Submitted URL: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4g...
Effective URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAd...
Submission: On October 16 via api from IE

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 36 HTTP transactions. The main IP is 2606:4700::6811:87b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is info.tradewindsnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.
This is the only time info.tradewindsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
36 16
Domain Requested by
12 info.tradewindsnews.com www.nhstglobal.com
info.tradewindsnews.com
3 track.hubspot.com
3 www.google-analytics.com info.tradewindsnews.com
www.google-analytics.com
2 www.facebook.com
2 connect.facebook.net js.hsadspixel.net
connect.facebook.net
2 cdn2.hubspot.net info.tradewindsnews.com
2 www.nhstglobal.com 1 redirects
1 forms.hsforms.com
1 api.hubapi.com js.hsadspixel.net
1 forms.hubspot.com js.hscollectedforms.net
1 js.hs-analytics.net info.tradewindsnews.com
1 js.hsadspixel.net info.tradewindsnews.com
1 js.hscollectedforms.net info.tradewindsnews.com
1 js.hs-banner.com info.tradewindsnews.com
1 www.google.de info.tradewindsnews.com
1 www.google.com info.tradewindsnews.com
1 stats.g.doubleclick.net www.google-analytics.com
1 app.hubspot.com info.tradewindsnews.com
36 18

This site contains links to these domains. Also see Links.

Domain
www.tradewindsnews.com
www.linkedin.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
www.nhstglobal.com
Cloudflare Inc ECC CA-3
2020-07-21 -
2021-07-21
a year crt.sh
info.tradewindsnews.com
Cloudflare Inc ECC CA-3
2020-07-21 -
2021-07-21
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3
2020-07-03 -
2021-07-03
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2020-07-27 -
2021-07-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
www.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
www.google.de
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-03 -
2021-08-03
a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2020-07-03 -
2021-07-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-09-11 -
2020-12-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Frame ID: 6BF240085F0F13E11098D9F7CB75FEEB
Requests: 36 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4... Page URL
  2. https://www.nhstglobal.com/events/public/v1/track/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV... HTTP 307
    https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBt... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

36
Requests

100 %
HTTPS

100 %
IPv6

16
Domains

18
Subdomains

16
IPs

4
Countries

408 kB
Transfer

1295 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR3tTKSJW3qbYjB1z6b8GW5MBWYM2Rg-9bW8lv5Q88-NJvyW88c7Zw5YW3mGW2NdDfs50LzwgW3p-Grn7L0jwGW8j8SPF1Gb4JnW2DVyS83k8qpKVDnyJw243qNxW6s6pGX2h1rgSV_D4y74fgPN138hk1 Page URL
  2. https://www.nhstglobal.com/events/public/v1/track/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR3tTKSJW3qbYjB1z6b8GW5MBWYM2Rg-9bW8lv5Q88-NJvyW88c7Zw5YW3mGW2NdDfs50LzwgW3p-Grn7L0jwGW8j8SPF1Gb4JnW2DVyS83k8qpKVDnyJw243qNxW6s6pGX2h1rgSV_D4y74fgPN138hk1?_ud=b1ec043f-e277-45a9-9881-df8fc4a4720f&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR...
www.nhstglobal.com/e2t/tc/
8 KB
2 KB
Document
General
Full URL
https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR3tTKSJW3qbYjB1z6b8GW5MBWYM2Rg-9bW8lv5Q88-NJvyW88c7Zw5YW3mGW2NdDfs50LzwgW3p-Grn7L0jwGW8j8SPF1Gb4JnW2DVyS83k8qpKVDnyJw243qNxW6s6pGX2h1rgSV_D4y74fgPN138hk1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca79795a766e55f6d315b68d03dad35fad5c0d91268d91bbfb6a72649848ee51

