urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
2606:4700:10::6814:443  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paracom.paramountcommunication.com/ct/54156212:sH_74KvNT:m:1:2199472947:5530AA4CB10D6344AE0AB36485A0C413:r
Effective URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Submission: On January 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 13 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6814:443, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 14th 2019. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.68.173.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-173-190.us-west-2.compute.amazonaws.com
paracom.paramountcommunication.com
7    2606:4700:10::6814:443 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.winred.com
4    52.222.158.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-127.fra53.r.cloudfront.net
js.stripe.com
6    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    52.222.158.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-80.fra53.r.cloudfront.net
d35ligi1n5bgzc.cloudfront.net
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:10::6814:543 (United States)

ASN13335 (CLOUDFLARENET, US)
app.revv.co
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
Domain Requested by
7 secure.winred.com secure.winred.com
6 maps.googleapis.com secure.winred.com
maps.googleapis.com
4 js.stripe.com secure.winred.com
js.stripe.com
2 maps.gstatic.com secure.winred.com
2 www.youtube.com secure.winred.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 d35ligi1n5bgzc.cloudfront.net secure.winred.com
1 app.revv.co secure.winred.com
1 www.google.de secure.winred.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com secure.winred.com
1 paracom.paramountcommunication.com 1 redirects
27 13

This site contains links to these domains. Also see Links.

Domain
winred.com
Subject Issuer Validity Valid
www.winred.com
DigiCert SHA2 Extended Validation Server CA		 2019-08-14 -
2020-09-30		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2019-11-08 -
2020-03-03		 4 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.revv.co
COMODO RSA Domain Validation Secure Server CA		 2018-10-01 -
2020-10-28		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Frame ID: 0BA7071BC20B8D9E5AA7FFB6987B2B44
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qoD_YusklDM
Frame ID: A89104193D918072EB64C034C709714D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qoD_YusklDM
Frame ID: 4C005085E93612E958487A6347F157DA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: CCE5776D656C29B208BBBA08C79FC7C5
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-8b24f4a437a463c797b8077d1b71b450.html
Frame ID: 013770A283071242F62324E10D18AAF0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-65ebd5816d389d404b96413b2c7cb6a2.html
Frame ID: DFFF0A277BFD0844E46F5A06BF8E1D02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paracom.paramountcommunication.com/ct/54156212:sH_74KvNT:m:1:2199472947:5530AA4CB10D6344AE0AB36485A0C413:r HTTP 302
    https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&u... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

27
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

10
IPs

3
Countries

1199 kB
Transfer

2356 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paracom.paramountcommunication.com/ct/54156212:sH_74KvNT:m:1:2199472947:5530AA4CB10D6344AE0AB36485A0C413:r HTTP 302
    https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1220591847&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ffloydmclendon%2Fcd2b1acdcb214bcbrr%2F%3Futm_campaign%3D20200122_2%26utm_medium%3Demail%26utm_source%3Dci&ul=en-us&de=UTF-8&dt=Support%20Floyd%20McLendon%20for%20Congress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=66537337&gjid=320668336&cid=1079934163.1579788424&tid=UA-73658561-7&_gid=2066308455.1579788424&_r=1&gtm=2wg181NTQZ9N&z=624651205 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_gid=2066308455.1579788424&gjid=320668336&_v=j79&z=624651205 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_v=j79&z=624651205 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_v=j79&z=624651205&slf_rd=1&random=1162571313

