn-cgi/styles/ 23 KB
4 KB 17ms
15ms Stylesheet
text/css 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/styles/cf.errors.css
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: W/"61421f8e-5c88"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7200 public
cf-ray: 68fe0d8b5e1b2151-DUS
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 02:00:12 GMT

GET
H2 200 v1 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 40 KB
14 KB 45ms
44ms Script
text/javascript 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b21d72c2f30ff53cff960039bca75c5b014c174b984df383367e6a928137f18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/javascript
vary: Accept-Encoding
cache-control: max-age=0, must-revalidate
cf-ray: 68fe0d8bae5f2151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 transparent.gif
secure.winred.com/cdn-cgi/images/trace/captcha/js/ 42 B
128 B 14ms
14ms Image
image/gif 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=68fe0d8b0dd82151

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/captcha/js/transparent.gif?ray=68fe0d8b0dd82151
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0d8bae622151-DUS
vary: Accept-Encoding
content-length: 42
expires: Fri, 17 Sep 2021 02:00:12 GMT

GET
H2 200 transparent.gif
secure.winred.com/cdn-cgi/images/trace/captcha/nojs/h/ 42 B
101 B 13ms
10ms Image
image/gif 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=68fe0d8b0dd82151

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=68fe0d8b0dd82151
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0d8bae692151-DUS
vary: Accept-Encoding
content-length: 42
expires: Fri, 17 Sep 2021 02:00:12 GMT

GET
H2 200 browser-bar.png
secure.winred.com/cdn-cgi/images/ 715 B
798 B 13ms
11ms Image
image/png 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/browser-bar.png?1376755637

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/browser-bar.png?1376755637
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2cb"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0d8bae6c2151-DUS
vary: Accept-Encoding
content-length: 715
expires: Fri, 17 Sep 2021 02:00:12 GMT

GET
H2 200 cf-no-screenshot-warn.png
secure.winred.com/cdn-cgi/images/ 3 KB
3 KB 14ms
12ms Image
image/png 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/cf-no-screenshot-warn.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/cf-no-screenshot-warn.png
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-a20"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0d8bae6d2151-DUS
vary: Accept-Encoding
content-length: 2592
expires: Fri, 17 Sep 2021 02:00:12 GMT

GET
H2

200

hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2ebd8c0/
Redirect Chain

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

84 KB
27 KB

77ms
4ms

Script
application/javascript

104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d85d63b65c54797ae0d01e6c4118cfc89bf38d03feae40eae319f8c6951d5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 107754
cf-polished: origSize=86505
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 18:03:43 GMT
server: cloudflare
etag: W/"0b1744fbfa0727636ebe11666fed1e39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: AMS1-C1
cf-ray: 68fe0d8cef712151-DUS
x-amz-cf-id: asKp3fwJ4gZxLC2_OBtLRW651prRznTcIlurrGKo-iXZ6ug9pGk4rQ==
cf-bgj: minify

Redirect headers

date: Fri, 17 Sep 2021 00:00:12 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 68fe0d8c7f002151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 101afb97ae08f4d Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/ 43 KB
25 KB 55ms
55ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ac1e179de2e2a1913e3718d654bdee3a8e3ce2693a42b51d23ea647ab8ffb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=e
content-length: 1969
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 101afb97ae08f4d
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 101afb97ae08f4d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
set-cookie: cf_chl_seq_101afb97ae08f4d=101c1ecd0bfb0fa;SameSite=Strict;Secure;HttpOnly
cf-ray: 68fe0d8c5eeb2151-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 400 101afb97ae08f4d Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/ 15 B
391 B 125ms
123ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330509caa0f2887db626f7c8e31732090558da1931406299ed6632b20c8ab66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_seq_101afb97ae08f4d=101c1ecd0bfb0fa; __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=a7
content-length: 19443
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 101afb97ae08f4d
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 101afb97ae08f4d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:13 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 68fe0d93bf0321b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15
cf_chl_out: G2aWGzF6772s0G+yD3JbUksHdNLvOpxQKwEaa74E62w=$kxX7kE1rovAvqmxMd6nuAQ==