Request headers

:method
GET
:authority
www.nhstglobal.com
:scheme
https
:path
/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR3tTKSJW3qbYjB1z6b8GW5MBWYM2Rg-9bW8lv5Q88-NJvyW88c7Zw5YW3mGW2NdDfs50LzwgW3p-Grn7L0jwGW8j8SPF1Gb4JnW2DVyS83k8qpKVDnyJw243qNxW6s6pGX2h1rgSV_D4y74fgPN138hk1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 16 Oct 2020 18:51:17 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d296cb08a1c80fcf470760395d1b32e741602874277; expires=Sun, 15-Nov-20 18:51:17 GMT; path=/; domain=.www.nhstglobal.com; HttpOnly; SameSite=Lax __cfruid=ec908f21bf8716cb8e613e23b90cd62e61aa6451-1602874277; path=/; domain=.www.nhstglobal.com; HttpOnly; Secure; SameSite=None
cf-ray
5e33f868dfdd639b-FRA
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
05d45995890000639bd11d9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
server
cloudflare
content-encoding
br
Primary Request confirm-your-email
info.tradewindsnews.com/
Redirect Chain
  • https://www.nhstglobal.com/events/public/v1/track/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-q...
  • https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_co...
18 KB
5 KB
Document
General
Full URL
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Requested by
Host: www.nhstglobal.com
URL: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR3tTKSJW3qbYjB1z6b8GW5MBWYM2Rg-9bW8lv5Q88-NJvyW88c7Zw5YW3mGW2NdDfs50LzwgW3p-Grn7L0jwGW8j8SPF1Gb4JnW2DVyS83k8qpKVDnyJw243qNxW6s6pGX2h1rgSV_D4y74fgPN138hk1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
6d9264ffe2e36530ca7588c72d576a87b56410e7d7e55004e72e237ad38a8385
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
info.tradewindsnews.com
:scheme
https
:path
/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR3tTKSJW3qbYjB1z6b8GW5MBWYM2Rg-9bW8lv5Q88-NJvyW88c7Zw5YW3mGW2NdDfs50LzwgW3p-Grn7L0jwGW8j8SPF1Gb4JnW2DVyS83k8qpKVDnyJw243qNxW6s6pGX2h1rgSV_D4y74fgPN138hk1

Response headers

status
200
date
Fri, 16 Oct 2020 18:51:18 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=dba1d52067acde6b226b5a75bd97f13e31602874277; expires=Sun, 15-Nov-20 18:51:17 GMT; path=/; domain=.info.tradewindsnews.com; HttpOnly; SameSite=Lax __cfruid=60b6bcfb7c1fbfee9d004f319ea6727f322da7b5-1602874278; path=/; domain=.info.tradewindsnews.com; HttpOnly; Secure; SameSite=None
cf-ray
5e33f86a9a266455-FRA
cache-control
s-maxage=7200,max-age=5
link
</hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/combined-css-976cbfd2551039f94d5867c4131c78bb.css>; rel=preload; as=style, </_hcms/forms/v2.js>; rel=preload; as=script, </hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>; rel=preload; as=script
strict-transport-security
max-age=0
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
05d45996a5000064551919c000000001
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-5767056861,P-1545457,L-5762403800,E-3251312396,E-5756965896,PGS-ALL,SW-0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-content-campaign-id
55486002-c88e-49ec-a8ed-1be1e3828349
x-hs-content-id
5767056861
x-hs-hub-id
1545457
x-powered-by
HubSpot
x-trace
2B442DA47C13675B28FBEEDE83D29C32FB4976EA1B000000000000000000
server
cloudflare
content-encoding
br
cf-h2-pushed
</hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/combined-css-976cbfd2551039f94d5867c4131c78bb.css>,</_hcms/forms/v2.js>,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>

Redirect headers

status
307
date
Fri, 16 Oct 2020 18:51:17 GMT
location
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
cf-ray
5e33f869380e639b-FRA
link
<https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
05d45995c20000639bd61ee000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
server
cloudflare
combined-css-976cbfd2551039f94d5867c4131c78bb.css
info.tradewindsnews.com/hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/
39 KB
6 KB
Stylesheet
General
Full URL
https://info.tradewindsnews.com/hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/combined-css-976cbfd2551039f94d5867c4131c78bb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7957a64e6da96171854370ac4448930e11caffd8460e8a37cd3e205c7d90699

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
status
200
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
2680DF5B9BE8007C
x-amz-id-2
UC1LRK+h8swYrlXhGUZjD5z7KbyTV8NmuwTciNt027Tcq94sEhWnYWFZi52DCkJlcrngGpKUy+g=
last-modified
Tue, 16 Jun 2020 00:54:31 GMT
server
cloudflare
etag
W/"976cbfd2551039f94d5867c4131c78bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
S_qNVD.4LlIwOVB1wXnJkTdnAyEfXwtp
cf-request-id
05d4599c1f000064554683d000000001
cf-ray
5e33f8735d516455-FRA
x-amz-cf-id
optGo_5TyQ86J4eE1xrc_iEMY81iGCKaSLxOfy7sHbyD72Ec7l6LKQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
v2.js
info.tradewindsnews.com/_hcms/forms/
472 KB
117 KB
Script
General
Full URL
https://info.tradewindsnews.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a10c1f5d82f21d724f45b8fe8d90be175ca8b321efa5ee71888cbe540060ca

