urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
2606:4700::6813:d459  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dmpa.us/ukuDI
Effective URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEE...
Submission: On March 21 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 20 domains to perform 138 HTTP transactions. The main IP is 2606:4700::6813:d459, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 56855.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.102.231.129 396982 (GOOGLE-CL...)
1 11 2606:4700::68... 13335 (CLOUDFLAR...)
46 151.101.64.176 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:26f... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:251... 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 146.75.28.157 54113 (FASTLY)
2 2a03:2880:f0a... 32934 (FACEBOOK)
2 198.202.176.141 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
18 54.186.23.98 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 50.112.21.45 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f18... 32934 (FACEBOOK)
12 2607:f8b0:400... 15169 (GOOGLE)
6 104.18.125.91 13335 (CLOUDFLAR...)
138 25
1    34.102.231.129 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 129.231.102.34.bc.googleusercontent.com
dmpa.us
11    2606:4700::6813:d459 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.winred.com
46    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
b.stripecdn.com
4    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
3    2600:9000:26fa:d800:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)
d35ligi1n5bgzc.cloudfront.net
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6813:d359 (United States)

ASN13335 (CLOUDFLARENET, US)
app.revv.co
3    2607:f8b0:4004:c06::5c (Washington, United States)

ASN15169 (GOOGLE, US)
pay.google.com
2    2600:9000:2514:1400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
5    2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f0a5:116:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    198.202.176.141 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
3    2606:4700::6810:fa45 (United States)

ASN13335 (CLOUDFLARENET, US)
gtm.winred.com
2    2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
18    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
r.stripe.com
stripe.com
4    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4004:c06::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    50.112.21.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-21-45.us-west-2.compute.amazonaws.com
m.stripe.com
1    2607:f8b0:4004:c09::64 (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a03:2880:f189:184:face:b00c:0:25de (London, United Kingdom)

ASN32934 (FACEBOOK, US)
www.facebook.com
12    2607:f8b0:4004:c1d::8a (Washington, United States)

ASN15169 (GOOGLE, US)
play.google.com
6    104.18.125.91 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
api.hcaptcha.com
Apex Domain
Subdomains		 Transfer
66 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2499
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 12852
r.stripe.com — Cisco Umbrella Rank: 4705
m.stripe.com — Cisco Umbrella Rank: 2405
stripe.com — Cisco Umbrella Rank: 1958
2 MB
17 google.com
pay.google.com — Cisco Umbrella Rank: 4261
www.google.com — Cisco Umbrella Rank: 5
analytics.google.com — Cisco Umbrella Rank: 258
play.google.com — Cisco Umbrella Rank: 91
425 KB
14 winred.com
secure.winred.com — Cisco Umbrella Rank: 56855
gtm.winred.com — Cisco Umbrella Rank: 117173
210 KB
6 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 6136
newassets.hcaptcha.com — Cisco Umbrella Rank: 7524
api.hcaptcha.com — Cisco Umbrella Rank: 7700
442 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
477 KB
4 gstatic.com
www.gstatic.com
102 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 654
188 KB
3 stripecdn.com
b.stripecdn.com — Cisco Umbrella Rank: 17024
45 KB
3 cloudfront.net
d35ligi1n5bgzc.cloudfront.net
222 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
405 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 251
70 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2673
16 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
270 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1224
723 B
1 t.co
t.co — Cisco Umbrella Rank: 766
375 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1208
15 KB
1 revv.co
app.revv.co — Cisco Umbrella Rank: 276828
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1408
7 KB
1 dmpa.us
dmpa.us
437 B
138 20
Domain Requested by
43 js.stripe.com secure.winred.com
js.stripe.com
16 r.stripe.com js.stripe.com
12 play.google.com www.gstatic.com
11 secure.winred.com 1 redirects secure.winred.com
static.cloudflareinsights.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
secure.winred.com
5 www.googletagmanager.com secure.winred.com
www.googletagmanager.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 maps.googleapis.com secure.winred.com
maps.googleapis.com
3 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 b.stripecdn.com js.stripe.com
b.stripecdn.com
3 m.stripe.com m.stripe.network
3 gtm.winred.com www.googletagmanager.com
3 pay.google.com js.stripe.com
pay.google.com
www.gstatic.com
3 d35ligi1n5bgzc.cloudfront.net secure.winred.com
2 api.hcaptcha.com newassets.hcaptcha.com
2 stripe.com js.stripe.com
2 stats.g.doubleclick.net www.google-analytics.com
secure.winred.com
2 merchant-ui-api.stripe.com js.stripe.com
2 connect.facebook.net secure.winred.com
connect.facebook.net
2 m.stripe.network js.stripe.com
m.stripe.network
1 hcaptcha.com b.stripecdn.com
1 www.facebook.com secure.winred.com
1 analytics.google.com secure.winred.com
1 www.google.com secure.winred.com
1 analytics.twitter.com secure.winred.com
1 t.co secure.winred.com
1 static.ads-twitter.com www.googletagmanager.com
1 app.revv.co secure.winred.com
1 static.cloudflareinsights.com secure.winred.com
1 dmpa.us 1 redirects
138 30

This site contains links to these domains. Also see Links.

Domain
winred.com
davidmccormick.wpenginepowered.com
Subject Issuer Validity Valid
secure.winred.com
Cloudflare Inc ECC CA-3		 2024-01-22 -
2024-12-31		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-30 -
2024-03-29		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2024-03-06 -
2024-06-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-04 -
2025-01-02		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2024-05-23		 3 months crt.sh
hcaptcha.com
E1		 2024-03-15 -
2024-06-13		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Frame ID: 1F9879652A7EE53D0F706959A1146F61
Requests: 43 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: D96CF1598D420C517E97269B0493F325
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Frame ID: 99C795940D506B1E1DB4970E3BE7B69E
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
Frame ID: 511B03190789546C34683C2D593540E5
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Frame ID: B04FD3EE8321FCF42C2885D13D79529E
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
Frame ID: DECD5F40E7D0C0DD1D45FF362725C433
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-09803050f9c30b59d3a082b2d9cb2614.html
Frame ID: 6CC27527F4190E93C1F8A2ABC33716E3
Requests: 3 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Frame ID: 3D6837ACF85B3C27326C5C074B7435F4
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7FD870E74D5573C36EEA57047E7BDF40
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 9F64D793506CCD4EBAD0877845D6212B
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-6a685558fd6d913708d128091251ea9e.html
Frame ID: A3B8D838B2680FE15A8630EE59EBF480
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
Frame ID: 7008EE19164F2A75CE53107B138CBBD2
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
Frame ID: 7C1EC6FC5194A1AFA5A21DD5A93D0165
Requests: 7 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=9fcc71e5-8ea2-499f-998f-941d38ad7184&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: E01E5E6284AC60958A7F79F34E88CB71
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c44fc00/static/hcaptcha.html?_v=ht9slhqz3sg
Frame ID: 12CECA0FCDF6B140B32B964C0A674FA5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate today!

Page URL History Show full URLs

  1. http://dmpa.us/ukuDI HTTP 301
    https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZY... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

138
Requests

99 %
HTTPS

65 %
IPv6

20
Domains

30
Subdomains

25
IPs

3
Countries

4155 kB
Transfer

14172 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dmpa.us/ukuDI HTTP 301
    https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