POST
H3 400 101afb97ae08f4d Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/ 15 B
355 B 102ms
100ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330509caa0f2887db626f7c8e31732090558da1931406299ed6632b20c8ab66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_seq_101afb97ae08f4d=101c1ecd0bfb0fa; __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b
content-length: 19443
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 101afb97ae08f4d
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 101afb97ae08f4d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:14 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 68fe0d971a3221b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15
cf_chl_out: ofxJmYMFKT6mn65mFExyUBMYw9O4jpaHi/HrDTX1KZc=$hBR9tFeFYPW3iPikwHjmKQ==

POST
H3 400 101afb97ae08f4d Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/ 15 B
354 B 91ms
88ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330509caa0f2887db626f7c8e31732090558da1931406299ed6632b20c8ab66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_seq_101afb97ae08f4d=101c1ecd0bfb0fa; __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b
content-length: 19443
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 101afb97ae08f4d
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 101afb97ae08f4d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:14 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 68fe0d98ab6821b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15
cf_chl_out: MpWFbiKokX70pXa8/G0rJTymadkyBOz/xNSt2p0gR4Y=$JlBpKT7Evnm7dIRBIGLC0g==

POST
H3 400 101afb97ae08f4d Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/ 15 B
357 B 104ms
101ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330509caa0f2887db626f7c8e31732090558da1931406299ed6632b20c8ab66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_seq_101afb97ae08f4d=101c1ecd0bfb0fa; __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b
content-length: 19443
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 101afb97ae08f4d
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 101afb97ae08f4d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:14 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 68fe0d99bc6a21b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15
cf_chl_out: 3Zf+ljXfrhi8QECkmp3qJyDCqh++1UokxGPsezqAX+w=$OV+umond8Hf/YWtlaX/LeQ==

POST
H3 400 101afb97ae08f4d Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/ 15 B
353 B 75ms
72ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330509caa0f2887db626f7c8e31732090558da1931406299ed6632b20c8ab66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_seq_101afb97ae08f4d=101c1ecd0bfb0fa; __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b
content-length: 19443
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 101afb97ae08f4d
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 101afb97ae08f4d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:14 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 68fe0d9b1e3d21b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15
cf_chl_out: Zgf7WOGxCDjsmcfi8tFfsoi/oThDLA7C6lftUmlFm8s=$91nyVU9mC3WoZgs9gQIlAg==

GET
H3 403 Primary Request hack Show response
secure.winred.com/republican-party-of-texas/ 13 KB
7 KB 18ms
18ms Document
text/html 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/republican-party-of-texas/hack

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0d8b0dd82151

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea970c77156c36f8ea420143b65a59375098ca5900d7eb8b927423ed0ba13659

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: secure.winred.com
:scheme: https
:path: /republican-party-of-texas/hack
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://secure.winred.com/republican-party-of-texas/hack
accept-encoding: gzip, deflate, br
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b; cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 68fe0da86a8921b1-DUS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 cf.errors.css
secure.winred.com/cdn-cgi/styles/ 23 KB
4 KB 18ms
16ms Stylesheet
text/css 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/styles/cf.errors.css
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b; cf_chl_rc_i=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: W/"61421f8e-5c88"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7200 public
cf-ray: 68fe0da8aac121b1-DUS
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 02:00:16 GMT

GET
H3 200 v1 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 39 KB
14 KB 32ms
31ms Script
text/javascript 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0da86a8921b1

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da50e82c468916ffd42939fd4b07e5cf0b6a0e41cc65f5669a7c0c1cb831c237

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0da86a8921b1
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b; cf_chl_rc_i=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/javascript
vary: Accept-Encoding
cache-control: max-age=0, must-revalidate
cf-ray: 68fe0da8cae821b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 transparent.gif
secure.winred.com/cdn-cgi/images/trace/captcha/js/ 42 B
221 B 18ms
18ms Image
image/gif 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=68fe0da86a8921b1