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 2af881fc3dba7aadc69b3ca00dd6e9e6.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
IAD66-C2
x-amz-server-side-encryption
AES256
cf-ray
5e33f8735d526455-FRA
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
05d4599c22000064554683e000000001
last-modified
Thu, 15 Oct 2020 02:32:44 UTC
server
cloudflare
etag
W/"a442134e9b64c42c15f1ed8e6a94aefd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
yjyeVe_DCYhRLr8umQt3KURdr9unA.5k
cache-control
s-maxage=600, max-age=0
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
x-amz-cf-id
uNPA6eepaN812cP5diBlbiOpOw1hv1JooR1cJkc103yICY3TzwVO5Q==
index.js
info.tradewindsnews.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/
10 KB
4 KB
Script
General
Full URL
https://info.tradewindsnews.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:18 GMT
via
1.1 316ff1e97338bc9bbb335af58b00d0ab.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
27660
x-amz-server-side-encryption
AES256
cf-ray
5e33f8735d536455-FRA
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
05d4599c1f00006455191d8000000001
last-modified
Mon, 14 Sep 2020 20:19:23 GMT
server
cloudflare
etag
W/"e669ca94e2fffafc96a88184dda30834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
RcBG9DPSu_6ZVzKnktPJ4cTzKi_y_4VM
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
hRIF20EsQwRS8lO-4hzgR4w7T1L0yAd9nE9bsqg1ALrj_VKXjh5K8w==
jquery-1.11.2.js
info.tradewindsnews.com/hs/hsstatic/jquery-libs/static-1.4/jquery/
94 KB
32 KB
Script
General
Full URL
https://info.tradewindsnews.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 6558ca49ea7de7f93b4e2fdd32251fcf.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
27659
cf-ray
5e33f8738d636455-FRA
x-cache
Hit from cloudfront
status
200
content-encoding
br
cf-request-id
05d4599c3f000064551f38f000000001
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
server
cloudflare
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
jNw2QBEyN8lk8nnSrrs6KHHG-R4OrkSY6teSbODB_d_D7NFfsrfznw==
tradewinds-logo.svg
info.tradewindsnews.com/hubfs/TradeWinds/Logos/
4 KB
2 KB
Image
General
Full URL
https://info.tradewindsnews.com/hubfs/TradeWinds/Logos/tradewinds-logo.svg
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18030a729f2aa5467d65b9668378358416ab21098db1573da48b93cd29fb04bb

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-3984220565,P-1545457,FLS-ALL
age
15839
edge-cache-tag
F-3984220565,P-1545457,FLS-ALL
status
200
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
0498E6BA848EB1CE
cf-request-id
05d4599ce10000645538966000000001
x-amz-id-2
Q2MWs8UOH8kjS+hLlBLjUiWC1MIxrzd2nrP5rayUQth6S2eYuk+YNao0wpVLQ3BYVAW88lsNOf8=
last-modified
Wed, 20 Mar 2019 09:28:52 GMT
server
cloudflare
etag
W/"52ad16768831c3513b9b4f7c10c685ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
syIX1s.1Gg1wNYHXjuArJVcAMo1eD3mV
x-amz-cf-pop
DUS51-C1
cf-ray
5e33f8749db96455-FRA
x-amz-cf-id
dQx3B2Q7FK_1rPrCdWnedF_aZaiOEVcSv8mKiEYwk4wPG6vZLu_6Ng==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
linkedin2018_25px.png
info.tradewindsnews.com/hs-fs/hubfs/TradeWinds/SoMe%202018/
268 B
698 B
Image
General
Full URL
https://info.tradewindsnews.com/hs-fs/hubfs/TradeWinds/SoMe%202018/linkedin2018_25px.png?width=27&name=linkedin2018_25px.png
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595a818dee6276e188af63c36a468ff9e80f87d932ca9181247abd2604a0907b

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 9b097dfab92228268a37145aac5629c1.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
15840
cf-polished
origFmt=png, origSize=373
edge-cache-tag
F-5592504548,FD-5592133532,P6U2j,FLS
status
200
content-disposition
inline; filename="linkedin2018_25px.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-length
268
cf-request-id
05d4599d0b00006455411e6000000001
x-cache
RefreshHit from cloudfront
last-modified
Wed, 20 Mar 2019 09:30:17 GMT
server
cloudflare
etag
"86701884f0e9f017a4860d079bf26ac8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
cf-ray
5e33f874ddca6455-FRA
x-amz-cf-id
NX8sL4KRJ_8sx0b7kOKjf9qGysCF1Mjpcnn6NGMrz6c4W5dUvxyMMg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
facebook2018_25px.png
info.tradewindsnews.com/hs-fs/hubfs/TradeWinds/SoMe%202018/
208 B
649 B
Image
General
Full URL
https://info.tradewindsnews.com/hs-fs/hubfs/TradeWinds/SoMe%202018/facebook2018_25px.png?width=25&name=facebook2018_25px.png
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6211f10b2004b54263db0bbab0bab6507c36f652993f61369e107e0c9ccb6280