138 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request q1-goal-march-sms-bobcl
secure.winred.com/mccormick-pa/
Redirect Chain
  • http://dmpa.us/ukuDI
  • https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm...
47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4594458e10f3bbbbd120b9a11bd0dd49262022cf6a4fc6097dcb5345ae7ec996
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
86805f25aecb6aee-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-rack-cors
miss; no-origin
x-request-id
ee558a18-3116-49dd-bf2c-e73dad1ef34d
x-revv-cache
Hit from Revv
x-runtime
0.080870
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
text/html
Date
Thu, 21 Mar 2024 19:33:05 GMT
Server
Google Frontend
Via
1.1 google
X-Cloud-Trace-Context
efecade4b6b1a537eaf7fe053534ad20
location
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
/
js.stripe.com/v3/ 		607 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
89818d0f252047d1ad939d0982d33455a9f31a5b236bab5bbabc2b9dfada71a4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:05 GMT
via
1.1 varnish
age
58
x-cache
HIT
content-length
171386
x-request-id
85d141e9-2294-469b-93bd-22a83474cd90
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"3825e4cd803e1a5b759296e15bdb3f4a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
46
landing_page-b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898.css
secure.winred.com/assets/ 		219 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/landing_page-b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961951e588ed2cbd0dadda321becf5c4d27451bb0896262f86e7d922da5794ca
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:05 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
q0_ceJ2MEeWmji.wC6x_8KP_vAJS2_4m
cf-cache-status
HIT
x-amz-request-id
NNHFCWW1X5ECJ27H
age
3778
cf-polished
origSize=227667
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KXgzBeoWxBstQANuAPB+7ZSSRB97fujGosf7cUWxrYJdhvTXweNaNseNBekIT+T8V04ab6bOJpw=
cf-bgj
minify
last-modified
Tue, 05 Mar 2024 00:21:36 GMT
server
cloudflare
etag
W/"57df3b6cebff9962c43c29347b45123f"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
86805f26cf0f6aee-BUF
expires
Thu, 21 Mar 2024 23:33:05 GMT
1711037986.css
secure.winred.com/stylesheets/rv_page_01hsgwz0sne599yhbdz2yrxmys/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/stylesheets/rv_page_01hsgwz0sne599yhbdz2yrxmys/1711037986.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b63fd077baba6c28e30b43a992c291aae2a7e03d414d765b19f80093ad5cf56
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-rack-cors
miss; no-origin
date
Thu, 21 Mar 2024 19:33:05 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
cf-polished
origSize=8585
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
bd8abc34-d23a-4b71-b604-093a701c8f10
x-runtime
0.052060
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Thu, 21 Mar 2024 16:56:18 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, max-age=31556952
cf-ray
86805f26cf106aee-BUF
expires
Sat, 22 Mar 2025 01:22:17 GMT
js
maps.googleapis.com/maps/api/ 		232 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
23cb7b3a104a308527233a6467e84a80b618cdfd8e96b87db8f9608db693efcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77421
x-xss-protection
0
application-landing-page-e23d78f5dae749bd70067ba6d3bdf2e924c8866792d4dc2d5570569787a0c676.js
secure.winred.com/assets/ 		488 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/application-landing-page-e23d78f5dae749bd70067ba6d3bdf2e924c8866792d4dc2d5570569787a0c676.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3bcb4b6ff50975328f38e8553353ce3c0a5bf93a578f9c4d6affc81870c349
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:05 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
3bK8BvucZTRAbTuPs1lO1vzovxv1fn3N
cf-cache-status
HIT
x-amz-request-id
WY4XMWCED4MER4QZ
age
3778
cf-polished
origSize=499824
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tRa1UNcXpbTufW3QRx2okU6kJ6r5FjcJejkRPi9+HPZE66F9aybe0GufRTqRFrvcR73LO262gh0=
cf-bgj
minify
last-modified
Tue, 05 Mar 2024 00:21:32 GMT
server
cloudflare
etag
W/"9aa57484c8a794fd69956b30a12bc89c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
86805f26cf116aee-BUF
expires
Thu, 21 Mar 2024 23:33:05 GMT
mccormick.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/742/656/large/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/742/656/large/mccormick.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:d800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
570474c4c0cd5c681dbac417338f042041148c2b93cf4176102973b0ad93fbde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
_ucTKoSv7D.Mqx5kFKwgsmu_IOsD9eab
date
Thu, 21 Mar 2024 07:15:36 GMT
via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
44250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Wed, 04 Oct 2023 14:59:07 GMT
server
AmazonS3
etag
"2c8dbedf4d9034c0e7903159c598f78b"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
DxNSaJPgHXQI15S7J28F9NX2ySZuRfdDI6NwOF40Gsl247R18SSPog==
DM_WR_headshot_200x200-02.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/861/855/square/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/861/855/square/DM_WR_headshot_200x200-02.jpg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:d800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c073dbd3008e525565a37cacee6fb8960a017a1713ab97257e4e1763fe973984

