secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.vervemail.com/ct/65346623:63U2GrvN9:m:1:3457155849:220DC9C4E7F2FA646CC5A070CB760B63:r
Effective URL:
https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=2024...
Submission: On November 15 via manual (November 15th 2024, 10:55:56 pm UTC) from US — Scanned from US

Summary HTTP 46 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 13 domains to perform 46 HTTP transactions. The main IP is 2606:4700::6813:d359, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 93759.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.216.201.179 34.216.201.179	16509 (AMAZON-02) (AMAZON-02)
1 12	2606:4700::68... 2606:4700::6813:d359	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.252.59 13.33.252.59	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c21::5f	15169 (GOOGLE) (GOOGLE)
5	2600:9000:20e... 2600:9000:20ed:8400:0:7d26:ee00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	13.33.252.77 13.33.252.77	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c17::93	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::64	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
46	13

1 34.216.201.179 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-201-179.us-west-2.compute.amazonaws.com

email.vervemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:d359 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.revv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.252.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-59.jfk50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c21::5f (Washington, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20ed:8400:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.33.252.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-77.jfk50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	winred.com 1 redirects secure.winred.com — Cisco Umbrella Rank: 93759 gtm.winred.com Failed	214 KB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	180 KB
5	cloudfront.net d35ligi1n5bgzc.cloudfront.net	3 MB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	423 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	315 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 466	234 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	647 B
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	revv.co app.revv.co — Cisco Umbrella Rank: 362909	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	vervemail.com 1 redirects email.vervemail.com — Cisco Umbrella Rank: 728773	1 KB
46	13

	Domain	Requested by
11	secure.winred.com	1 redirects secure.winred.com static.cloudflareinsights.com
8	js.stripe.com	secure.winred.com js.stripe.com
5	d35ligi1n5bgzc.cloudfront.net	secure.winred.com
4	www.facebook.com	secure.winred.com
4	www.googletagmanager.com	secure.winred.com www.googletagmanager.com
4	maps.googleapis.com	secure.winred.com maps.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.winred.com
2	connect.facebook.net	secure.winred.com connect.facebook.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.com	www.googletagmanager.com
1	app.revv.co	secure.winred.com
1	static.cloudflareinsights.com	secure.winred.com
1	email.vervemail.com	1 redirects
0	gtm.winred.com Failed	www.googletagmanager.com
46	14

This site contains links to these domains. Also see Links.

Domain
winred.com
www.defendingamericasfuture.com
www.katiebrittforsenate.com
www.donaldjtrump.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2024-01-22` - `2024-12-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-25` - `2024-11-23`	3 months	crt.sh
revv.co WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
Frame ID: 83AE70E53ECFFB980401A940CD0C189F
Requests: 36 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html
Frame ID: EDEA70D2CD88A58DAF3FDA615B44EAA2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-129a0c93b4ba5b64c665ed717ea8e362.html
Frame ID: A97B40250815426FDE845E700BD6EB64
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html
Frame ID: E6915CC3F605B550656AB60990ED10D3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-cb3625ec3c764df0ae0318fc47affec8.html
Frame ID: 5B7345CECCE39C6131BB064A301FA48B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-db8f0f62c0034a8cffef1e86a5039fdf.html
Frame ID: 52008285ABFBA310B12932ABF306D03D
Requests: 1 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 65FB54D696B4DEFACBF953E4F45D5B7D
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsecure.winred.com
Frame ID: EBF491769377216D7FF09FC0DC1A4D73
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-0358d7472d571ac1edab7488a5284b41.html
Frame ID: 670FD89E126D84BBB0D09BB00601825A
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 9A17CA5440C3E9A27EB755E5B2947668
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Defending America's Future

Page URL History Show full URLs

https://email.vervemail.com/ct/65346623:63U2GrvN9:m:1:3457155849:220DC9C4E7F2FA646CC5A070CB760B63:r HTTP 302
https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-ema... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

46
Requests

93 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

13
IPs

1
Countries

3806 kB
Transfer

6592 kB
Size

19
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://winred.com/terms/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://winred.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.defendingamericasfuture.com/privacy-policy
Title: here

Search URL Search Domain Scan URL

URL: https://www.defendingamericasfuture.com/notice-of-collection-of-personal-information
Title: NOTICE AT COLLECTION OF PERSONAL INFORMATION

Search URL Search Domain Scan URL

URL: https://www.defendingamericasfuture.com/do-not-sell-my-personal-information
Title: DO NOT SELL MY PERSONAL INFORMATION

Search URL Search Domain Scan URL

URL: https://www.katiebrittforsenate.com/privacy-policy
Title: Privacy Policy and Mobile Terms of Service here

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/tnc-contributor-form
Title: Want to donate by mail? Click here to print out a donation form that you can send to our address.