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
15840
cf-polished
origFmt=png, origSize=302
edge-cache-tag
F-5592133970,FD-5592133532,P6U2j,FLS
status
200
content-disposition
inline; filename="facebook2018_25px.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-length
208
cf-request-id
05d4599d36000064551f396000000001
x-cache
RefreshHit from cloudfront
last-modified
Wed, 20 Mar 2019 09:30:09 GMT
server
cloudflare
etag
"bbb3106d47d6c69670f0eb3cc741bec8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
cf-ray
5e33f8752dda6455-FRA
x-amz-cf-id
Ox0QlaYKy1-VHk3f2AlxvxN7F0N6wiC0ndJZYKqspBP_Ggp0sPdA0w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
twitter2018_25px.png
info.tradewindsnews.com/hs-fs/hubfs/TradeWinds/SoMe%202018/
316 B
762 B
Image
General
Full URL
https://info.tradewindsnews.com/hs-fs/hubfs/TradeWinds/SoMe%202018/twitter2018_25px.png?width=30&name=twitter2018_25px.png
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7204a0030be3eded90bf21ad1e4e8e35dbe658a84b252607a9b25387e385f2e

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 b4346add631a498bf6cdbf88cbc5ff13.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
16314
cf-polished
origFmt=png, origSize=485
edge-cache-tag
F-5592133980,FD-5592133532,P6U2j,FLS
status
200
content-disposition
inline; filename="twitter2018_25px.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-length
316
cf-request-id
05d4599d3600006455411e7000000001
x-cache
RefreshHit from cloudfront
last-modified
Wed, 20 Mar 2019 09:30:19 GMT
server
cloudflare
etag
"565e106ec4b9b6f19903850d1e92c08b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
cf-ray
5e33f8752ddc6455-FRA
x-amz-cf-id
aQ7LyHtUzjXwY634RONKhHbCOiXvx6B2nVvLEnFrzdNzx7GzKb0-WQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
1545457.js
info.tradewindsnews.com/hs/scriptloader/
2 KB
675 B
Script
General
Full URL
https://info.tradewindsnews.com/hs/scriptloader/1545457.js
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01239f794960895685fc4a12609549baba5d1ac2d845570816a3207d1b7959e

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2BA9D10D242A46ED66BCDEE5B57DE2EE30B18F2DFF000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=60
access-control-allow-credentials
false
cf-ray
5e33f8753de26455-FRA
cf-request-id
05d4599d430000645518937000000001
expires
Fri, 16 Oct 2020 18:52:19 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3714
date
Fri, 16 Oct 2020 17:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 16 Oct 2020 19:49:25 GMT
flamabold-webfont.woff
cdn2.hubspot.net/hubfs/1545457/Fonts/
29 KB
30 KB
Font
General
Full URL
https://cdn2.hubspot.net/hubfs/1545457/Fonts/flamabold-webfont.woff
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/combined-css-976cbfd2551039f94d5867c4131c78bb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdecc35eebbb50f533848f419ba3a315047ea518c9ffe01af79a5fac49598bde

Request headers

Origin
https://info.tradewindsnews.com
Referer
https://info.tradewindsnews.com/hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/combined-css-976cbfd2551039f94d5867c4131c78bb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 a57d5819527c444e16b1875e3bd28970.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-3782529444,P-1545457,FLS-ALL
age
27657
edge-cache-tag
F-3782529444,P-1545457,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
4059812D520F7A67
cf-request-id
05d4599d560000073ea3a04000000001
x-amz-id-2
RGPzmqtMcZ1BoembgSHyB3p6tZvGUANclzxK0rdDt6A7ln7KXtOCSWJzs/V/c6lpHs+CpZ3aGDM=
last-modified
Wed, 20 Mar 2019 09:27:44 GMT
server
cloudflare
etag
W/"c3f3d67878f8ca4fcfeb92360dd1b9c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
2YwVm_1XYrgoIqgiOUeg1QGsGyIDyv1h
x-amz-cf-pop
TXL52-C1
cf-ray
5e33f8755e63073e-FRA
x-amz-cf-id
xKUWX4G06kt3Kw8AzHkTijCECllPm8vJPZaPgjUGx7259aTiniWDDw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
flamabook-webfont.woff
cdn2.hubspot.net/hubfs/1545457/Fonts/
29 KB
29 KB
Font
General
Full URL
https://cdn2.hubspot.net/hubfs/1545457/Fonts/flamabook-webfont.woff
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/combined-css-976cbfd2551039f94d5867c4131c78bb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544aef7c0644c283625df38d6bfed2bbed4bfb2ee5b3ddf5c287070688590f83