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
0DL5PHQJGWEytaH1UV8cbIxn_tpX74Da
date
Thu, 21 Mar 2024 07:15:36 GMT
via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
44250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9207
last-modified
Sat, 17 Feb 2024 18:31:51 GMT
server
AmazonS3
etag
"ab8adf70b48b8e0e573b0c17f9576d66"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
FqIeu0nEgNdKihRpn0zjqh5qhgqDwGGKqNlGhtdWWy58JaQcXlrdyQ==
win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:05 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
aJPW9Tz10D0h5EN716h5nNhnc17HLXCv
cf-cache-status
HIT
x-amz-request-id
P1V1ZMYZP98T1EQ2
age
3777
cf-polished
origFmt=png, origSize=11635
content-disposition
inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
alt-svc
h3=":443"; ma=86400
content-length
8708
x-amz-id-2
dGpoKbTJK1n0djjdSkbU39/cXtnXT6rOc7Xoxezt0K1tUMysmjCEtzXrep0h4/EbSJ/u2NFwjBs=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Mar 2024 00:21:38 GMT
server
cloudflare
etag
"972c0cca8d1e490484e89513f902e847"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
86805f277c054bd5-BUF
expires
Thu, 21 Mar 2024 23:33:05 GMT
win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 		19 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:05 GMT
x-amz-version-id
Az3yddraX6NBL3cGCjLuutdF8aYFLjMZ
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
x-amz-request-id
4JJ1G48JD5QTPA5V
age
3778
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4XFtHgML29JugBU1l+lGJfJBs8kVeEwH8v18YqHGDXZ4NYj894ADjJjvk1XHlL3ekUk0G6adgAc=
last-modified
Tue, 05 Mar 2024 00:21:38 GMT
server
cloudflare
etag
W/"d31530d4186af669daf4f47099614593"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
86805f278c074bd5-BUF
expires
Thu, 21 Mar 2024 23:33:05 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://secure.winred.com/
Origin
https://secure.winred.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86805f286e7a4bbb-BUF
gtm.js
www.googletagmanager.com/ 		462 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
937bf21c22c7694f6a367f7d9da088ba819763c7ab6bd1bd6c99c367801f9e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105117
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 19:01:20 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Mar 2024 19:33:06 GMT
gtm.js
www.googletagmanager.com/ 		242 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MDKJS6DK
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a822578947b59a967c22031f5e839c377eee5ecd82d96f5d90915b4c31edc125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87699
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 19:01:20 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Mar 2024 19:33:06 GMT
DM_headshot_WRBackground_1920x1200-02.jpg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/857/975/large/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/857/975/large/DM_headshot_WRBackground_1920x1200-02.jpg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01hsgwz0sne599yhbdz2yrxmys/1711037986.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:d800:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8293f99ab5044743e33100d09ebcaf7097cd4fa2a7574fbd476e99e987beebdf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
DFhPO4ZDgETyb7Hu1VCNp5j.hSwvOylN
date
Thu, 21 Mar 2024 09:32:58 GMT
via
1.1 86f58a7ba760944d1efd0f2fe2242e1e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
36008
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
210270
last-modified
Wed, 14 Feb 2024 15:41:08 GMT
server
AmazonS3
etag
"9deacb3bb299aa9227b54f83418e3830"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
p_l5DH9FRAKveKDrDZBq3VO1pxyJoLggDsxUXCqGFad8xmYNWh9nBA==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame D96C 		200 B
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
11070752
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:06 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
104765
x-content-type-options
nosniff
x-request-id
1074dc2e-a2a8-4c87-8d26-d97a7b2274ab
x-served-by
cache-yyz4566-YYZ
controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
js.stripe.com/v3/ Frame 99C7 		391 B
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fc2e52ee9e3c6923f731ec22d8a82cbdbcae502f496d94cb3d8dab2299516a0d
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
52
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:06 GMT
etag
"8b86b255b8b0522f0f1ed0a340e6f82c"
last-modified
Thu, 21 Mar 2024 18:10:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6
x-content-type-options
nosniff
x-request-id
7a7cb29d-6448-4393-b407-1c3398196444
x-served-by
cache-yyz4566-YYZ
elements-inner-card-f47ffba3da564f173460f3a665030778.html
js.stripe.com/v3/ Frame 511B 		798 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c55695d2700264c33b2a33530f453527daecbb0986317b15d0b83a1f158da723
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4793
cache-control
max-age=31536000
content-encoding
br
content-length
361
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:06 GMT
etag
"f47ffba3da564f173460f3a665030778"
last-modified
Thu, 21 Mar 2024 18:10:04 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
154
x-content-type-options
nosniff
x-request-id
b5e5d6fc-b3e6-4c94-8cca-d938040dca7b
x-served-by
cache-yyz4566-YYZ
current_with_info
app.revv.co/api/v3/users/ 		162 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-e23d78f5dae749bd70067ba6d3bdf2e924c8866792d4dc2d5570569787a0c676.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce5bf601250ca0b81f273f7b65d22c3af4e16fa443284028a1f141e1ca43637e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.winred.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin
https://secure.winred.com
x-rack-cors
hit
date
Thu, 21 Mar 2024 19:33:06 GMT
x-rack-cors-original-access-control-max-age
0
x-rack-cors-original-access-control-allow-credentials
true
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-encoding
br
x-rack-cors-original-access-control-allow-methods
GET, POST, OPTIONS
x-rack-cors-original-access-control-expose-headers
alt-svc
h3=":443"; ma=86400
x-request-id
ac738eea-c620-4f5e-aab0-b1cd077766da
x-runtime
0.012182
server
cloudflare
etag
W/"ce5bf601250ca0b81f273f7b65d22c3a"
access-control-max-age
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.api+json
access-control-allow-origin
https://secure.winred.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
vary
Origin
cf-ray
86805f29ae184bd3-BUF
controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
js.stripe.com/v3/ Frame B04F 		391 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fc2e52ee9e3c6923f731ec22d8a82cbdbcae502f496d94cb3d8dab2299516a0d
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
52
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:06 GMT
etag
"8b86b255b8b0522f0f1ed0a340e6f82c"
last-modified
Thu, 21 Mar 2024 18:10:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
7
x-content-type-options
nosniff
x-request-id
971a9f33-cfe6-4c56-9c97-779b2dfb89a5
x-served-by
cache-yyz4566-YYZ
payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
js.stripe.com/v3/ Frame DECD 		408 B
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
12125bff75c6dbdacd97488f6ce70b57aa2f241182dc054fb7aeb7eb38f7c880
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4788
cache-control
max-age=31536000
content-encoding
br
content-length
222
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:06 GMT
etag
"85dfe938b7b8f88b155e96258fe3e60f"
last-modified
Thu, 21 Mar 2024 18:10:18 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
90
x-content-type-options
nosniff
x-request-id
0537326f-af5f-4008-98f1-7381395a7074
x-served-by
cache-yyz4566-YYZ
payment-request-inner-browser-09803050f9c30b59d3a082b2d9cb2614.html
js.stripe.com/v3/ Frame 6CC2 		344 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-09803050f9c30b59d3a082b2d9cb2614.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a76888aba9148a29ab1e0a64d01e72d6255b4b5ab54888b8108d9b703c8f783a
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
48
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
202
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:06 GMT
etag
"09803050f9c30b59d3a082b2d9cb2614"
last-modified
Thu, 21 Mar 2024 18:10:18 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-content-type-options
nosniff
x-request-id
251e2324-3e76-49e0-98c7-c5e90612b928
x-served-by
cache-yyz4566-YYZ
statistics
secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl/forms/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl/forms/statistics
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9686f1d72ecac1891927614d9cf97912988aa6ad8bb106485ac21c8552bc1521
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
X-CSRF-Token
5PSpTf7iR4AIl1rngbalpmHtWpMSK5eyEj5Ut8QYqk/a9/m8/DqWrCrD2BWoEGqSmF3mnsQsZm0dcVMbI4uZJQ==
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-rack-cors
miss; no-origin
date
Thu, 21 Mar 2024 19:33:06 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6ab559ee-f2fc-4a32-a526-f72f5e9da80e
x-runtime
0.090547
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
cf-ray
86805f294c9d4bd5-BUF
main.js
secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/ Frame 3D68
Redirect Chain
  • https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H3
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3689e777c5bad3ef423b24ec1b121e7fd3336f74e5a54a1673d4cdb14f664cd8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86805f29ece44bd5-BUF
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 21 Mar 2024 19:33:06 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
cache-control
max-age=300, public
cf-ray
86805f296ca74bd5-BUF
alt-svc
h3=":443"; ma=86400
content-length
0
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame D96C 		526 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
9175453
x-cache
HIT
content-length
315
x-request-id
4369e47e-37a8-457c-a678-3ee242e5dc5b
x-served-by
cache-yyz4566-YYZ
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
97691
shared-b4a6eac4cca983acf7352ebfb471f117.js
js.stripe.com/v3/fingerprinted/js/ Frame 99C7 		538 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
133450
x-request-id
39fba2fe-1c61-45ed-88f4-1fba3879c452
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"51f747550641bfd144171653770630b6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
916
controller-3906a5c19ff9d346bc3ff91a6b61c953.js
js.stripe.com/v3/fingerprinted/js/ Frame 99C7 		716 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-3906a5c19ff9d346bc3ff91a6b61c953.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
684abfdf9accfc4f91488a7aa23a69058b1735c76172bc9cf22e1166bf12e6ac
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
190176
x-request-id
60b7d852-bbb4-4f37-ac6a-b30c008d0063
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:14 GMT
server
Fastly
etag
"1ee8c56952b46625ece3ccc86d2bd7d7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
909
shared-b4a6eac4cca983acf7352ebfb471f117.js
js.stripe.com/v3/fingerprinted/js/ Frame 511B 		538 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
133450
x-request-id
f93806cb-a33f-4983-885d-bf405941fdaf
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"51f747550641bfd144171653770630b6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
917
ui-shared-05d31098445ce495a09bc4de12e32ac5.js
js.stripe.com/v3/fingerprinted/js/ Frame 511B 		414 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-05d31098445ce495a09bc4de12e32ac5.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
94628f7fa989d5833eb6640bfd6d55d09e3da7af57af23f2589d95d787a08a58
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
119757
x-request-id
1de0d709-ff4a-4f5f-b0d0-14736ec5b3c0
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"d50998a933e21f6a323d8c212149d052"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
146
elements-inner-card-c59665615e93a709cc55f2e224e91491.js
js.stripe.com/v3/fingerprinted/js/ Frame 511B 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-c59665615e93a709cc55f2e224e91491.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1b563eda3dbdadcc71e09378d95a6c9f338b9d68b685742c67f07a9a924edb1f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