Search URL Search Domain Scan URL

URL: https://winred.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://winred.com/about-our-ads/
Title: About Our Ads

Search URL Search Domain Scan URL

URL: https://winred.com/support/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.vervemail.com/ct/65346623:63U2GrvN9:m:1:3457155849:220DC9C4E7F2FA646CC5A070CB760B63:r HTTP 302
https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
secure.winred.com/daf/magapriorities-promisingera-fs/
Redirect Chain

https://email.vervemail.com/ct/65346623:63U2GrvN9:m:1:3457155849:220DC9C4E7F2FA646CC5A070CB760B63:r
https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge...

79 KB
16 KB

393ms
142ms

Document
text/html

2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4127a75a4fe04d7c1d711fc7b062eb63a8329d7e797eb4133fbf9c2610d75b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e32d4c4785e17f9-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:55:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-rack-cors: miss; no-origin
x-request-id: b96d9175-5d09-4d24-bc28-7af8bb7c9309
x-revv-cache: Hit from Revv
x-revv-landing-page: 1
x-runtime: 0.038781
x-xss-protection: 1; mode=block

Redirect headers

amfplus-ver: 1.4.0.0
cache-control: no-cache
content-encoding: gzip
content-length: 322
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:55:50 GMT
location: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 / Show response
js.stripe.com/v3/ 689 KB
180 KB 170ms
13ms Script
text/javascript 13.33.252.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-59.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1a46b36ec6301f7bda40b07d288c844903e321bf24a9805145e8f0495d3a3f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
etag: W/"0402471902b989a3d0ea87b6a6ed787f"
age: 57
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bcT4Zr5Ag4CVW1yQwBoD5T9TI_KzkbQVTQ-BC1QHvhkpQfekkWKEhQ==
date: Fri, 15 Nov 2024 22:55:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 15 Nov 2024 21:52:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 7d77965d78b3f4565239009cf6e62356.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P10
server: Cloudfront

GET
H3 200 landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
secure.winred.com/assets/ 223 KB
34 KB 68ms
66ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"0d589e3ee739618497567fffac3f6955"
age: 785
x-amz-version-id: D2DwqyBLy6zvaIoaXr4.652u.C9cECqD
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:55:50 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:50 GMT
content-type: text/css
last-modified: Sat, 02 Nov 2024 01:19:12 GMT
vary: Accept-Encoding
x-amz-id-2: C5mMUm9BpIp790XVavYwUSwhI4tw+cHdBh9R+VtaLznTo8s2b4PXVm7YB8UPRDPmhdHUhen9qI0=
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
cf-ray: 8e32d4c66a5a17f9-EWR
x-amz-request-id: DW6XBV74QV0V94AJ
server: cloudflare

GET
H3 200 1731435046.css
secure.winred.com/stylesheets/rv_page_01jcgs2qdatnr1hkabngk84yst/ 9 KB
3 KB 78ms
76ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/stylesheets/rv_page_01jcgs2qdatnr1hkabngk84yst/1731435046.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2385766dbb389d5fb1e9f628a316878a6f2876c2afc3b0105dfdafe6d527a680

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Response headers

x-request-id: 9266a16f-f2c4-40eb-b08a-d1a5ade378d3
content-encoding: gzip
cf-cache-status: HIT
age: 256105
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 04:45:02 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:50 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 12 Nov 2024 18:57:20 GMT
vary: Accept-Encoding
x-runtime: 0.066394
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31556952
x-rack-cors: miss; no-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8e32d4c67a6017f9-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 384 KB
120 KB 126ms
67ms Script
text/javascript 2607:f8b0:4004:c21::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

2f9035e56bff7d7a0abc67a374da5941ad70d5cdbf9f737bc6d3efc302625180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 895eb45f
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122976
date: Fri, 15 Nov 2024 22:55:51 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js Show response
secure.winred.com/assets/ 492 KB
139 KB 57ms
54ms Script
application/javascript 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"e75fd1678f79abd85c65c4549db07868"
age: 2380
x-amz-version-id: AKYKbeAXl92hpo15FpubXj3OCfb.qIfh
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:55:50 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:50 GMT
content-type: application/javascript
last-modified: Sat, 02 Nov 2024 01:19:07 GMT
vary: Accept-Encoding
x-amz-id-2: mZWRzkLk+A5Ih6VRcLEX2SfoifutjTPkSZs7bg8PaV1ASbBzWQKAwW6nZyhN7x7JTx8Lw66MJ7o=
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
cf-ray: 8e32d4c67a6417f9-EWR
x-amz-request-id: CA6GPE9ZDYP6TDTA
server: cloudflare

GET
H2 200 unnamed.gif
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/182/177/large/ 3 MB
3 MB 139ms
13ms Image
image/gif 2600:9000:20ed:8400:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/182/177/large/unnamed.gif
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:8400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71900da6364994b1b49a88fff946f4086cdecf81e053cde54f5e1cc498ac0163