Request headers

Origin
https://info.tradewindsnews.com
Referer
https://info.tradewindsnews.com/hs-fs/hub/1545457/hub_generated/template_assets/1592268870411/combined-css-976cbfd2551039f94d5867c4131c78bb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 81db6db0bc548ca5046f3395364a3667.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-3984593555,P-1545457,FLS-ALL
age
27657
edge-cache-tag
F-3984593555,P-1545457,FLS-ALL
status
200
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
653DECA2F9BEDD91
cf-request-id
05d4599d560000073e0e100000000001
x-amz-id-2
JUa9xKkQFjPkrNHUPikeBzomvNDUn3yjh+YH6DKmOGKrKakuCQEuMRANy1eQAj8AnXOPqZq6t0E=
last-modified
Wed, 20 Mar 2019 09:27:47 GMT
server
cloudflare
etag
W/"efe7a1e4aa394428d249b37bea45a9a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
5ptZ.Jw64M0ibJkugorliX7XDHOsWTxm
x-amz-cf-pop
TXL52-C1
cf-ray
5e33f8755e68073e-FRA
x-amz-cf-id
IaUvN-5UchslmxRShqB1XAWunGzH4vnCDhtUgQSwwMH_Miv1CWatRA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
d205798f-6fdb-450e-bf6d-f37bb74993fc
info.tradewindsnews.com/_hcms/forms/embed/v3/form/1545457/
18 KB
4 KB
Script
General
Full URL
https://info.tradewindsnews.com/_hcms/forms/embed/v3/form/1545457/d205798f-6fdb-450e-bf6d-f37bb74993fc?callback=hs_reqwest_0&hutk=
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a859832bdea03899b05434d7f85d3f65147d42a07cea07ca9207420d5c3a06b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
x-trace
2B79002D80F7D3E7BD2DB5D4758E36A7247A3E72C2000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
content-disposition
attachment; filename=no-rfd.txt
cf-ray
5e33f8758df96455-FRA
cf-request-id
05d4599d730000645536247000000001
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/
0
425 B
Script
General
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=1545457&callback=jsonpHandler
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B807E70A221973B768DD5D81B8CAC1A50FA2871D8000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
status
204
cache-control
max-age=0
access-control-allow-credentials
false
cf-ray
5e33f875aca005c8-FRA
cf-request-id
05d4599d88000005c8553de000000001
collect
www.google-analytics.com/j/
4 B
73 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1532484344&t=pageview&_s=1&dl=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%3Futm_medium%3Demail%26_hsmi%3D97570799%26_hsenc%3Dp2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg%26utm_content%3D97570799%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=TradeWinds%20-%20Confirm%20your%20email&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=619684526&gjid=1255806058&cid=32437803.1602874279&tid=UA-89176255-1&_gid=651383571.1602874279&_r=1&_slc=1&z=2041992670
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 18:51:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://info.tradewindsnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
95 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-89176255-1&cid=32437803.1602874279&jid=619684526&gjid=1255806058&_gid=651383571.1602874279&_u=IEBAAEAAAAAAAC~&z=568395935
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Oct 2020 18:51:19 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://info.tradewindsnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
513 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-89176255-1&cid=32437803.1602874279&jid=619684526&_u=IEBAAEAAAAAAAC~&z=530590441
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 18:51:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
513 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-89176255-1&cid=32437803.1602874279&jid=619684526&_u=IEBAAEAAAAAAAC~&z=530590441
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 18:51:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1545457.js
js.hs-banner.com/
47 KB
12 KB
Script
General
Full URL
https://js.hs-banner.com/1545457.js
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/hs/scriptloader/1545457.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cea950f22cad0fc77a30f75239091479c4b09149c191dd2267dc8a4855de8ac

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=WM+Jhg==, md5=gkMg30B1cQt85uc5ZwXCzA==
date
Fri, 16 Oct 2020 18:51:19 GMT
content-encoding
br
cf-cache-status
HIT
age
71
x-guploader-uploadid
ABg5-Uws5e0jER-pVR0MBQjmUCrGipqBocwNnLore7hh9qmAFkpGl6rop92mWjcmzQS6uX7YFcXm9BPt1ftc_hMgss4
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript; charset=UTF-8
cf-request-id
05d4599e090000d6c1c208f000000001
timing-allow-origin
*
last-modified
Thu, 01 Oct 2020 13:36:59 GMT
server
cloudflare
etag
W/"824320df4075710b7ce6e7396705c2cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1601559419797312
access-control-allow-origin
https://www.upstreamonline.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
47790
cf-ray
5e33f8767d04d6c1-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 16 Oct 2020 18:55:08 GMT
collectedforms.js
js.hscollectedforms.net/
90 KB
26 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/hs/scriptloader/1545457.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f