1290447
x-cache
HIT
content-length
15634
x-request-id
4f886458-e4af-40b2-8880-d57e57035f80
x-served-by
cache-yyz4566-YYZ
last-modified
Wed, 06 Mar 2024 21:02:55 GMT
server
Fastly
etag
"165858d7f65b235654cfb27c83b2fa40"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6646
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 511B 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
20819141
x-cache
HIT
content-length
3304
x-request-id
26a4500c-feed-48c8-b076-522eb4fa42b5
x-served-by
cache-yyz4566-YYZ
last-modified
Mon, 24 Jul 2023 20:23:04 GMT
server
Fastly
etag
"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8227
elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css
js.stripe.com/v3/fingerprinted/css/ Frame 511B 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
3547090
x-cache
HIT
content-length
2260
x-request-id
96c11210-fd1e-4328-8b8e-88f2fed6e604
x-served-by
cache-yyz4566-YYZ
last-modified
Fri, 09 Feb 2024 18:11:43 GMT
server
Fastly
etag
"87bf0041cf7ae5e77d770c423e25828a"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6512
shared-b4a6eac4cca983acf7352ebfb471f117.js
js.stripe.com/v3/fingerprinted/js/ Frame B04F 		538 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
133450
x-request-id
53c7dce8-9fb9-4649-80a3-1cfa27c411e5
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"51f747550641bfd144171653770630b6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
918
controller-3906a5c19ff9d346bc3ff91a6b61c953.js
js.stripe.com/v3/fingerprinted/js/ Frame B04F 		716 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-3906a5c19ff9d346bc3ff91a6b61c953.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
684abfdf9accfc4f91488a7aa23a69058b1735c76172bc9cf22e1166bf12e6ac
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
190176
x-request-id
e435e8fc-ace2-4929-8979-7d75954d8680
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:14 GMT
server
Fastly
etag
"1ee8c56952b46625ece3ccc86d2bd7d7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
910
pay.js
pay.google.com/gp/p/js/ Frame DECD 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08c8f5c6fdcf4d4992fe6bcf310cc3e7433ad7100e97fbf2b8bcb793cd367f6e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-w2VSB_ijZe4LH6VM0uyanw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-w2VSB_ijZe4LH6VM0uyanw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmII1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTx9eXTBJArAbEYj7TWQ9HT2flWzedVQWINddPZw0EYqf0GawBQOxTP4M1Cohbb55jnQzEQjwcn6Z9Ws8msOLIvH5GAODaNGE"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 21 Mar 2024 19:33:06 GMT
shared-b4a6eac4cca983acf7352ebfb471f117.js
js.stripe.com/v3/fingerprinted/js/ Frame DECD 		538 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
133450
x-request-id
9443cea8-7659-4494-a9e5-2095e40b78ae
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"51f747550641bfd144171653770630b6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
919
payment-request-inner-google-pay-5bb02d79c537526034c1fa96024c66e5.js
js.stripe.com/v3/fingerprinted/js/ Frame DECD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5bb02d79c537526034c1fa96024c66e5.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
00d78f1b546be10cade7ee23189e82e1fef2bc0af078f85f3b92bcd2e17d0655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-85dfe938b7b8f88b155e96258fe3e60f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
699680
x-cache
HIT
content-length
5097
x-request-id
0c5f63fe-1cd4-4dcc-95b0-b3faa71cd8dd
x-served-by
cache-yyz4566-YYZ
last-modified
Wed, 13 Mar 2024 17:06:57 GMT
server
Fastly
etag
"0d9b34e8fd450eb9bbaa1fb2b2ce369c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4228
shared-b4a6eac4cca983acf7352ebfb471f117.js
js.stripe.com/v3/fingerprinted/js/ Frame 6CC2 		538 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-09803050f9c30b59d3a082b2d9cb2614.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-09803050f9c30b59d3a082b2d9cb2614.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
4793
x-cache
HIT
content-length
133450
x-request-id
cd5c17af-ad7c-43b7-9133-0e9e74fb65f7
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"51f747550641bfd144171653770630b6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
920
payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
js.stripe.com/v3/fingerprinted/js/ Frame 6CC2 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-09803050f9c30b59d3a082b2d9cb2614.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-09803050f9c30b59d3a082b2d9cb2614.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
3547136
x-cache
HIT
content-length
5631
x-request-id
cdfaa2e2-a702-4eb1-85cb-b803c5093555
x-served-by
cache-yyz4566-YYZ
last-modified
Fri, 09 Feb 2024 18:11:55 GMT
server
Fastly
etag
"32dba56f50e599b5cc53a055305f8c45"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4651
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://secure.winred.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
inner.html
m.stripe.network/ Frame 7FD8 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:1400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
61
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:32:06 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
x-amz-cf-id
lFjwNPnrJMFSgGCiGrAtZwTxHiaeW3Ar2rWqBRTVT90Oez0Ikzn8fg==
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/ 		275 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75090f1f739e9858dd6a8b457369c28c82c0e7b0f513a5829bc24b54c575b417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95821
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:06 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:18:33 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
873
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 21 Mar 2024 21:18:33 GMT
js
www.googletagmanager.com/gtag/ 		290 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-84VCY6WLS2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDKJS6DK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5467d800a5dba181f97a50a574ebdee92676cf2585f582608e2e30831d85b82b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99185
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:06 GMT
js
www.googletagmanager.com/gtag/ 		291 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KWN7SNX9GG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDKJS6DK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eec3dcad85a9000398ba548046929c2ff646e9ab3217a1d25282b878c7165726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99272
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:06 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDKJS6DK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kiad7000093-IAD
fbevents.js
connect.facebook.net/en_US/ 		216 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0a5:116:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Mar 2024 19:33:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57659
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=94, rtx=0, c=12, mss=1294, tbw=2783, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
YPBbZ75G/CD3jpecrFcCN7MRjxRR/dNlL7V93Nd7cDAxBvPt1CgPZ/dnly+ral+0E7SsOXnTvdfkylOVdEBqqA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 99C7 		474 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
52
x-cache
HIT
content-length
298
x-request-id
4482fe48-d3cc-4125-8791-c5666a1054f1
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
30
.deploy_status_henson.json
js.stripe.com/v3/ Frame 99C7 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
52
x-cache
HIT
content-length
298
x-request-id
1a1e050b-a198-4774-b942-70504aafd746
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
31
.deploy_status_henson.json
js.stripe.com/v3/ Frame B04F 		474 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
52
x-cache
HIT
content-length
298
x-request-id
b2934c33-b223-4be9-96c7-42bd88247f86
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
29
.deploy_status_henson.json
js.stripe.com/v3/ Frame B04F 		474 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-8b86b255b8b0522f0f1ed0a340e6f82c.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
52
x-cache
HIT
content-length
298
x-request-id
3346cc4d-da87-41a2-a8a8-8bf3818a1941
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
29
out-4.5.43.js
m.stripe.network/ Frame 7FD8 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:1400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:31:18 GMT
content-encoding
br
via
1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
109
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
JFK50-P8
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
gBPVi4VBDMt6ZHOP25LSx9FogHNU3KqVUVIIWIFaZWG7hluyK1Ks9g==
86805f25aecb6aee
secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3D68 		0
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/86805f25aecb6aee
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=fjI76m9QoT1YlspXFnQPi8Q0bIKZZSP2cZZWXmSnkoA-1711049586-1.0.1.1-nUw0Tw1JhcDYQ18xPy7yPunA6ObgcirfjbRxdvlYYE3_vEAQkdg8pwMcPha1XcyuWKVxlUSabvyQUe2lrsepIRXXUBYc8dVZYhJNdu12nlhkwfY0VEw0e6YBEVc2E.6UQK_1BsQZ5fgrXp8T6RRA8wg6zNNipytPRNpaC5RSjho; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=fjI76m9QoT1YlspXFnQPi8Q0bIKZZSP2cZZWXmSnkoA-1711049586-1.0.1.1-nUw0Tw1JhcDYQ18xPy7yPunA6ObgcirfjbRxdvlYYE3_vEAQkdg8pwMcPha1XcyuWKVxlUSabvyQUe2lrsepIRXXUBYc8dVZYhJNdu12nlhkwfY0VEw0e6YBEVc2E.6UQK_1BsQZ5fgrXp8T6RRA8wg6zNNipytPRNpaC5RSjho"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
text/plain; charset=UTF-8
cf-ray
86805f2cddb14bd5-BUF
alt-svc
h3=":443"; ma=86400
.deploy_status_henson.json
js.stripe.com/v3/ Frame 511B 		474 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:06 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
53
x-cache
HIT
content-length
298
x-request-id
cc99d4fa-4edf-46f1-8c3d-d63ae9089b7e
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
32
countryRanges-a050ba825d2a602f9a70b3873de9738c.json
js.stripe.com/v3/fingerprinted/data/ Frame 511B 		145 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/countryRanges-a050ba825d2a602f9a70b3873de9738c.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
81aaf31de5d4f6c62c1591581aeaae2c178bda07d48a9689c3eeb03f2bb51cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:06 GMT
via
1.1 varnish
age
526992
x-cache
HIT
content-length
39849
x-request-id
e5917d81-594c-43f0-9866-abe315d1f853
x-served-by
cache-yyz4548-YYZ
last-modified
Fri, 15 Mar 2024 17:04:40 GMT
server
Fastly
etag
"a050ba825d2a602f9a70b3873de9738c"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7151
wallet-config
merchant-ui-api.stripe.com/elements/ Frame B04F 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9bd4877f739f44179ccdad1d15476451e0f65ea9d7a67e7858b98415fced7ad5
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2621
reporting-endpoints
coop="https://q.stripe.com/coop-report"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
report-to
{"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to="coop"
expires
0
collect
gtm.winred.com/g/ 		474 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je43k0v867905447z872410129za200&_p=1711049585729&gcd=13l3l3l3l1&npa=0&dma=0&cid=500623797.1711049587&ecid=609834071&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=US&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1711049585729&sst.ude=0&_s=1&sid=1711049586&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&dt=Donate%20today!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl&epn.load_time_sec=-1711049585.3&epn.event_fire_time=1711049586278&ep.event_uuid=4b45be3e-c02f-4e4f-9a98-bad9a00cd49f&ep.isVideoPage=f&ep.referrer=&tfd=1468&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b03638c2cb7a717bc097c3bf9748b9e5566c12d1b79b5449b899df6fe462a4c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
86805f2dfe644bcf-BUF
alt-svc
h3=":443"; ma=86400
payframe