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: ECVxFezEDxdzqwxuWmi4UG4Xy8mM35zA
etag: "7e30b71644a4ae07eae16348079d0682"
age: 17704
via: 1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 2793456
x-amz-cf-id: 22LmRvcvJ-HG3-lHWcjKbkvb-EXIH1emVoZqwJyztxiHoCli4QLy7Q==
date: Fri, 15 Nov 2024 18:00:46 GMT
content-type: image/gif
last-modified: Tue, 12 Nov 2024 17:52:02 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256

GET
H2 200 KB_pond-DSC_7385_copy.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/100/962/square/ 8 KB
9 KB 139ms
14ms Image
binary/octet-stream 2600:9000:20ed:8400:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/100/962/square/KB_pond-DSC_7385_copy.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:8400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d26f703b71cf352eb1752ed851613e62cb0f0eb4a62c5cad9d75fe8ed4d1a88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: 52m2H4g7P3826tciYtg_yhfuiCeuYEj_
etag: "8ed9baab7bb999661b7ad847e05ff0dc"
age: 78655
via: 1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 8587
x-amz-cf-id: F8OJwdKylxun1Ddq8GBFEHM86ViFeKZqFBBb6duu40Oa3sPy3am9Yw==
date: Fri, 15 Nov 2024 01:04:55 GMT
content-type: binary/octet-stream
last-modified: Sat, 17 Jul 2021 21:47:59 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256

GET
H2 200 kUuht00m_400x400.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/ 9 KB
9 KB 54ms
50ms Image
image/jpeg 2600:9000:20ed:8400:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/kUuht00m_400x400.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:8400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: e6vRznToLKSFlkxhhZl3uvfZed2SXwEW
etag: "86e9d3432d2077771820250698fbb99b"
age: 83475
via: 1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 8995
x-amz-cf-id: EPEVPJPJSgtMe8FdGtvL5Wf4MKffnvPjiL333HB3eWqIdacik2PyNg==
date: Thu, 14 Nov 2024 23:44:36 GMT
content-type: image/jpeg
last-modified: Wed, 20 Mar 2024 15:42:11 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256

GET
H3 200 color_with_star.png
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/800/612/square/ 6 KB
6 KB 30ms
29ms Image
image/png 2600:9000:20ed:8400:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/800/612/square/color_with_star.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ed:8400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce829ba25bad492b899e5e7a741cfdae6fd9f687b5217f985ed4f3d475e03c77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: u8FMMxQIzMM1TrUFonLVuY8OxFbsoSYU
age: 78656
etag: "ebe2138a0bc025c36282c7c4943485f0"
via: 1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 5913
x-amz-cf-id: R9nfTRrQh6QJhM59lJZZ_vEHSaInzKyOcYaL6oU1FUCtNRc_mM9Ntw==
date: Fri, 15 Nov 2024 01:04:55 GMT
content-type: image/png
last-modified: Fri, 08 Dec 2023 19:56:23 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256

GET
H3 200 win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 9 KB
9 KB 47ms
46ms Image
image/webp 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Response headers

cf-cache-status: HIT
etag: "972c0cca8d1e490484e89513f902e847"
age: 224
cf-bgj: imgq:85,h2pri
x-amz-version-id: dXIH3dEWJ3Rui7mgD_aBNL2LpLuJ4a.5
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:55:51 GMT
cf-polished: origFmt=png, origSize=11635
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: image/webp
content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
vary: Accept, Accept-Encoding
last-modified: Sat, 02 Nov 2024 01:19:14 GMT
x-amz-id-2: z0VeIfeKAJiUzsOJjpuqVFpg2JsjfxLwVc/QE9/yaumq3dVcW9d4zdAPshbL98v0IQqZaUmeI+g=
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
cf-ray: 8e32d4c80bff17f9-EWR
x-amz-request-id: MQ4JX4794TV23EAP
accept-ranges: bytes
content-length: 8708
server: cloudflare

GET
H3 200 win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 19 KB
7 KB 58ms
53ms Image
image/svg+xml 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"d31530d4186af669daf4f47099614593"
age: 629
x-amz-version-id: f4pEcXiD8ytcKkhv6Jg8V_T5YyE04Z7F
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:55:51 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Nov 2024 01:19:14 GMT
vary: Accept-Encoding
x-amz-id-2: j+n8sc6yBOSbNY1WWoK8we0pA58Rd9/RTFgIGcd60x7hS35bSjVtABVnjxqkDraSdqxM7v7dzu4=
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
cf-ray: 8e32d4c88caf17f9-EWR
x-amz-request-id: 0R58VQ1AKC7E5YBS
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 113ms
28ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.winred.com
Referer: https://secure.winred.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e32d4c8f8e74308-EWR
access-control-allow-origin: *
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 508 KB
117 KB 115ms
58ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12df00f5267c754902e17148abce598ed0975b09d4923405f65dfe3711fa7afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 15 Nov 2024 22:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 120146
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 52ms
25ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-8qqWv4XF' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-8qqWv4XF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4450, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Q9QqWIdHFkgpPCq8D03wB3In4vhtcNxSbmXRj3TF39nIG+u533iWaUR7TFD3R2jjzMHl8swPhoxVZ678bR/Ajw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
70 KB 94ms
38ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-525B6S76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25da503c5fb14300cd0b0a6fc2316a0a2fe5c006ef7a430b6b5c60289d719001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 15 Nov 2024 22:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 70701
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ 290 B
834 B 51ms
48ms Image
image/webp 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Response headers