Request headers

Origin
https://info.tradewindsnews.com
Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 b3c28b0190a7a4fb6afeefe61f7957b0.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
27658
x-amz-server-side-encryption
AES256
cf-ray
5e33f8767dcee007-FRA
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
05d4599e0c0000e0077d350000000001
last-modified
Thu, 20 Aug 2020 10:23:03 UTC
server
cloudflare
etag
W/"421b26f95ea43197174fcb344facb242"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
IDP52L7B1Fr.Tl8ZOvcH4PutJxHgMsyE
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
w_p4jbXBX86L1fm_6KerWZxEItAbEkg7a96J_H7l7w8tbJ0bFnM0hg==
fb.js
js.hsadspixel.net/
6 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/hs/scriptloader/1545457.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce7867d0f284d41fce8aaab6a144e978a80e701fe2f6bcfa5e130402762a453

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
via
1.1 2f58b5586b40002efa57d2542863b53f.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
157
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
05d4599e0a00000610a5288000000001
last-modified
Mon, 28 Sep 2020 01:44:31 UTC
server
cloudflare
etag
W/"68a7bbdbdcc76df0e2371cb7302cebcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
cUR.NpDPOzEU9aoaLuWpNZUGFhhYGCmg
cache-control
max-age=600
x-amz-cf-pop
IAD66-C2
cf-ray
5e33f87679f30610-FRA
x-amz-cf-id
4aTsqgiMEV6RAdpYcfFIel00cMf3hEN3cgd-bryoGzpwzH0m1NwnNw==
1545457.js
js.hs-analytics.net/analytics/1602874200000/
61 KB
19 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1602874200000/1545457.js
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/hs/scriptloader/1545457.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
376c1a11507fa41ff9dcef48396087f622d36312476bddf4a62570ea293d94bb