pay.google.com/gp/p/ui/ Frame 9F64 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eae2015abe74e3e2b48f400740017195384f62cb7b1f7b2515bc942b76558844
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8U1ZCa5qW6u-z-OVk0-aPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8U1ZCa5qW6u-z-OVk0-aPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 21 Mar 2024 19:33:06 GMT
expires
Thu, 21 Mar 2024 19:33:06 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmII1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTx9eXTBJArAbEYj7TWQ9HT2flWzedVQWINddPZw0EYqf0GawBQOxTP4M1Cohbb55jnQzEQjwcn6Z9Ws8mcONW3wxmAOIGNKI"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=621554664&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&ul=en-us&de=UTF-8&dt=Donate%20today!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=795656153&gjid=403092955&cid=500623797.1711049587&tid=UA-73658561-7&_gid=1920208285.1711049587&_slc=1&gtm=45He43k0n71NTQZ9Nv72410129za200&cd61=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&gcd=13l3l3l3l1&dma=0&z=1922403332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 19:33:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=500623797.1711049587&jid=795656153&gjid=403092955&_gid=1920208285.1711049587&_u=YCDAiEABBAAAAGAEK~&z=608764454
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 21 Mar 2024 19:33:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=621554664&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&ul=en-us&de=UTF-8&dt=Donate%20today!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YCDAiEABBAAAAGAEK~&jid=&gjid=&cid=500623797.1711049587&tid=UA-73658561-7&_gid=1920208285.1711049587&gtm=45He43k0n71NTQZ9Nv72410129za200&cd41=anonymous&cd58=f&cd61=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&gcd=13l3l3l3l1&dma=0&z=386476998
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 07:52:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
42032
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b4977dbd-477c-4d84-8207-b92a6716985c&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a3bf3fd7-d6b3-49ae-9798-b35c9683b54a&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&tw_iframe_status=0&txn_id=ogle9&type=javascript&version=2.3.29
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time
7
date
Thu, 21 Mar 2024 19:33:06 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
5c1f24d063200979
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
53e716708a0e35222fa7ebcd96ccdfba22cf03e4fa151d4dd1584c34615c058e
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b4977dbd-477c-4d84-8207-b92a6716985c&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a3bf3fd7-d6b3-49ae-9798-b35c9683b54a&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&tw_iframe_status=0&txn_id=ogle9&type=javascript&version=2.3.29
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time
6
date
Thu, 21 Mar 2024 19:33:06 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
f3818cdc12a7421a
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
c2842a2589ef2ac80cb9ddd2c60038941a80470401c27af96f11c2dc0a0e2ade
content-length
43
b
r.stripe.com/ Frame 99C7 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587169222
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711049587168595
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 99C7 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587169864
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711049587169580
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame B04F 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587169931
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711049587169739
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame B04F 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587170145
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711049587169944
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame B04F 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587170366
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1711049587170079
access-control-allow-credentials
true
content-length
0
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-84VCY6WLS2&gtm=45je43k0v9166400684z89166403822za200&_p=1711049585729&gcd=13l3l3l3l1&npa=0&dma=0&cid=500623797.1711049587&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711049586&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&dt=Donate%20today!&en=page_view&_fv=1&_ss=1&tfd=1572
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84VCY6WLS2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 19:33:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-KWN7SNX9GG&gtm=45je43k0v9103656553z89166403822za200&_p=1711049585729&gcd=13l3l3l3l1&npa=0&dma=0&cid=500623797.1711049587&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711049586&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&dt=Donate%20today!&en=page_view&_fv=1&_ss=1&tfd=1607
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KWN7SNX9GG&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 19:33:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 9F64 		160 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea88d1ff163b63bcdb3091144c3c92fed69749cddb3c54c0936f5b113aa065e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 02:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57999
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 10:18:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 02:06:57 GMT
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 99C7 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c3f799b622f9da3d5d794f053121ab050df0323d2856939fd8c409342658af19
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2621
reporting-endpoints
coop="https://q.stripe.com/coop-report"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
report-to
{"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to="coop"
expires
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73658561-7&cid=500623797.1711049587&jid=795656153&_u=YCDAiEABBAAAAGAEK~&z=1334272743
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 19:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7027876837222824
connect.facebook.net/signals/config/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/7027876837222824?v=2.9.150&r=stable&domain=secure.winred.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0a5:116:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa982878228fb5f58b64cb0dd4018d2e6de845ffdffaeba55395e5f9ea5f5676
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Mar 2024 19:33:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=104, rtx=0, c=63, mss=1294, tbw=62790, tp=-1, tpl=-1, uplat=47, ullat=1
pragma
public
x-fb-debug
byoqPfhGmgmZIO/8tpDYIM9bD4S0ge0LRqeD7yXgUSNwTIlz66IUiWPmyZm1/OH6uW2fhJPuTkgWskk/AsTbHQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 511B 		474 B
492 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-f47ffba3da564f173460f3a665030778.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
53
x-cache
HIT
content-length
298
x-request-id
aa4cb9c1-33e4-4c08-bf72-9161e6568bf0
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
33
b
r.stripe.com/ Frame 99C7 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587260227
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1711049587259501
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame 7FD8 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.21.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-21-45.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
757f3cf8ec35cc60d7e6617aec6d6be534a01644f72cb7ee03825bfc9f9ce174
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 21 Mar 2024 19:33:07 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1711049587296788
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
4
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1711049587296331
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
enforcement-mode
stripe.com/cookie-settings/ Frame B04F 		15 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stripe.com/cookie-settings/enforcement-mode
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-3906a5c19ff9d346bc3ff91a6b61c953.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
cf47d3a034eb704dbc6a1b479427ab513892062349ae526c3b96a4ba6465e3d4
Security Headers
Name Value
Content-Security-Policy report-uri /csp-report?p=%2Fcookie-settings%2Fenforcement-mode;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-security-policy
report-uri /csp-report?p=%2Fcookie-settings%2Fenforcement-mode;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-stripe-server-envoy-start-time-us
1711049587259747
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-envoy-upstream-service-time
14
cross-origin-resource-policy
same-site
content-length
15
reporting-endpoints
coop="https://q.stripe.com/coop-report"
x-stripe-bg-intended-route-color
green
server
nginx
access-control-max-age
300
report-to
{"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1711049587259460
vary
Origin
x-stripe-server-envoy-upstream-service-time-ms
13
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to="coop"
collect
analytics.google.com/g/s/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e43k0v867905447z872410129z9867900975za200&_gsid=X6H0114PDFi9MKTSHqY0HWMIwAVlYdIw
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-X6H0114PDF&cid=OsBh8M%2FbwSm4iVSLtB5RRT11a2jIeaeBKXu8hbo0bpA%3D.1711049587&gtm=45j91e43k0v867905447z872410129z9867900975za200&aip=1
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqF... Frame 9F64 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqFQvOMX6Go.L.B1.O/am=gEE2/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhkZkLeV1Vd4p0vowFDUrzuh7H1cw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecefb434ffc013bcccb97e4f91522f3960a3a40a980dec8f29db52f37984f3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 01:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27995
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 04:10:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 01:47:14 GMT
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=7027876837222824&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&rl=&if=false&ts=1711049587190&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711049587189.2080961270&ler=empty&cdl=API_unavailable&it=1711049587022&coo=false&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f189:184:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=94, rtx=0, c=10, mss=1294, tbw=2775, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 21 Mar 2024 19:33:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pay
pay.google.com/gp/p/ui/ Frame 9F64 		1 MB
379 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95db91c76fa27d0e779236f95557481d1f2a65ec1f86ecb57b324c54fbfd247d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce--I6JDeU0LNXO3cXXuPm06Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce--I6JDeU0LNXO3cXXuPm06Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmII1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTx9eXTBJArAbEYj7TWQ9HT2flWzedVQWINddPZw0EYqf0GawBQOxTP4M1Cohbb55jnQzEQjwcn6d9Ws8mcOHB8TZGAOKGNMY"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 21 Mar 2024 19:33:07 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqF... Frame 9F64 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqFQvOMX6Go.L.B1.O/am=gEE2/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhkZkLeV1Vd4p0vowFDUrzuh7H1cw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1d200c7495efbff8d3917102586f66326de2a8993d55c9fa0832086a311a035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 02:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3746
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 04:10:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 02:12:11 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqF... Frame 9F64 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqFQvOMX6Go.L.B1.O/am=gEE2/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhkZkLeV1Vd4p0vowFDUrzuh7H1cw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b961b522ba4ac315a47e59deb708a9d7af02d8d61e4340dbaca0ce69f48ecae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 02:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14262