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/
Redirect Chain
  • http://paracom.paramountcommunication.com/ct/54156212:sH_74KvNT:m:1:2199472947:5530AA4CB10D6344AE0AB36485A0C413:r
  • https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3896c0873ba0122ac476372008991b18c1fde7afaaddeebe4055a4c66ab87456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.winred.com
:scheme
https
:path
/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 23 Jan 2020 14:07:03 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db126e9cc33884088435eea52d5b6f96b1579788423; expires=Sat, 22-Feb-20 14:07:03 GMT; path=/; domain=.secure.winred.com; HttpOnly; SameSite=Lax _revv_v3_session=Z25FdE1Yb3h1RFRRdkhlSEMwczE3ZGkzMEVmT2tFQkhobTV6MmtUbVFHcXRuRGdCQmFqVFkva0EvY3ovbUp0OCtLR2RwK2JjdkZXN293UDBJeEYyOEpnOEN6L01ZQW9aSkR4aVVOSUpDNi9CRHNGd1BnTHRBM1BQRStzV0gvcGZCV2RJKzY2K2pTZDJQTGFDSWFncUg4UVRmQ3M4YTI0bGplak5yQVVnRXhEMVFvdWpOaGt0MmhGd2xqOXdydzU4ZVdPVlJWKys2bHdadnk2Z3ZmMENITThEZE5KcFFMMHdJRTdOZjRWbGgyQzl0b1BuaXNFTnJtaWkvYUlLd1dmaFpUSkpacW9uVXJMMUVUTEdXYmNFVmw4cWUrWnFjVkl4cTlVQ0N6N0tBbUZPZ2E2QXh6aG13Q2hNbXlyMzhLUGIxUXoyVE10dlRXbTVBN3pYcHRSUWlBPT0tLWNIV0FXWFJ4Z1dVdFNUeS80Q1FCc1E9PQ%3D%3D--679e3e61cc94be54d1c7c699702bb732ecbfc1e8; domain=.winred.com; path=/; HttpOnly; Secure
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
x-revv-cache
Hit from Revv
x-request-id
1dcc9c1b-e678-446e-a90c-94d306435d8d
x-runtime
0.016856
x-rack-cors
miss; no-origin
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
cf-ray
559a54f0da7c64e5-FRA
content-encoding
br

Redirect headers

Date
Thu, 23 Jan 2020 14:07:03 GMT
Content-Type
text/html; charset=utf-8
Content-Length
3448
Connection
keep-alive
Set-Cookie
AWSALB=pqton+AeHdGguNMO5hIOKxlTy2u32Px9Nd02wx8geaVmm7F/48ObXOBetIbmwrMM7Kdc4h8NEc6AWW4utO+PP0o+LFzKwkMSf/p9jzwX5GGGPO4y/RFJuTIVAdNE; Expires=Thu, 30 Jan 2020 14:07:03 GMT; Path=/
Server
Apache
Vary
X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver
1.4.0.0
Cache-Control
no-cache
Pragma
no-cache
Location
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Content-Encoding
gzip
/
js.stripe.com/v3/ 		155 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.158.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-127.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
054dbc9cae00d6a752e5633c067aec87f30b767b6af36fbcb289994d29078cdd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 13:59:38 GMT
content-encoding
gzip
age
147
x-cache
Hit from cloudfront
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Wed, 22 Jan 2020 20:49:53 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 ec27b2a550cb7db6ef54f74603010b29.cloudfront.net (CloudFront)
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA53
timing-allow-origin
*
x-amz-cf-id
pkVsspSVm5Cq7iw_0ayh4lEzQ6BezGQNjVmktMoo8ww5XBL6Ls2Gag==
landing_page-eb1daa1b07b83127479e6a3a13d37204ef3bc4508da3665833bc01cddd792646.css
secure.winred.com/assets/ 		196 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/landing_page-eb1daa1b07b83127479e6a3a13d37204ef3bc4508da3665833bc01cddd792646.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6307556b4f65e706cfbc6a6f052c6a9aadff5d98237c413ac1b7a219242f7e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
682645
cf-polished
origSize=203679
access-control-expose-headers
ETag
status
200
cf-bgj
minify
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 11 Dec 2019 00:33:47 GMT
server
cloudflare
etag
W/"5df0396b-7568"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
559a54f1db6264e5-FRA
expires
Sun, 20 Jan 2030 14:07:04 GMT
1579721320.css
secure.winred.com/stylesheets/rv_page_q2TjQPJR9xKazaqbSMHCxkqo/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/stylesheets/rv_page_q2TjQPJR9xKazaqbSMHCxkqo/1579721320.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb921df6eb9c1618bc430819b4fc9b7114990c10ed556acfac856b3ca6de7f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-rack-cors
miss; no-origin
date
Thu, 23 Jan 2020 14:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=31536000; includeSubdomains; preload
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c46310b6-ae91-4a42-ae2e-b91746ec5583
x-runtime
0.018473
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=31556952
cf-ray
559a54f1db6364e5-FRA
expires
Fri, 22 Jan 2021 19:56:16 GMT
js
maps.googleapis.com/maps/api/ 		120 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
8981d58bf7262fac87eaa9d5c88ed114244e9292274a4e639137844a58e8d2fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=33
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39566
x-xss-protection
0
expires
Thu, 23 Jan 2020 14:37:04 GMT
application-landing-page-caf0126799f3c4f119f588cbf9b36ed43bda7f544d350636f86de12ead2a56c7.js
secure.winred.com/assets/ 		499 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/application-landing-page-caf0126799f3c4f119f588cbf9b36ed43bda7f544d350636f86de12ead2a56c7.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892ba9466a2f8468275d580cd6fe263ddc9727333f44e0c9e25c4284a44818f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
682644
cf-polished
origSize=510947
access-control-expose-headers
ETag
status
200
cf-bgj
minify
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 15 Jan 2020 16:22:36 GMT
server
cloudflare
etag
W/"5e1f3c4c-2387f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
559a54f1eb6564e5-FRA
expires
Sun, 20 Jan 2030 14:07:03 GMT
floyd.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/018/000/square/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/018/000/square/floyd.jpg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.158.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-80.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e250e143863fad48e71344985beec0f382e89d665fc0562ff50e4d0fe09ed1c