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
content-encoding
br
cf-cache-status
HIT
age
149
x-guploader-uploadid
ABg5-UwNssQt0bkWD0xkkoAiuhwqvmHQlF81PXPJWerf-4QIk50ii965KsX_8Cu70kx-9CqfikwHcTwmvsi9Hwvj7Om8PbiDNQ
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
05d4599e0900001f55a3a7f000000001
last-modified
Fri, 28 Aug 2020 17:25:19 GMT
server
cloudflare
etag
W/"c26e5bd77c74cc898790cc7e54570d64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=rhQLfw==, md5=wm5b13x0zImHkMx+VFcNZA==
x-goog-generation
1598635519906627
cache-control
max-age=300, public
access-control-allow-credentials
false
x-goog-stored-content-length
62309
cf-ray
5e33f8767e2b1f55-FRA
expires
Fri, 16 Oct 2020 18:53:50 GMT
json
forms.hubspot.com/collected-forms/v1/config/
115 B
654 B
XHR
General
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=1545457&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df75389c177cfd2638d509f560e9756601041dce099242297c3d4ca108172331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
05d4599e570000dfe7f4b80000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://info.tradewindsnews.com
access-control-allow-credentials
false
cf-ray
5e33f876ec25dfe7-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/
45 B
223 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1545457&pi=5767056861&ct=landing-page&ccu=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email&cpi=5767056861&lpi=5767056861&lvi=5767056861&pu=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%3Futm_medium%3Demail%26_hsmi%3D97570799%26_hsenc%3Dp2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg%26utm_content%3D97570799%26utm_source%3Dhs_email&t=TradeWinds+-+Confirm+your+email&cts=1602874279497&vi=57a579f0c668550d83dde1c808407437&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5e33f876e8dd05c8-FRA
date
Fri, 16 Oct 2020 18:51:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
05d4599e53000005c885179000000001
x-robots-tag
none
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/
74 B
680 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=1545457
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4904a65ff3e8244b4820792af7fcf7bea6abd383b7cbab05acea70d9bd5a7450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
05d4599e69000096e60b3b3000000001
server
cloudflare
x-trace
2B1BB19BAA432BEC0B7DF8D20C7CC454052A46C161000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://info.tradewindsnews.com
access-control-allow-credentials
false
cf-ray
5e33f877083c96e6-FRA
access-control-allow-headers
*
collect
www.google-analytics.com/
35 B
122 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1532484344&t=pageview&_s=2&dl=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%3Futm_medium%3Demail%26_hsmi%3D97570799%26_hsenc%3Dp2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg%26utm_content%3D97570799%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=TradeWinds%20-%20Confirm%20your%20email&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=32437803.1602874279&tid=UA-89176255-1&_gid=651383571.1602874279&z=2086083461
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 03:43:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54479
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
__ptq.gif
track.hubspot.com/
45 B
129 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=d205798f-6fdb-450e-bf6d-f37bb74993fc&fci=a23fdae8-c9e1-4ecf-a278-659942cc526e&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1545457&pi=5767056861&ct=landing-page&ccu=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email&cpi=5767056861&lpi=5767056861&lvi=5767056861&pu=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%3Futm_medium%3Demail%26_hsmi%3D97570799%26_hsenc%3Dp2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg%26utm_content%3D97570799%26utm_source%3Dhs_email&t=TradeWinds+-+Confirm+your+email&cts=1602874279532&vi=57a579f0c668550d83dde1c808407437&nc=true&u=101862852.57a579f0c668550d83dde1c808407437.1602874279494.1602874279494.1602874279494.1&b=101862852.1.1602874279494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5e33f877297a05c8-FRA
date
Fri, 16 Oct 2020 18:51:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
05d4599e78000005c86889e000000001
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
129 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=d205798f-6fdb-450e-bf6d-f37bb74993fc&fci=a23fdae8-c9e1-4ecf-a278-659942cc526e&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1545457&pi=5767056861&ct=landing-page&ccu=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email&cpi=5767056861&lpi=5767056861&lvi=5767056861&pu=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%3Futm_medium%3Demail%26_hsmi%3D97570799%26_hsenc%3Dp2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg%26utm_content%3D97570799%26utm_source%3Dhs_email&t=TradeWinds+-+Confirm+your+email&cts=1602874279538&vi=57a579f0c668550d83dde1c808407437&nc=true&u=101862852.57a579f0c668550d83dde1c808407437.1602874279494.1602874279494.1602874279494.1&b=101862852.1.1602874279494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5e33f877297c05c8-FRA
date
Fri, 16 Oct 2020 18:51:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
05d4599e79000005c85b1da000000001
x-robots-tag
none
counters.gif
forms.hsforms.com/embed/v3/
35 B
530 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
cf-cache-status
MISS
server
cloudflare
x-trace
2BBAB72AF0AF2CD0E3F866C2B0C63059B0F4FA1EED000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
5e33f877d88d2c32-FRA
content-length
35
cf-request-id
05d4599ee800002c3226a35000000001
fbevents.js
connect.facebook.net/en_US/
88 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
TznC2hFd9sWQHbQlJp/FSZZOzqySga2MPMbZrF6Tqrn15dufJoD1fz+LZ1+kYIFiWtML8foh1D307+N39JsqgQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 16 Oct 2020 18:51:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
705364376710928
connect.facebook.net/signals/config/
234 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/705364376710928?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26064680f7d7008d77b91b390a09125ce22be3d4615c3a51c7ddb09e03d78cac
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69825
x-xss-protection
0
pragma
public
x-fb-debug
DGRDlslptiGhn2L9vKOMS80dS6ubcrim+NbzOLg+JyiJdd1e+SpGxn0qWfDWon2zswetHV0L1xcoZdGuEQJpwQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 16 Oct 2020 18:51:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
377 B
Image
General
Full URL
https://www.facebook.com/tr/?id=705364376710928&ev=PageView&dl=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%3Futm_medium%3Demail%26_hsmi%3D97570799%26_hsenc%3Dp2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg%26utm_content%3D97570799%26utm_source%3Dhs_email&rl=&if=false&ts=1602874279723&sw=1600&sh=1200&v=2.9.27&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1602874279722.1369484258&it=1602874279690&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 18:51:19 GMT
/
www.facebook.com/tr/
44 B
146 B
Image
General
Full URL
https://www.facebook.com/tr/?id=705364376710928&ev=Microdata&dl=https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%3Futm_medium%3Demail%26_hsmi%3D97570799%26_hsenc%3Dp2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg%26utm_content%3D97570799%26utm_source%3Dhs_email&rl=&if=false&ts=1602874280226&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TradeWinds%20-%20Confirm%20your%20email%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22TradeWinds%20-%20Confirm%20your%20email%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Finfo.tradewindsnews.com%2Fconfirm-your-email%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1602874279722.1369484258&it=1602874279690&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:51:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 18:51:20 GMT
perf
info.tradewindsnews.com/_hcms/
2 B
195 B
XHR
General
Full URL
https://info.tradewindsnews.com/_hcms/perf
Requested by
Host: info.tradewindsnews.com
URL: https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:87b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://info.tradewindsnews.com/confirm-your-email?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz--YofQ8TMBtIJcY_QkmJXLo061a3BAdoDx-U5o0S5uwvKl1RNoEn804Uolksjf2yBEc86-LgusOHKiAA2rgz2X1IeesZg&utm_content=97570799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

cf-ray
5e33f8899d346455-FRA
date
Fri, 16 Oct 2020 18:51:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B089F9896BA6731726B9FAAB611436D8128B90597000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
false
x-robots-tag
none
content-length
2
cf-request-id
05d459aa020000645534376000000001