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 04:10:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 02:00:07 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9F64 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:07 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9F64 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:07 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9F64 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:07 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9F64 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:07 GMT
collect
gtm.winred.com/g/ 		65 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je43k0v867905447z872410129za200&_p=1711049585729&gcd=13l3l3l3l1&npa=0&dma=0&cid=500623797.1711049587&ecid=609834071&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=US&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1711049585729&sst.ude=0&_s=2&sid=1711049586&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&dt=Donate%20today!&en=user%20session%20start&ep.pagepath=%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl&epn.load_time_sec=-1711049585.3&epn.event_fire_time=1711049586301&ep.event_uuid=f17c1c1d-ad24-428e-9317-10994fbb543a&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=4&tfd=1974&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
86805f30af874bcf-BUF
alt-svc
h3=":443"; ma=86400
enforcement-mode
stripe.com/cookie-settings/ Frame 99C7 		15 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stripe.com/cookie-settings/enforcement-mode
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-3906a5c19ff9d346bc3ff91a6b61c953.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
cf47d3a034eb704dbc6a1b479427ab513892062349ae526c3b96a4ba6465e3d4
Security Headers
Name Value
Content-Security-Policy report-uri /csp-report?p=%2Fcookie-settings%2Fenforcement-mode;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-security-policy
report-uri /csp-report?p=%2Fcookie-settings%2Fenforcement-mode;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-stripe-server-envoy-start-time-us
1711049587371209
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-envoy-upstream-service-time
20
cross-origin-resource-policy
same-site
content-length
15
reporting-endpoints
coop="https://q.stripe.com/coop-report"
x-stripe-bg-intended-route-color
green
server
nginx
access-control-max-age
300
report-to
{"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1711049587370880
vary
Origin
x-stripe-server-envoy-upstream-service-time-ms
19
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to="coop"
b
r.stripe.com/ Frame B04F 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587374353
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711049587373780
access-control-allow-credentials
true
content-length
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9F64 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:07 GMT
hcaptcha-invisible-6a685558fd6d913708d128091251ea9e.html
js.stripe.com/v3/ Frame A3B8 		71 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-6a685558fd6d913708d128091251ea9e.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
bb07e0848b1ca63dbd98207afbf32c5935fae75c05be3e7e67bcbb48441acb6e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-TqXnfXwr3YVD00luevZMG3GJhKjZEv4OXt8CMdSKac8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4793
cache-control
max-age=31536000
content-encoding
br
content-length
25165
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-TqXnfXwr3YVD00luevZMG3GJhKjZEv4OXt8CMdSKac8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:07 GMT
etag
"6a685558fd6d913708d128091251ea9e"
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
158
x-content-type-options
nosniff
x-request-id
b80794c1-2575-43ed-af81-e4e977504eec
x-served-by
cache-yyz4566-YYZ
b
r.stripe.com/ Frame 99C7 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587398211
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711049587397940
access-control-allow-credentials
true
content-length
0
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ 		148 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
7866873
x-cache
HIT
content-length
40295
x-request-id
fd6f6dfc-ec45-41f2-a966-de8e5b8e604c
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Dec 2023 18:13:42 GMT
server
Fastly
etag
"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5214
elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
js.stripe.com/v3/ Frame 7008 		78 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1315bf52c35709a0718a3e7e1d54adc144a159455ef92967482d030f24783e16
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4793
cache-control
max-age=31536000
content-encoding
br
content-length
16211
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:07 GMT
etag
"14f4425cd2545e82391f97c48b5ad3fd"
last-modified
Thu, 21 Mar 2024 18:10:04 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
93
x-content-type-options
nosniff
x-request-id
93e01d99-657a-45b9-a6f5-d2a1bc5214d8
x-served-by
cache-yyz4566-YYZ
log
play.google.com/ Frame 9F64 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.-dJQeqVow6I.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrixV8N9oTeXW90BHsvlHt_I2ksH0g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 19:33:07 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
b
r.stripe.com/ Frame B04F 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587419430
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711049587419216
access-control-allow-credentials
true
content-length
0
elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
js.stripe.com/v3/ Frame 7C1E 		820 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9a05280ceba0981711495da22b3183275dd9fb296f69414476b22a40af69efba
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4602
cache-control
max-age=31536000
content-encoding
br
content-length
369
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:07 GMT
etag
"0ad025c11b284665d39dc6f4b26dd1e2"
last-modified
Thu, 21 Mar 2024 18:10:04 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
51
x-content-type-options
nosniff
x-request-id
ac39b4c9-c6ea-4fe2-a589-b60184b5be59
x-served-by
cache-yyz4566-YYZ
shared-b4a6eac4cca983acf7352ebfb471f117.js
js.stripe.com/v3/fingerprinted/js/ Frame 7008 		538 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
4794
x-cache
HIT
content-length
133450
x-request-id
53003da8-d36b-4480-b405-265fff4033e2
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"51f747550641bfd144171653770630b6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
921
elements-inner-link-button-for-card-2064bf99971724f1f258e6a4115bd42f.js
js.stripe.com/v3/fingerprinted/js/ Frame 7008 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-2064bf99971724f1f258e6a4115bd42f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
df82b07a0a1754ebde47031d31d0fa8546a50725c61325b3a7c237fec21f3274
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
699695
x-cache
HIT
content-length
9749
x-request-id
50d11f48-605d-45c5-bb81-01bffc96dee7
x-served-by
cache-yyz4566-YYZ
last-modified
Wed, 13 Mar 2024 17:06:56 GMT
server
Fastly
etag
"776b8f5eb7150b1295180c0ac8fd6c1b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4087
elements-inner-link-button-for-card-e0892059cc36c5a207d4915b8be6a4f3.css
js.stripe.com/v3/fingerprinted/css/ Frame 7008 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-e0892059cc36c5a207d4915b8be6a4f3.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d9b7faa0259f5b0961455f53b4a507fba4bd0ed70dffac0bdaf2f94298c74b40
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-link-button-for-card-14f4425cd2545e82391f97c48b5ad3fd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
4151407
x-cache
HIT
content-length
4362
x-request-id
b83c0848-ba79-429c-8ad0-670fd0ea9631
x-served-by
cache-yyz4566-YYZ
last-modified
Fri, 02 Feb 2024 18:19:28 GMT
server
Fastly
etag
"ec65bfd4737d216032b538eb56aec1bd"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3983
.deploy_status_henson.json
js.stripe.com/v3/ Frame A3B8 		474 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-6a685558fd6d913708d128091251ea9e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/hcaptcha-invisible-6a685558fd6d913708d128091251ea9e.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
53
x-cache
HIT
content-length
298
x-request-id
ba2d2bb5-89d8-4f53-b1f5-8cb7eec5d047
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34
HCaptchaInvisible.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame E01E 		419 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=9fcc71e5-8ea2-499f-998f-941d38ad7184&origin=https%3A%2F%2Fjs.stripe.com
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-6a685558fd6d913708d128091251ea9e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7046e325bee6e4ffd4581616a2b76772f5749fbd45eb77998a1b5810ed476d2e
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
283
content-security-policy
base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 19:33:07 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-request-id
f20a05fa-45d9-4e61-b117-9ada2623c00b
x-served-by
cache-yyz4566-YYZ
x-timer
S1711049587.480176,VS0,VE82
6
m.stripe.com/ Frame 7FD8 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.21.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-21-45.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
757f3cf8ec35cc60d7e6617aec6d6be534a01644f72cb7ee03825bfc9f9ce174
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 21 Mar 2024 19:33:07 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1711049587468356
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1711049587467839
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 7FD8 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.21.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-21-45.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
757f3cf8ec35cc60d7e6617aec6d6be534a01644f72cb7ee03825bfc9f9ce174
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 21 Mar 2024 19:33:07 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1711049587517635
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1711049587516995
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
shared-b4a6eac4cca983acf7352ebfb471f117.js
js.stripe.com/v3/fingerprinted/js/ Frame 7C1E 		538 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
4794
x-cache
HIT
content-length
133450
x-request-id
882ed76c-7d3b-4ec0-b9f6-909ba49c7273
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"51f747550641bfd144171653770630b6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
922
ui-shared-05d31098445ce495a09bc4de12e32ac5.js
js.stripe.com/v3/fingerprinted/js/ Frame 7C1E 		414 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-05d31098445ce495a09bc4de12e32ac5.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
94628f7fa989d5833eb6640bfd6d55d09e3da7af57af23f2589d95d787a08a58
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
4794
x-cache
HIT
content-length
119757
x-request-id
1259bc14-477f-4749-aa0d-91e183ba7399
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Mar 2024 18:10:17 GMT
server
Fastly
etag
"d50998a933e21f6a323d8c212149d052"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
147
elements-inner-payment-request-3b1df48280d5bfa95f63bbead6ea9c94.js
js.stripe.com/v3/fingerprinted/js/ Frame 7C1E 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-3b1df48280d5bfa95f63bbead6ea9c94.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ea518923d3d811ef2eafdb37a2b58d78792945041cb9d97c4b93b6c8b26b37c0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
169528
x-cache
HIT
content-length
26504
x-request-id
15f314a4-579b-4c57-845c-71d6831aabae
x-served-by
cache-yyz4566-YYZ
last-modified
Tue, 19 Mar 2024 20:24:13 GMT
server
Fastly
etag
"01a67e3a83d635399fd90a555743d5b5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1307
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 7C1E 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