cf-cache-status: HIT
etag: "571ee659b7ee9af9291e7dd8176721d5"
age: 5809
cf-bgj: imgq:85,h2pri
x-amz-version-id: SeGtL31.4Z5Qx1ZWraBfxpsE4qrh8aPV
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 02:55:51 GMT
cf-polished: origFmt=png, origSize=560
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: image/webp
content-disposition: inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
vary: Accept, Accept-Encoding
last-modified: Sat, 02 Nov 2024 01:19:11 GMT
x-amz-id-2: UYvY0aPvBlIUt5VoNHLstSAjt9E4+KgRq6U5eVdghpHi8pw2D1UqCYDsWBJKnPhs3MO0Z5UUA2U=
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
cf-ray: 8e32d4c8ace117f9-EWR
x-amz-request-id: BAV61BCKB0827XQS
accept-ranges: bytes
content-length: 290
server: cloudflare

GET
H2 200 controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html
js.stripe.com/v3/ Frame EDEA 0
0 42ms
11ms Document
text/html 13.33.252.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-77.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:55:45 GMT
etag: "b277c2478f2234c23c8ffbbfddc2447e"
last-modified: Fri, 15 Nov 2024 21:14:10 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7d77965d78b3f4565239009cf6e62356.cloudfront.net (CloudFront)
x-amz-cf-id: Qsg5Arq3agdPiAK4h8x817WZBAbfyakZJpKhsNPbUI_wVRIVle7RYQ==
x-amz-cf-pop: JFK50-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-129a0c93b4ba5b64c665ed717ea8e362.html
js.stripe.com/v3/ Frame A97B 0
0 25ms
12ms Document
text/html 13.33.252.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-129a0c93b4ba5b64c665ed717ea8e362.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-77.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 2231
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:18:55 GMT
etag: W/"129a0c93b4ba5b64c665ed717ea8e362"
last-modified: Fri, 15 Nov 2024 21:14:10 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7d77965d78b3f4565239009cf6e62356.cloudfront.net (CloudFront)
x-amz-cf-id: ZARBai4kQdK2_yYg82WSjdEqW3hGrEeC967b24qyI_01qsO951CZiA==
x-amz-cf-pop: JFK50-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 current_with_info Show response
app.revv.co/api/v3/users/ 162 B
1 KB 973ms
74ms XHR
application/vnd.api+json 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/daf/magapriorities-promisingera-fs?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340c43db400b9021d017d05a8762c48a04a328c38c7e300948dd92a7e807d892

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/

Response headers

access-control-max-age: 0
x-request-id: 412b36fa-0214-4cd4-be9f-18e375fd5071
access-control-expose-headers
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"340c43db400b9021d017d05a8762c48a"
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
x-rack-cors-original-access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:52 GMT
content-type: application/vnd.api+json
vary: Origin, Accept-Encoding
x-runtime: 0.010982
x-rack-cors-original-access-control-allow-origin: https://secure.winred.com
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
access-control-allow-credentials: true
x-rack-cors-original-access-control-expose-headers
cf-ray: 8e32d4cf9e1c41fe-EWR
x-rack-cors-original-access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://secure.winred.com
x-rack-cors-original-access-control-allow-credentials: true
server: cloudflare

GET
H2 200 controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html
js.stripe.com/v3/ Frame E691 0
0 2ms
2ms Document
text/html 13.33.252.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-77.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:55:45 GMT
etag: "b277c2478f2234c23c8ffbbfddc2447e"
last-modified: Fri, 15 Nov 2024 21:14:10 GMT
origin-agent-cluster: ?1
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7d77965d78b3f4565239009cf6e62356.cloudfront.net (CloudFront)
x-amz-cf-id: Qsg5Arq3agdPiAK4h8x817WZBAbfyakZJpKhsNPbUI_wVRIVle7RYQ==
x-amz-cf-pop: JFK50-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-cb3625ec3c764df0ae0318fc47affec8.html
js.stripe.com/v3/ Frame 5B73 0
0 72ms
69ms Document
text/html 13.33.252.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-cb3625ec3c764df0ae0318fc47affec8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-77.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1607
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:29:15 GMT
etag: "cb3625ec3c764df0ae0318fc47affec8"
last-modified: Fri, 15 Nov 2024 21:14:25 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7d77965d78b3f4565239009cf6e62356.cloudfront.net (CloudFront)
x-amz-cf-id: F792Qv4nmLW0Qxy2o9ytqEhtwPk1CRQHJ9bnylRmwShf7wA9kDZd2Q==
x-amz-cf-pop: JFK50-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-db8f0f62c0034a8cffef1e86a5039fdf.html
js.stripe.com/v3/ Frame 5200 0
0 72ms
69ms Document
text/html 13.33.252.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-db8f0f62c0034a8cffef1e86a5039fdf.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-77.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 57
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:55:11 GMT
etag: "db8f0f62c0034a8cffef1e86a5039fdf"
last-modified: Fri, 15 Nov 2024 21:14:25 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7d77965d78b3f4565239009cf6e62356.cloudfront.net (CloudFront)
x-amz-cf-id: l4-EfyNgDPPBE3rZZYLkPHFTh6593rou7L9bJy3mmO6Jqsan45VSyg==
x-amz-cf-pop: JFK50-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3