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| hsjQuery object| _hsp string| GoogleAnalyticsObject function| ga function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| options object| HSFR object| _hsq function| hs_reqwest_0 object| hsVars function| jsonpHandler object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| PIXELS_RAN object| _paq boolean| _hstc_loaded boolean| _hspb_loaded function| setImmediate function| clearImmediate object| __hsCollectedFormsDebug boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran function| fbq function| _fbq

9 Cookies

Domain/Path Name / Value
info.tradewindsnews.com/ Name: __hssrc
Value: 1
info.tradewindsnews.com/ Name: hubspotutk
Value: 57a579f0c668550d83dde1c808407437
info.tradewindsnews.com/ Name: __hstc
Value: 101862852.57a579f0c668550d83dde1c808407437.1602874279494.1602874279494.1602874279494.1
.tradewindsnews.com/ Name: _ga
Value: GA1.2.32437803.1602874279
.info.tradewindsnews.com/ Name: __cfruid
Value: 5bd2725beaa5ea46e7a31baa7ac85498a88a313d-1602874279
.tradewindsnews.com/ Name: _gat
Value: 1
.tradewindsnews.com/ Name: _gid
Value: GA1.2.651383571.1602874279
info.tradewindsnews.com/ Name: __hssc
Value: 101862852.1.1602874279494
.info.tradewindsnews.com/ Name: __cfduid
Value: dd5f396b7287a6bbd7d33155ef7b933661602874278

1 Console Messages

Source Level URL
Text
console-api debug URL: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgGhBW1YpTNT4M098vN30RH9vzlfRbW4gYZTW3R31H4W89cPXd2Kp6vqW8KhFx574t9r0W3JPpZg1235b1W29H-qX2JYK59W5H7zyH5q8QrtW7Vl__Q8c1dnbW6Rv3mv2DlXJVW1M0FBR3tTKSJW3qbYjB1z6b8GW5MBWYM2Rg-9bW8lv5Q88-NJvyW88c7Zw5YW3mGW2NdDfs50LzwgW3p-Grn7L0jwGW8j8SPF1Gb4JnW2DVyS83k8qpKVDnyJw243qNxW6s6pGX2h1rgSV_D4y74fgPN138hk1(Line 13)
Message:
toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
app.hubspot.com
cdn2.hubspot.net
connect.facebook.net
forms.hsforms.com
forms.hubspot.com
info.tradewindsnews.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.nhstglobal.com
2606:4700::6810:5805
2606:4700::6811:46b0
2606:4700::6811:72b0
2606:4700::6811:80ab
2606:4700::6811:87b4
2606:4700::6811:c8cc
2606:4700::6811:f3cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:802::2004
2a00:1450:4001:806::2003
2a00:1450:4001:81b::200e
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0ce7867d0f284d41fce8aaab6a144e978a80e701fe2f6bcfa5e130402762a453
0cea950f22cad0fc77a30f75239091479c4b09149c191dd2267dc8a4855de8ac
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18030a729f2aa5467d65b9668378358416ab21098db1573da48b93cd29fb04bb
26064680f7d7008d77b91b390a09125ce22be3d4615c3a51c7ddb09e03d78cac
28a10c1f5d82f21d724f45b8fe8d90be175ca8b321efa5ee71888cbe540060ca
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
376c1a11507fa41ff9dcef48396087f622d36312476bddf4a62570ea293d94bb
4904a65ff3e8244b4820792af7fcf7bea6abd383b7cbab05acea70d9bd5a7450
544aef7c0644c283625df38d6bfed2bbed4bfb2ee5b3ddf5c287070688590f83
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
595a818dee6276e188af63c36a468ff9e80f87d932ca9181247abd2604a0907b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6211f10b2004b54263db0bbab0bab6507c36f652993f61369e107e0c9ccb6280
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d9264ffe2e36530ca7588c72d576a87b56410e7d7e55004e72e237ad38a8385
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f
a859832bdea03899b05434d7f85d3f65147d42a07cea07ca9207420d5c3a06b8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01239f794960895685fc4a12609549baba5d1ac2d845570816a3207d1b7959e
b7957a64e6da96171854370ac4448930e11caffd8460e8a37cd3e205c7d90699
bdecc35eebbb50f533848f419ba3a315047ea518c9ffe01af79a5fac49598bde
c7204a0030be3eded90bf21ad1e4e8e35dbe658a84b252607a9b25387e385f2e
ca79795a766e55f6d315b68d03dad35fad5c0d91268d91bbfb6a72649848ee51
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
df75389c177cfd2638d509f560e9756601041dce099242297c3d4ca108172331
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629