20819143
x-cache
HIT
content-length
3304
x-request-id
66d1427e-5c14-4264-9275-f444bcc47c3f
x-served-by
cache-yyz4566-YYZ
last-modified
Mon, 24 Jul 2023 20:23:04 GMT
server
Fastly
etag
"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8228
elements-inner-payment-request-a49aec18c6a61b9877a3e66b7d1acd95.css
js.stripe.com/v3/fingerprinted/css/ Frame 7C1E 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-a49aec18c6a61b9877a3e66b7d1acd95.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dc009d0a6b3539bd512c40a5165423f42391f6b0b1160eb90a6ba9daaff7715a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:07 GMT
via
1.1 varnish
age
169528
x-cache
HIT
content-length
2794
x-request-id
1afdfb6e-9303-4ea6-a17e-9781f0d417ec
x-served-by
cache-yyz4566-YYZ
last-modified
Tue, 19 Mar 2024 20:24:03 GMT
server
Fastly
etag
"1cc40f1252663417f546034dc9467ebe"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1295
.deploy_status_henson.json
js.stripe.com/v3/ Frame 7C1E 		474 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-request-0ad025c11b284665d39dc6f4b26dd1e2.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
53
x-cache
HIT
content-length
298
x-request-id
1fc2cf66-49eb-4dd5-b09f-28ef5d90d685
x-served-by
cache-yyz4548-YYZ
last-modified
Thu, 21 Mar 2024 18:41:37 GMT
server
Fastly
etag
"659dc2426e26cf9b0cf87d356350752b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
35
b
r.stripe.com/ Frame B04F 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587564729
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711049587564397
access-control-allow-credentials
true
content-length
0
api.js
hcaptcha.com/1/ Frame E01E 		377 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=9fcc71e5-8ea2-499f-998f-941d38ad7184&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ce6dfbff9580fedc2bf83983e61c4e60be591db426b894cee0856f940d3d4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://b.stripecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
MlFfpMnkchp6vnI4RIG.dHT7gB_Yv6oO
age
0
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Mar 2024 14:46:12 GMT
server
cloudflare
etag
W/"a396c234be2390b3438c57265de306da"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
86805f333f7b7117-YYZ
x-amz-cf-id
7uL7N4bnz47kTGxrJM7kMuLzpJil9rMh71Embyj3oNiQ6RsVqhSusw==
vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame E01E 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=9fcc71e5-8ea2-499f-998f-941d38ad7184&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fa38eebb1eca7c94241152ae35cec12209d942905dc49f6d00dbe50636441258
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=9fcc71e5-8ea2-499f-998f-941d38ad7184&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 21 Mar 2024 19:33:07 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
1387192
x-cache
HIT
content-length
38076
x-request-id
48111e32-e314-469b-bfdb-c75fbd42e931
x-served-by
cache-yyz4566-YYZ
server
Fastly
x-timer
S1711049588.658647,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3208
HCaptchaInvisible.b27e55a4db75cd3e653a.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.21/ Frame E01E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.b27e55a4db75cd3e653a.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=9fcc71e5-8ea2-499f-998f-941d38ad7184&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
eccf72d793ee9369fb1c8217a3cebd89e035b728e6eae08b7e12332886b0f95e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.21/HCaptchaInvisible.html?id=9fcc71e5-8ea2-499f-998f-941d38ad7184&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 21 Mar 2024 19:33:07 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
1387192
x-cache
HIT
content-length
7278
x-request-id
1ceabe4e-2299-4836-800f-b0b2250c212f
x-served-by
cache-yyz4566-YYZ
server
Fastly
x-timer
S1711049588.658640,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3161
rum
secure.winred.com/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://secure.winred.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86805f33cfd04bd5-BUF
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/c44fc00/static/ Frame 12CE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c44fc00/static/hcaptcha.html?_v=ht9slhqz3sg
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5955466dd83f0c5b2726dc948e1917eeb29b480b0eaefac04f7341744ba683eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
706478
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
86805f33f89b7117-YYZ
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Thu, 21 Mar 2024 19:33:07 GMT
last-modified
Wed, 13 Mar 2024 14:46:12 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
x-amz-cf-id
AH7wXnylT5K7KXmMr77cirGxkCdcfYBrLqXaf9UbN0v5SC08n6LSsA==
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
iyWJoCXhL7jCezBuTb3w_5sD0hRyaCMY
x-cache
Miss from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 99C7 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587870670
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1711049587870525
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 99C7 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:07 GMT
x-stripe-server-envoy-start-time-us
1711049587901498
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1711049587901184
access-control-allow-credentials
true
content-length
0
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/c44fc00/ Frame 12CE 		377 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c44fc00/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c44fc00/static/hcaptcha.html?_v=ht9slhqz3sg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ce6dfbff9580fedc2bf83983e61c4e60be591db426b894cee0856f940d3d4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c44fc00/static/hcaptcha.html?_v=ht9slhqz3sg
Origin
https://newassets.hcaptcha.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
MlFfpMnkchp6vnI4RIG.dHT7gB_Yv6oO
age
302466
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Mar 2024 14:46:12 GMT
server
cloudflare
etag
W/"a396c234be2390b3438c57265de306da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
86805f3439337117-YYZ
x-amz-cf-id
7uL7N4bnz47kTGxrJM7kMuLzpJil9rMh71Embyj3oNiQ6RsVqhSusw==
checksiteconfig
api.hcaptcha.com/ Frame 12CE 		719 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/checksiteconfig?v=c44fc00&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c44fc00/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a736f90e9ae7fbb9c9d209d8fc1e45adf23e47023e92f6761e3bd15358fb44ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Mar 2024 19:33:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
86805f34ea847117-YYZ
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame B04F 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:08 GMT
x-stripe-server-envoy-start-time-us
1711049588020714
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711049588019814
access-control-allow-credentials
true
content-length
0
hsw.js
newassets.hcaptcha.com/c/aa1f2f9/ Frame 12CE 		514 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/aa1f2f9/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c44fc00/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4e3ab77dba009c6c10a610c019d172550a158502bbc8847ee08af9677f1603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/c44fc00/static/hcaptcha.html?_v=ht9slhqz3sg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 50d743941b822ae5fa30db69233863a6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
awioUrDmmDmgk_mRZR7KJ5abTcttfOQ0
age
90631
x-amz-cf-pop
YTO50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Mar 2024 13:36:41 GMT
server
cloudflare
etag
W/"dedf386bc5de22af87910bb5962e83db"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
86805f354da2369c-YYZ
x-amz-cf-id
OXuoFUIuaOqoLdWlqTfC3uucNE0OO1MssI3tWaFUOi9OMloa_K6ONg==
b
r.stripe.com/ Frame 511B 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:08 GMT
x-stripe-server-envoy-start-time-us
1711049588116249
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711049588115695
access-control-allow-credentials
true
content-length
0
463b917e-e264-403f-ad34-34af0ee10294
api.hcaptcha.com/getcaptcha/ Frame 12CE 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c44fc00/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4790ec0fac96ec475979cafff720d93aee9da7877ced4b2197c64d9a10b587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json, application/octet-stream
Referer
https://newassets.hcaptcha.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 19:33:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
86805f37da86369c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
3312
b
r.stripe.com/ Frame B04F 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:08 GMT
x-stripe-server-envoy-start-time-us
1711049588567052
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1711049588566643
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 99C7 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b4a6eac4cca983acf7352ebfb471f117.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 19:33:09 GMT
x-stripe-server-envoy-start-time-us
1711049589754874
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711049589754105
access-control-allow-credentials
true
content-length
0
common.js
maps.googleapis.com/maps-api-v3/api/js/56/5/ 		255 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
022127b699426ba8b3e5307970563207b398ad7cdcb7d1d9e65dd27191b25bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 17:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56812
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 17:01:25 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/56/5/ 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ea4691f54da4fc5cddc12da99c6271f027a492d0b3bceb1530eb95432bc5e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 17:30:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57076
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 17:30:06 GMT
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 19:33:12 GMT
via
1.1 varnish
age
7866873
x-cache
HIT
content-length
127
x-request-id
01dc0b03-dfc4-4599-bddf-0f62b4c1927a
x-served-by
cache-yyz4566-YYZ
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Fastly
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18667
collect
gtm.winred.com/g/ 		65 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je43k0v867905447z872410129za200&_p=1711049585729&gcd=13l3l3l3l1&npa=0&dma=0&cid=500623797.1711049587&ecid=609834071&ul=en-us&sr=1600x1200&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=US&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1711049585729&sst.ude=0&_s=3&sid=1711049586&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl%3Fp_id%3D9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2%26recurring%3Dtrue%26utm_campaign%3D20240321_topoffq1_bobcl4%26utm_medium%3Dp2p%26utm_source%3Dbobcl4&dt=Donate%20today!&en=page_load_time_event&ep.pagepath=%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fmccormick-pa%2Fq1-goal-march-sms-bobcl&epn.load_time_sec=2.5&epn.event_fire_time=1711049587797&ep.event_uuid=46e5a293-07cb-470e-a9ba-6a6131ade6a9&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=2.48&_et=1011&tfd=7488&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fa45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:33:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
86805f5318b74bd8-BUF
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| dataLayer boolean| isWinRed string| app_platform object| webpackChunkStripeJSouter function| noop function| Stripe function| $ function| jQuery object| jQuery112406363085437552352 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass object| bioEp function| Cookies object| App object| picturefillCFG function| picturefill object| party function| UAParser function| gm_authFailure object| antiClickjack object| __cfBeacon function| landingPageFormSubmitRecaptchaSuccess function| landingPageFormSubmitRecaptchaError object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| regeneratorRuntime object| twttr