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:05 GMT
via
1.1 ec27b2a550cb7db6ef54f74603010b29.cloudfront.net (CloudFront)
etag
"e1f9fde5033c227536eab7fdcc3eddc7"
last-modified
Wed, 21 Aug 2019 20:07:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-version-id
LRH5rx5Ru7UNCrHAOoXOjY.tya6gxkYB
status
200
accept-ranges
bytes
content-type
image/jpeg
content-length
12024
x-amz-cf-id
Lg53DpfwcvLXCfSX1_Pci4-oJbyznkSm32oSC_-5JHYuQH6swknPiA==
win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6a847acb3c048136186ffe81a0d68f43e7e26d90d8ea10dc93031d51449795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
682642
cf-polished
origFmt=png, origSize=11635
access-control-expose-headers
ETag
status
200
content-disposition
inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
cf-bgj
imgq:85
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
8566
last-modified
Wed, 20 Nov 2019 19:57:50 GMT
server
cloudflare
etag
"5dd59abe-2d73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
image/webp
vary
Accept
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
559a54f1eb6664e5-FRA
expires
Sun, 20 Jan 2030 14:07:04 GMT
win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 		19 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
682645
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Sun, 20 Jan 2030 14:07:04 GMT
last-modified
Fri, 22 Nov 2019 02:28:29 GMT
server
cloudflare
etag
W/"5dd747cd-1e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
559a54f20b9264e5-FRA
access-control-expose-headers
ETag
gtm.js
www.googletagmanager.com/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce9b7b98c55bcf6f24be1f290812b743895b78f761f55ca3d5d07c3f7a9c1d98
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
content-encoding
br
last-modified
Thu, 23 Jan 2020 12:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28971
x-xss-protection
0
expires
Thu, 23 Jan 2020 14:07:04 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5611
date
Thu, 23 Jan 2020 12:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 23 Jan 2020 14:33:33 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1220591847&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ffloydmclendon%2Fcd2b1acdcb214bcbrr%2F%3Futm_campaign%3D20200122_2%26utm_mediu...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_gid=2066308455.1579788424&gjid=320668336&_v=j79&z=624651205
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_v=j79&z=624651205
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_v=j79&z=624651205&slf_rd=1&random=1162571313
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_v=j79&z=624651205&slf_rd=1&random=1162571313
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jan 2020 14:07:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jan 2020 14:07:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=1079934163.1579788424&jid=66537337&_v=j79&z=624651205&slf_rd=1&random=1162571313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qoD_YusklDM
www.youtube.com/embed/ Frame A891 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/qoD_YusklDM
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/qoD_YusklDM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
date
Thu, 23 Jan 2020 14:07:04 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=iaI_D7RhLxs; path=/; domain=.youtube.com; secure; expires=Tue, 21-Jul-2020 14:07:04 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=iaI_D7RhLxs; path=/; domain=.youtube.com; secure; expires=Tue, 21-Jul-2020 14:07:04 GMT; httponly; samesite=None YSC=9oruluO1xUk; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 23-Jan-2020 14:37:04 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qoD_YusklDM
www.youtube.com/embed/ Frame 4C00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/qoD_YusklDM
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/qoD_YusklDM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci

Response headers

status
200
cache-control
no-cache
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
date
Thu, 23 Jan 2020 14:07:04 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=D87BDeKXC7o; path=/; domain=.youtube.com; secure; expires=Tue, 21-Jul-2020 14:07:04 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=D87BDeKXC7o; path=/; domain=.youtube.com; secure; expires=Tue, 21-Jul-2020 14:07:04 GMT; httponly; samesite=None YSC=6_OGfLRyP78; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 23-Jan-2020 14:37:04 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
outer.html
js.stripe.com/v2/m/ Frame CCE5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.158.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-127.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
718
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
date
Thu, 23 Jan 2020 14:03:45 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
x-cache
Hit from cloudfront
via
1.1 ec27b2a550cb7db6ef54f74603010b29.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53
x-amz-cf-id
BQvIU3ZN5hA0R9AF2bRfrNSawbM1I3G8catw28gDnDoYO2r8YGOYzQ==
age
202
Dallas-Skyline-for-web.jpg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/026/404/large/ 		713 KB
714 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/026/404/large/Dallas-Skyline-for-web.jpg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-caf0126799f3c4f119f588cbf9b36ed43bda7f544d350636f86de12ead2a56c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.158.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-80.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71ac80f3310c4f80fdc0080a28f6f836aad2cf4bd5a1dae213df28655e3eae76

Request headers

Referer
https://secure.winred.com/stylesheets/rv_page_q2TjQPJR9xKazaqbSMHCxkqo/1579721320.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:05 GMT
via
1.1 ec27b2a550cb7db6ef54f74603010b29.cloudfront.net (CloudFront)
etag
"3fe68ebc8e5999e601fd9270263319db"
last-modified
Tue, 17 Dec 2019 18:10:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-version-id
_IVHAcQ5r_K3j0uqbdJzUgXqc2fsKm9D
status
200
accept-ranges
bytes
content-type
image/jpeg
content-length
729612
x-amz-cf-id
IceqFsgOy2rn9_0QPVA7_mre_CaxDXV1g-FPNyxcFzGa10GE_UKK-Q==
icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ 		290 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-caf0126799f3c4f119f588cbf9b36ed43bda7f544d350636f86de12ead2a56c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/assets/landing_page-eb1daa1b07b83127479e6a3a13d37204ef3bc4508da3665833bc01cddd792646.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
45171
cf-polished
origFmt=png, origSize=560
access-control-expose-headers
ETag
status
200
content-disposition
inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
cf-bgj
imgq:85
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
290
last-modified
Fri, 22 Nov 2019 02:29:01 GMT
server
cloudflare
etag
"5dd747ed-230"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
image/webp
vary
Accept
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
559a54f31c6764e5-FRA
expires
Sun, 20 Jan 2030 14:07:04 GMT
controller-8b24f4a437a463c797b8077d1b71b450.html
js.stripe.com/v3/ Frame 0137 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-8b24f4a437a463c797b8077d1b71b450.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.158.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-127.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-8b24f4a437a463c797b8077d1b71b450.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci

Response headers

status
200
content-type
text/html; charset=utf-8
last-modified
Wed, 22 Jan 2020 19:18:33 GMT
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
date
Thu, 23 Jan 2020 14:07:04 GMT
cache-control
public, max-age=300
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ec27b2a550cb7db6ef54f74603010b29.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53
x-amz-cf-id
PODJHXRbPyclcEf8Zge4KyKaugFr87YulIBT2P7PLe-vet3ImS_ycA==
elements-inner-card-65ebd5816d389d404b96413b2c7cb6a2.html
js.stripe.com/v3/ Frame DFFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-65ebd5816d389d404b96413b2c7cb6a2.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.158.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-127.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/elements-inner-card-65ebd5816d389d404b96413b2c7cb6a2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci

Response headers

status
200
content-type
text/html; charset=utf-8
last-modified
Wed, 22 Jan 2020 19:18:33 GMT
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
date
Thu, 23 Jan 2020 14:05:55 GMT
cache-control
public, max-age=300
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ec27b2a550cb7db6ef54f74603010b29.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53
x-amz-cf-id
mLpqSZpVGyM717G_pW13g3eS0rXwNplm2DpODr9W9R_OR4x2EM8gyA==
age
163
current_with_info
app.revv.co/api/v3/users/ 		162 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-caf0126799f3c4f119f588cbf9b36ed43bda7f544d350636f86de12ead2a56c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f9205746da59f0dc37dff2aaaed3fdcc26d36b1b559d0e4121e4c10ed811d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Origin
https://secure.winred.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin
https://secure.winred.com
date
Thu, 23 Jan 2020 14:07:04 GMT
x-rack-cors-original-access-control-max-age
0
x-rack-cors-original-access-control-allow-credentials
true
cf-cache-status
DYNAMIC
x-rack-cors-original-access-control-allow-methods
GET, POST, OPTIONS
status
200
access-control-max-age
0
x-rack-cors-original-access-control-expose-headers
content-encoding
br
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id
0a01b1be-9090-4b42-a635-b23a411532d6
x-runtime
0.006629
server
cloudflare
etag
W/"a2f9205746da59f0dc37dff2aaaed3fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.api+json
access-control-allow-origin
https://secure.winred.com
vary
Origin
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
559a54f3cabcd725-FRA
x-rack-cors
hit
x-content-type-options
nosniff
access-control-expose-headers
common.js
maps.googleapis.com/maps-api-v3/api/js/39/8/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/39/8/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79058ae2e319811d125916b1c3d79309c3bb5c53fc272ee7c0c4691296ca10d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 01:48:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 23:07:51 GMT
server
sffe
age
44335
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28837
x-xss-protection
0
expires
Fri, 22 Jan 2021 01:48:09 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/39/8/ 		142 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/39/8/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0d7bb5d10bcd52ba12828db0cb6de8551f1ca43e743090bc81f373ea60624e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 01:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 23:07:51 GMT
server
sffe
age
44326
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
53704
x-xss-protection
0
expires
Fri, 22 Jan 2021 01:48:18 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/39/8/ 		209 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/39/8/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be236ba85b5ec723c88c0040fd86a45521bc0c1e6b48cca5ffb45032eb19d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 01:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 23:07:51 GMT
server
sffe
age
44233
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57545
x-xss-protection
0
expires
Fri, 22 Jan 2021 01:49:51 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/39/8/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/39/8/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16cdd1dfbdc908b52038348331c79ca4350810ce244611d71d420593f12e54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 01:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 23:07:51 GMT
server
sffe
age
43806
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16127
x-xss-protection
0
expires
Fri, 22 Jan 2021 01:56:58 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
access-control-allow-origin
*
content-type
image/png
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1616
x-xss-protection
0
expires
Thu, 23 Jan 2020 14:07:04 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 14:07:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
access-control-allow-origin
*
content-type
image/png
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3351
x-xss-protection
0
expires
Thu, 23 Jan 2020 14:07:04 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fsecure.winred.com%2Ffloydmclendon%2Fcd2b1acdcb214bcbrr%2F%3Futm_campaign%3D20200122_2%26utm_medium%3Demail%26utm_source%3Dci&4sAIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&callback=_xdc_._mz72zb&key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&token=78534
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/39/8/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
5ca2308a0187df13d408de126a20f47714dff091518ea48316bc192ab280915d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jan 2020 14:07:09 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=37
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Stripe object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| BestInPlaceEditor function| $ function| jQuery object| jQuery112408087267605558042 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass function| Cookies object| App object| picturefillCFG function| picturefill function| gm_authFailure function| tmpl object| ActionCable object| antiClickjack object| __e3_ object| _xdc_