200

main.js Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 65FB
Redirect Chain

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

20ms
18ms

Script
application/javascript

2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Protocol

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d49b7861309773775f3dfbf98e73033d12bb5fa7005f291e17f797fd56ac03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8e32d4cb0f3d17f9-EWR
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
x-content-type-options: nosniff
cf-ray: 8e32d4ca4e8f17f9-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 15 Nov 2024 22:55:51 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 238257795953978 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 94ms
81ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238257795953978?v=2.9.177&r=stable&domain=secure.winred.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcfef59ca5208729f3b4d54c6e7b979437dcf3e9ff0b61b02d9419e895eb4d35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-9wg9xYCM' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-9wg9xYCM' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=77, mss=1232, tbw=70974, tp=68, tpl=0, uplat=65, ullat=1
pragma: public
x-fb-debug: MGRBDoTcWrNARQHN69xHPpdQ/FD+aK9D/KGDIiE2vMbKUcGPofiFkYg6l/T+xD8pXTJ8G6ttM8e48Rgkyp4EYA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 62ms
27ms XHR
application/json 2607:f8b0:4004:c21::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://secure.winred.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Fri, 15 Nov 2024 22:55:51 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 390 KB
128 KB 27ms
26ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c&gtm=45He4bc0v72410129za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6179a97385edd1da3ad09a748ae0a6c7cbec0d770fa3006d1a031bb84cb4fd22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 15 Nov 2024 22:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:55:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130413
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 775ms
37ms Ping
text/plain 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1654891627.1731711352&auid=372736063.1731711352&npa=0&gtm=45He4bc0v72410129za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&tft=1731711351564&tfd=1741&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 746ms
16ms Script
text/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: gzip
age: 802
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 00:42:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:42:30 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame EBF4 0
0 61ms
14ms Document
text/html 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsecure.winred.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 96718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 20:03:54 GMT
expires: Fri, 14 Nov 2025 20:03:54 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 8e32d4c4785e17f9 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 65FB 0
704 B 29ms
23ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e32d4c4785e17f9

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-ray: 8e32d4d06d7c17f9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 15 Nov 2024 22:55:52 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 38ms
16ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238257795953978&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&rl=&if=false&ts=1731711352442&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731711352440.263488733151245017&ler=empty&cdl=API_unavailable&it=1731711351437&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4914, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 15 Nov 2024 22:55:52 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 139ms
117ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=238257795953978&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&rl=&if=false&ts=1731711352442&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731711352440.263488733151245017&ler=empty&cdl=API_unavailable&it=1731711351437&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437643623219729146"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:52 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: jK8fe7KS/sdJURJfUXfyQSmt0tJE+AfA1LEBMX9iId6vGaRiBfhFPwsK4sk2GhZIUlWU6V3+Dg5uZttMbS1tOw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437643623219729146", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=26, mss=1232, tbw=8338, tp=20, tpl=0, uplat=101, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' 'report-sample' 'nonce-KEG2EhhR' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 37ms
16ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238257795953978&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&rl=&if=false&ts=1731711352445&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731711352440.263488733151245017&ler=empty&cdl=API_unavailable&it=1731711351437&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4594, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 15 Nov 2024 22:55:52 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 122ms
101ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=238257795953978&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&rl=&if=false&ts=1731711352445&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731711352440.263488733151245017&ler=empty&cdl=API_unavailable&it=1731711351437&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437643624858006812"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 22:55:52 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: LW59M58/nUpkmHHeTISBC64/hxZvKU6gu7IwdYK889IL7PGsIOHZHTo76mvkZL60eiBa4IjKjRAtPZleMoMXFg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437643624858006812", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=24, mss=1232, tbw=5154, tp=17, tpl=0, uplat=81, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET collect
gtm.winred.com/g/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
360 B 26ms
24ms XHR
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=430515752&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&ul=en-us&de=UTF-8&dt=Defending%20America%27s%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=1587551009&gjid=1728575346&cid=678929747.1731711352&tid=UA-73658561-7&_gid=2041506049.1731711353&_slc=1&gtm=45He4bc0n71NTQZ9Nv72410129za200&cd61=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&z=1004726739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://secure.winred.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:55:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://secure.winred.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
647 B 72ms
23ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=678929747.1731711352&jid=1587551009&gjid=1728575346&_gid=2041506049.1731711353&_u=YCDAiEABBAAAAGAEK~&z=874267675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://secure.winred.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:55:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://secure.winred.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 19ms
18ms Image
image/gif 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=430515752&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&ul=en-us&de=UTF-8&dt=Defending%20America%27s%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YCDAiEABBAAAAGAEK~&jid=&gjid=&cid=678929747.1731711352&tid=UA-73658561-7&_gid=2041506049.1731711353&gtm=45He4bc0n71NTQZ9Nv72410129za200&cd41=anonymous&cd58=t&cd61=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&z=1545861936