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/captcha/js/transparent.gif?ray=68fe0da86a8921b1
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b; cf_chl_rc_i=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0da8caea21b1-DUS
vary: Accept-Encoding
content-length: 42
expires: Fri, 17 Sep 2021 02:00:16 GMT

GET
H3 200 transparent.gif
secure.winred.com/cdn-cgi/images/trace/captcha/nojs/h/ 42 B
221 B 20ms
19ms Image
image/gif 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=68fe0da86a8921b1

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/republican-party-of-texas/hack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=68fe0da86a8921b1
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b; cf_chl_rc_i=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/republican-party-of-texas/hack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0da8daec21b1-DUS
vary: Accept-Encoding
content-length: 42
expires: Fri, 17 Sep 2021 02:00:16 GMT

GET
H3 200 browser-bar.png
secure.winred.com/cdn-cgi/images/ 715 B
897 B 20ms
18ms Image
image/png 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/browser-bar.png?1376755637

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/browser-bar.png?1376755637
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b; cf_chl_rc_i=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2cb"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0da8daed21b1-DUS
vary: Accept-Encoding
content-length: 715
expires: Fri, 17 Sep 2021 02:00:16 GMT

GET
H3 200 cf-no-screenshot-warn.png
secure.winred.com/cdn-cgi/images/ 3 KB
3 KB 20ms
19ms Image
image/png 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/cdn-cgi/images/cf-no-screenshot-warn.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/cf-no-screenshot-warn.png
pragma: no-cache
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_2=101afb97ae08f4d; cf_chl_prog=b; cf_chl_rc_i=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.winred.com
referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-a20"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68fe0da8daef21b1-DUS
vary: Accept-Encoding
content-length: 2592
expires: Fri, 17 Sep 2021 02:00:16 GMT

GET
H3

200

hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2ebd8c0/
Redirect Chain

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

84 KB
27 KB

22ms
22ms

Script
application/javascript

104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d85d63b65c54797ae0d01e6c4118cfc89bf38d03feae40eae319f8c6951d5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 107758
cf-polished: origSize=86505
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 18:03:43 GMT
server: cloudflare
etag: W/"0b1744fbfa0727636ebe11666fed1e39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: AMS1-C1
cf-ray: 68fe0da95ee1876a-DUS
x-amz-cf-id: asKp3fwJ4gZxLC2_OBtLRW651prRznTcIlurrGKo-iXZ6ug9pGk4rQ==
cf-bgj: minify

Redirect headers

date: Fri, 17 Sep 2021 00:00:16 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 68fe0da93ed1876a-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 a9045c9e74f1a16 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.23443261575607538:1631833927:0316837ec9b6b8a17578906ac0063e2bbc14eed901f098c7c1a7e3afe7dc944e/68fe0da86a8921b1/ 55 KB
31 KB 106ms
106ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.23443261575607538:1631833927:0316837ec9b6b8a17578906ac0063e2bbc14eed901f098c7c1a7e3afe7dc944e/68fe0da86a8921b1/a9045c9e74f1a16

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0da86a8921b1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a06703572bd5449902419984b13733a0079d5fcf793d56309290c164cf67bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_rc_i=1; cf_chl_2=a9045c9e74f1a16; cf_chl_prog=e
content-length: 1993
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.23443261575607538:1631833927:0316837ec9b6b8a17578906ac0063e2bbc14eed901f098c7c1a7e3afe7dc944e/68fe0da86a8921b1/a9045c9e74f1a16
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
cf-challenge: a9045c9e74f1a16
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: a9045c9e74f1a16
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
set-cookie: cf_chl_seq_a9045c9e74f1a16=0de206060233059;SameSite=Strict;Secure;HttpOnly
cf-ray: 68fe0da95b7621b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK d4187ed8-abbf-42de-9c58-688c09a6cee6
https://secure.winred.com/ 120 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.winred.com/d4187ed8-abbf-42de-9c58-688c09a6cee6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 120
Content-Type: application/javascript