13 Cookies

Domain/Path Name / Value
secure.winred.com/ Name: sso_tries
Value: 1
secure.winred.com/ Name: rvid
Value: 0a60e193-4dc2-4b35-86fe-dfe603b4c635
.youtube.com/ Name: YSC
Value: 6_OGfLRyP78
.secure.winred.com/ Name: __stripe_sid
Value: 5cbb4c06-07f8-4c76-ba88-51aa8b46f971
.secure.winred.com/ Name: __stripe_mid
Value: 91be1433-e0a1-4cde-96d2-f1273c548078
.winred.com/ Name: _gat_UA-73658561-7
Value: 1
.youtube.com/ Name: GPS
Value: 1
.winred.com/ Name: _gid
Value: GA1.2.2066308455.1579788424
secure.winred.com/ Name: origin_url
Value: https://secure.winred.com/floydmclendon/cd2b1acdcb214bcbrr/?utm_campaign=20200122_2&utm_medium=email&utm_source=ci
.winred.com/ Name: _ga
Value: GA1.2.1079934163.1579788424
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: D87BDeKXC7o
.winred.com/ Name: _revv_v3_session
Value: Z25FdE1Yb3h1RFRRdkhlSEMwczE3ZGkzMEVmT2tFQkhobTV6MmtUbVFHcXRuRGdCQmFqVFkva0EvY3ovbUp0OCtLR2RwK2JjdkZXN293UDBJeEYyOEpnOEN6L01ZQW9aSkR4aVVOSUpDNi9CRHNGd1BnTHRBM1BQRStzV0gvcGZCV2RJKzY2K2pTZDJQTGFDSWFncUg4UVRmQ3M4YTI0bGplak5yQVVnRXhEMVFvdWpOaGt0MmhGd2xqOXdydzU4ZVdPVlJWKys2bHdadnk2Z3ZmMENITThEZE5KcFFMMHdJRTdOZjRWbGgyQzl0b1BuaXNFTnJtaWkvYUlLd1dmaFpUSkpacW9uVXJMMUVUTEdXYmNFVmw4cWUrWnFjVkl4cTlVQ0N6N0tBbUZPZ2E2QXh6aG13Q2hNbXlyMzhLUGIxUXoyVE10dlRXbTVBN3pYcHRSUWlBPT0tLWNIV0FXWFJ4Z1dVdFNUeS80Q1FCc1E9PQ%3D%3D--679e3e61cc94be54d1c7c699702bb732ecbfc1e8
.secure.winred.com/ Name: __cfduid
Value: db126e9cc33884088435eea52d5b6f96b1579788423

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.revv.co
d35ligi1n5bgzc.cloudfront.net
js.stripe.com
maps.googleapis.com
maps.gstatic.com
paracom.paramountcommunication.com
secure.winred.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
2606:4700:10::6814:443
2606:4700:10::6814:543
2a00:1450:4001:800::200e
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:814::2008
2a00:1450:4001:814::200e
2a00:1450:4001:820::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9c
52.222.158.127
52.222.158.80
54.68.173.190
054dbc9cae00d6a752e5633c067aec87f30b767b6af36fbcb289994d29078cdd
1e250e143863fad48e71344985beec0f382e89d665fc0562ff50e4d0fe09ed1c
3896c0873ba0122ac476372008991b18c1fde7afaaddeebe4055a4c66ab87456
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
5ca2308a0187df13d408de126a20f47714dff091518ea48316bc192ab280915d
71ac80f3310c4f80fdc0080a28f6f836aad2cf4bd5a1dae213df28655e3eae76
79058ae2e319811d125916b1c3d79309c3bb5c53fc272ee7c0c4691296ca10d2
7c6a847acb3c048136186ffe81a0d68f43e7e26d90d8ea10dc93031d51449795
892ba9466a2f8468275d580cd6fe263ddc9727333f44e0c9e25c4284a44818f1
8981d58bf7262fac87eaa9d5c88ed114244e9292274a4e639137844a58e8d2fe
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
a2f9205746da59f0dc37dff2aaaed3fdcc26d36b1b559d0e4121e4c10ed811d8
a6307556b4f65e706cfbc6a6f052c6a9aadff5d98237c413ac1b7a219242f7e6
cb921df6eb9c1618bc430819b4fc9b7114990c10ed556acfac856b3ca6de7f60
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce9b7b98c55bcf6f24be1f290812b743895b78f761f55ca3d5d07c3f7a9c1d98
d16cdd1dfbdc908b52038348331c79ca4350810ce244611d71d420593f12e54a
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7bb5d10bcd52ba12828db0cb6de8551f1ca43e743090bc81f373ea60624e6
f3be236ba85b5ec723c88c0040fd86a45521bc0c1e6b48cca5ffb45032eb19d7