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

age: 19589
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 17:29:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 hcaptcha-invisible-0358d7472d571ac1edab7488a5284b41.html
js.stripe.com/v3/ Frame 670F 0
0 15ms
14ms Document
text/html 13.33.252.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-0358d7472d571ac1edab7488a5284b41.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.252.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-77.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-sjGyVDEuWHCV7psNpZSr0LBrg3WbdNtgKBCbJuxx/N0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 2449
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-sjGyVDEuWHCV7psNpZSr0LBrg3WbdNtgKBCbJuxx/N0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:15:05 GMT
etag: W/"aad7252d5817b43ff75a60f91f13cbec"
last-modified: Fri, 15 Nov 2024 21:14:24 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8a7d8c5d00025d5082538e58b376bbb2.cloudfront.net (CloudFront)
x-amz-cf-id: UWgybnMn5uMjYor8xl4HuVS8tdM95x7WetjnkFr5ax7583KAIxUGoA==
x-amz-cf-pop: JFK50-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET collect
gtm.winred.com/g/ 0
0

POST
H3 204 rum Show response
secure.winred.com/cdn-cgi/ 0
142 B 27ms
26ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e32d4d5eb1c17f9-EWR
access-control-allow-origin: https://secure.winred.com
date: Fri, 15 Nov 2024 22:55:53 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/ 1 KB
2 KB 20ms
19ms Other
image/png 2600:9000:20ed:8400:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ed:8400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

x-amz-version-id: FN8PLjpE4LnyaM50_d0emgSd0vAz496F
age: 69522
etag: "7b9c8b7070c8f9c81fc9a133d26daf4e"
via: 1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 1512
x-amz-cf-id: dQ3YAQ0qTRriJhHKBGUmoqmy7cUMsAzcEduSsUAurkjEYnO4E1fsMA==
date: Fri, 15 Nov 2024 03:37:12 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2019 18:21:57 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 9A17 0
0 13ms
13ms Document
text/html 13.33.252.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.252.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-77.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 963
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 22:39:53 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Wed, 13 Nov 2024 22:04:02 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8a7d8c5d00025d5082538e58b376bbb2.cloudfront.net (CloudFront)
x-amz-cf-id: fgQ8XJ1z6plWus0jJZsAS-Bgnlv3nZ0VGoDh4vepnt8s0ZDymZ3yjg==
x-amz-cf-pop: JFK50-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 267 KB
56 KB 21ms
19ms Script
text/javascript 2607:f8b0:4004:c21::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
age: 125
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 22:53:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:53:51 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56823
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 191 KB
58 KB 23ms
23ms Script
text/javascript 2607:f8b0:4004:c21::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.winred.com/

Response headers

content-encoding: br
age: 84
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 22:54:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:54:32 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 59447
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gtm.winred.com
URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4be0h2v867905447z872410129za200zb72410129&_p=1731711350887&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=678929747.1731711352&ecid=1883561604&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1731711350887&sst.ude=0&_s=1&sid=1731711352&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&dt=Defending%20America%27s%20Future&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fdaf%2Fmagapriorities-promisingera-fs%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs&epn.load_time_sec=-1731711349.8&epn.event_fire_time=1731711351535&ep.event_uuid=89f419bc-72a3-4413-bc09-d6a3d726067d&ep.isVideoPage=f&ep.referrer=&tfd=2676&richsstsse