POST
H3 200 a9045c9e74f1a16 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/beacon/ov1/0.23443261575607538:1631833927:0316837ec9b6b8a17578906ac0063e2bbc14eed901f098c7c1a7e3afe7dc944e/68fe0da86a8921b1/ 0
244 B 18ms
18ms XHR
text/plain 104.20.5.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/beacon/ov1/0.23443261575607538:1631833927:0316837ec9b6b8a17578906ac0063e2bbc14eed901f098c7c1a7e3afe7dc944e/68fe0da86a8921b1/a9045c9e74f1a16

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=68fe0da86a8921b1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.5.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://secure.winred.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cf_bm=PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF; cf_chl_rc_i=1; cf_chl_2=a9045c9e74f1a16; cf_chl_prog=b
content-length: 466
:path: /cdn-cgi/challenge-platform/h/b/beacon/ov1/0.23443261575607538:1631833927:0316837ec9b6b8a17578906ac0063e2bbc14eed901f098c7c1a7e3afe7dc944e/68fe0da86a8921b1/a9045c9e74f1a16
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: secure.winred.com
referer: https://secure.winred.com/republican-party-of-texas/hack
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://secure.winred.com/republican-party-of-texas/hack
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 00:00:17 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
cf-ray: 68fe0dafc99321b1-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151	1969-12-31 23:59:59	Name: cf_chl_seq_101afb97ae08f4d Value: 101c1ecd0bfb0fa
secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.23443261575607538:1631833927:0316837ec9b6b8a17578906ac0063e2bbc14eed901f098c7c1a7e3afe7dc944e/68fe0da86a8921b1	1969-12-31 23:59:59	Name: cf_chl_seq_a9045c9e74f1a16 Value: 0de206060233059
.secure.winred.com/	1970-01-19 21:17:18	Name: __cf_bm Value: PpHwSM3jcbST75RaCzhWCPwpzO5MY02okbJY_aZMT3U-1631836812-0-Abf70P85n2OQV7+T4ZEyR3qWelvP/aYYeGiEbzMtuFqrIJmynaBDlBDS9YKhlLbjSg90X2toslPI/hPokU0nTvbf9c7M2aDYWuNy/st8CILF
secure.winred.com/	1970-01-19 21:17:20	Name: cf_chl_rc_i Value: 1
secure.winred.com/	1970-01-19 21:17:20	Name: cf_chl_2 Value: a9045c9e74f1a16
secure.winred.com/	1970-01-19 21:17:20	Name: cf_chl_prog Value: a6

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://secure.winred.com/republican-party-of-texas/hack Message: Failed to load resource: the server responded with a status of 403 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network	error	URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.25819530444871863:1631833931:eba34ee739c9f60263cc2633623c7bd12478ff6085f97d60330bbea0ae52aa1e/68fe0d8b0dd82151/101afb97ae08f4d Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://secure.winred.com/republican-party-of-texas/hack Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hcaptcha.com
newassets.hcaptcha.com
secure.winred.com
www.texasgop.org
104.16.168.131
104.20.5.67
185.255.121.2
14a06703572bd5449902419984b13733a0079d5fcf793d56309290c164cf67bf
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
27ac1e179de2e2a1913e3718d654bdee3a8e3ce2693a42b51d23ea647ab8ffb4
2d85d63b65c54797ae0d01e6c4118cfc89bf38d03feae40eae319f8c6951d5a4
330509caa0f2887db626f7c8e31732090558da1931406299ed6632b20c8ab66b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
98a38ed9f177527cfc7f7c9eb9a66e3642d9b5d7f13dbdcba42afc743bb07a78
b21d72c2f30ff53cff960039bca75c5b014c174b984df383367e6a928137f18d
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
da50e82c468916ffd42939fd4b07e5cf0b6a0e41cc65f5669a7c0c1cb831c237
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea970c77156c36f8ea420143b65a59375098ca5900d7eb8b927423ed0ba13659
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

secure.winred.com Open in urlscan Pro 104.20.5.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

170 kBTransfer

423 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

secure.winred.com Open in urlscan Pro
104.20.5.67 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

170 kB
Transfer

423 kB
Size

6
Cookies

25 HTTP transactions
1 data transactions