Domain: gtm.winred.com
URL: https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4be0h2v867905447z872410129za200zb72410129&_p=1731711350887&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=678929747.1731711352&ecid=1883561604&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.tft=1731711350887&sst.ude=0&_s=2&sid=1731711352&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs%2F%3Futm_source%3Dprospecting%26utm_medium%3Dha-email%26utm_campaign%3D20241112_e000438-daf_magapriorities-promisingera_fs%26utm_content%3Dfs%26money_pledge%3Dtrue%26amtposition%3D%26xuno%3D434d31303034%26utm_term%3Dionian%26xunv%3Dionian%26xutm%3D010124012%26amount%3D&dt=Defending%20America%27s%20Future&en=user%20session%20start&ep.pagepath=%2Fdaf%2Fmagapriorities-promisingera-fs%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fdaf%2Fmagapriorities-promisingera-fs&epn.load_time_sec=-1731711349.8&epn.event_fire_time=1731711351588&ep.event_uuid=417507b4-74f8-49e1-86b2-29376f023fb4&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=t&ep.usercategory=anonymous&_et=5&tfd=3184&richsstsse

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.revv.co/api/v3/users	1970-01-21 10:37:51	Name: rvid Value: f9e6de24-2c0d-46ef-9ddd-6f860af589bc
email.vervemail.com/	1970-01-21 01:11:56	Name: AWSALB Value: YYurK1fnjsYleFihTTra6hxniOaeWxwP/FgOTRgYYpU7VQkWyBgZwzrWsGNseslST78GZrdoBlLNWxTTJa56gJSxEmGnGHNhscfWlgUQrXgjzfna0kyuE9NI5TCN
email.vervemail.com/	1970-01-21 01:11:56	Name: AWSALBCORS Value: YYurK1fnjsYleFihTTra6hxniOaeWxwP/FgOTRgYYpU7VQkWyBgZwzrWsGNseslST78GZrdoBlLNWxTTJa56gJSxEmGnGHNhscfWlgUQrXgjzfna0kyuE9NI5TCN
secure.winred.com/	1969-12-31 23:59:59	Name: __production_revv_csrftoken Value: 1731711350%7CIWIV05ymd2mvTSjq%2BLnJ8dcLmv00yWqy3Jp7NWqVWhM%3D%7CrGs5tKdoM8XFHUBZR41XZvWOWPsuMFsf35h1yhNu1xY%3D
.winred.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: YXAwVVRrK3grRmYza1cvTTJRRXhqUDFDNDB0R3VERzNvNjFjM2NFUnduL3gyTXN1UW1Da2txNnlLSURUVmNnSXhXaXdBVmRuLzFQR2VUVVI4NWVOa24rV1p2dGR0V0xMRDlRQzAxdFByeEJiaW4yL1VqeEFYNllqQjJzTHJqdjI5VXVVcFJ0KzZybG9tanVEdzVBYWZQdkdQZ2JqamNpYTkrdmVZVHZTQjFDWWlNUVU0YndPUVYxOFVOTDVRK2t2U2Rub21xNUVFRDNWYkk2UlV4c3Q2VU9kbFIvYTJ0WFBWSGthOEFIa1NnelNSeUhyZjhCeG9ZWEoxS2tpa29mcFNGUXlWbUpRZm1CemsvaFczNFppWGlLMVBjOU5BL3IwSnpFK2F6UmV5UXc9LS03YlArQWx6RUhVbUNmNENRemZYdDdRPT0%3D--d63bc3bd91d3157ef404f177a9851deec9a503bc
.secure.winred.com/	1970-01-21 01:01:53	Name: __cf_bm Value: X_5I7R0lb3n4Wq5lnnlXJL721RvFOqWvXLSZ.JoDMIU-1731711350-1.0.1.1-vKtUS37sv5v8FF0SHQqta.DhIzjN6qxx7X8j4kqyyKke1HmTIGX1Ko49CCWgFPDE6BO_cPdw0mOnJ2P.b6wdww
secure.winred.com/	1969-12-31 23:59:59	Name: origin_url Value: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount=
.winred.com/	1970-01-21 03:11:27	Name: _gcl_au Value: 1.1.372736063.1731711352
.revv.co/	1969-12-31 23:59:59	Name: _revv_v3_session Value: b2M3blNiK3UrQTZLazFXTmpwSnVWajJzbkY1YkpqRnFjT0RTb0NveXJaa2lGMGZsK0l3aUlWT0JJZDVpdEJsRE5Vb21BeUZVWVIyemhhZWdkMitZdFE9PS0tR0k5aksvOUkxN0tpU3U2MEwxendkdz09--d8c39d712a855dd519041c288a50bacdcee8343d
.revv.co/	1970-01-21 01:01:53	Name: __cf_bm Value: 75UJa5JH8OnRY7o1D9JaHh43g2xXlz1bfGbDSoQRqYs-1731711352-1.0.1.1-6g6FRXb8YcxcBt6fGdgFSgid84.A54FzWPdkZe68_Ym19DbK1RcIAaVhRiQp9xoEPp1m7L852JfmAWsz8pVMOw
.secure.winred.com/	1970-01-21 09:47:27	Name: cf_clearance Value: Gx2Eeylzdz7yCN_RjBMsts1XtJpv1b_cq47F_G1klso-1731711352-1.2.1.1-ceIjEn244RqnswLMirS.8VCUIBQRX_b.y9.YtnzTMg8GU3REH26vkSq_64Q_1eHuSrE8djL8XlqLtDBm9ftH7ccVC9lHZrjReTpzl679t7e5Acr96MnZzPf3yl3wInPpCNqPk1HxPf3UmZGk8KbUUuAY.l0sDiX7I_QjWzrSWX1XB7eW5NUDK8qugXXDNMFHhLz5SbZDwG_BzGgPyCn_k3kIecl8V7pqXHgmUUK25UZ3Cq2wgyRGP0Qms0EwqbW3EZxDRNyxa1_fm49HeWRv91dB8SrT49y7RYv3YQYNT1cLjwnpePwv69v0iQQk3eLwpDwy.UH1dXZfAbXoLUDGPOYKUrlz3YHKmTloah6ZqHfocJwh5GbKaLWKT6nt5nHR
secure.winred.com/	1969-12-31 23:59:59	Name: sso_tries Value: 1
secure.winred.com/	1970-01-21 10:37:51	Name: rvid Value: f9e6de24-2c0d-46ef-9ddd-6f860af589bc
.winred.com/	1970-01-21 03:11:27	Name: _fbp Value: fb.1.1731711352440.263488733151245017
.winred.com/	1970-01-21 10:37:51	Name: _ga Value: GA1.2.678929747.1731711352
.winred.com/	1970-01-21 01:03:17	Name: _gid Value: GA1.2.2041506049.1731711353
.winred.com/	1970-01-21 01:01:51	Name: _dc_gtm_UA-73658561-7 Value: 1
.winred.com/	1970-01-21 10:37:51	Name: _ga_X6H0114PDF Value: GS1.1.1731711352.1.0.1731711353.0.0.1883561604
api2.hcaptcha.com/	1970-01-21 01:01:53	Name: __cflb Value: 0H28vk2VKwPbLoawFincekpozDKK5F2cXZcEKCPCW9s

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: [DOM] Found 2 elements with non-unique id #conduit_employer_name: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: [DOM] Found 2 elements with non-unique id #conduit_mobile_number: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: [DOM] Found 2 elements with non-unique id #conduit_not_employed: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: [DOM] Found 2 elements with non-unique id #conduit_occupation: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/daf/magapriorities-promisingera-fs/?utm_source=prospecting&utm_medium=ha-email&utm_campaign=20241112_e000438-daf_magapriorities-promisingera_fs&utm_content=fs&money_pledge=true&amtposition=&xuno=434d31303034&utm_term=ionian&xunv=ionian&xutm=010124012&amount= Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.revv.co
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
email.vervemail.com
gtm.winred.com
js.stripe.com
maps.googleapis.com
secure.winred.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
gtm.winred.com
13.33.252.59
13.33.252.77
2600:9000:20ed:8400:0:7d26:ee00:93a1
2606:4700::6810:4f49
2606:4700::6813:d359
2607:f8b0:4004:c17::64
2607:f8b0:4004:c17::93
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c21::5f
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
34.216.201.179
12df00f5267c754902e17148abce598ed0975b09d4923405f65dfe3711fa7afe
1a46b36ec6301f7bda40b07d288c844903e321bf24a9805145e8f0495d3a3f69
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9
2385766dbb389d5fb1e9f628a316878a6f2876c2afc3b0105dfdafe6d527a680
25da503c5fb14300cd0b0a6fc2316a0a2fe5c006ef7a430b6b5c60289d719001
2f9035e56bff7d7a0abc67a374da5941ad70d5cdbf9f737bc6d3efc302625180
340c43db400b9021d017d05a8762c48a04a328c38c7e300948dd92a7e807d892
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
3d26f703b71cf352eb1752ed851613e62cb0f0eb4a62c5cad9d75fe8ed4d1a88
4127a75a4fe04d7c1d711fc7b062eb63a8329d7e797eb4133fbf9c2610d75b5e
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b
6179a97385edd1da3ad09a748ae0a6c7cbec0d770fa3006d1a031bb84cb4fd22
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d49b7861309773775f3dfbf98e73033d12bb5fa7005f291e17f797fd56ac03d
71900da6364994b1b49a88fff946f4086cdecf81e053cde54f5e1cc498ac0163
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce829ba25bad492b899e5e7a741cfdae6fd9f687b5217f985ed4f3d475e03c77
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902
fcfef59ca5208729f3b4d54c6e7b979437dcf3e9ff0b61b02d9419e895eb4d35

secure.winred.com Open in urlscan Pro 2606:4700::6813:d359 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

93 %HTTPS

77 %IPv6

13 Domains

14 Subdomains

13 IPs

1 Countries

3806 kBTransfer

6592 kBSize

19 Cookies

10 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

93 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

13
IPs

1
Countries

3806 kB
Transfer

6592 kB
Size

19
Cookies

46 HTTP transactions
0 data transactions