30 Cookies

Domain/Path Name / Value
app.revv.co/api/v3/users Name: rvid
Value: 6bfe2ab6-5d3d-4c90-a01f-af75bb47dce6
.secure.winred.com/ Name: __cf_bm
Value: vmRAcb6IAFdITF1_kXfDXXCO3rdXW5nvcTFAs4tdP38-1711049585-1.0.1.1-gaetF4xGI5.VKXRrrOTdEru0.PZdKCeE67fdR8iC.kPLN1f4WQvixDg0x7Rctd8hNjRL_W34Rrp6zSbBHnvwzg
secure.winred.com/ Name: origin_url
Value: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
.revv.co/ Name: _revv_v3_session
Value: K1p3czI5WDlOSkkxbXZERmhVU0gvdUJpUjFxZVc0WW1OU1NkQUR2b3ArNFFZV2J5ek00dUdPVzZJK2lxMWF1blhBM0dxaW1sL3RrdnVNZmJUTDB3R3c9PS0tMlBTS0tFMWViTHU5YTdjRW5zUmN6QT09--5747ab17b76fcac6eec07cf61803dc13d552d842
.revv.co/ Name: __cf_bm
Value: SOg4xPdlv2DpT1T0srAf3ZH0VQnUSNMuYNq2T7twkcI-1711049586-1.0.1.1-9smHE4bnN.F9ZFXXj5at_spaAQwF_CY0L5OpFfv1kqohnsSWagabTnZUMSwsr3x8Sb13sCzeuqFOZmgei9YV4A
.winred.com/ Name: _gcl_au
Value: 1.1.740319539.1711049586
.winred.com/ Name: _revv_v3_session
Value: QTBMSWJSOGRtc1M3YU44VjBBaXVma3h2OHlta0RNNXJRb0JDeEE0WFlINDlEemkxZ0wxeE5yWndUNXRFOTExRG0wOTZMZlhqUDJ1WTMyTlFBU0xnRW5ySElLUURVdjVFVk1UQXBVZmlCamhLS0FrSEpiZlNlWXJCcUkxNFdUUlMxRURoTEU1a0xuMmtRU2p3dm41TVlqenpDKzU2ak0zN2Iwa3hnOGJYdnlQS0VQZzFDeHA3aXB3b0N6WjNMYktPN1I5TG1Bd3lrYS9neDZPM3J5aytoWmdqUXpRN1ljbSt3RDE4Zlk1RE1xTkNRMi9MWVRwZ1hib0F6aE5DS1JZcWw5VlNzcUtValpKOVNkbTgrZnNjeHdBVTBRTzY5SHNzVUF6Y3BkdklQcENQOXZQbXNCWTg0TU5DYlBlOW9USjAzcXl6RXlGa3hsT3M5eTQrUzlhRnlrZ0RPUmhCM1NqZHUxWitPRHNDM0dBPS0taXgzQkdxUUFKTkx0NXhFZ3NxeUJQdz09--0563191ff0a9ec356a9731ad9b2d2f037cc0c5ff
secure.winred.com/ Name: sso_tries
Value: 1
secure.winred.com/ Name: rvid
Value: 6bfe2ab6-5d3d-4c90-a01f-af75bb47dce6
.secure.winred.com/ Name: cf_clearance
Value: zLuvwcYTXPHn6ShE5Sorbb7SLKqJC.MAaFfWhsNYZIk-1711049586-1.0.1.1-nyUQfKRZ6ZOKmos__wEy1SO7mkp3CzwdzOKT4QL_YUko45zq.E3mTQ1o479dGjz6mt8diMYk9df3JvP7Rx7.vg
.winred.com/ Name: _gid
Value: GA1.2.1920208285.1711049587
.winred.com/ Name: _dc_gtm_UA-73658561-7
Value: 1
.winred.com/ Name: _ga_84VCY6WLS2
Value: GS1.1.1711049586.1.0.1711049586.0.0.0
.winred.com/ Name: _ga
Value: GA1.1.500623797.1711049587
.winred.com/ Name: _ga_KWN7SNX9GG
Value: GS1.1.1711049586.1.0.1711049586.0.0.0
.t.co/ Name: muc_ads
Value: 6283eedc-0e43-4fa1-950c-4c9a6bb64d3d
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171104958699479136
.twitter.com/ Name: guest_id_ads
Value: v1%3A171104958699479136
.twitter.com/ Name: personalization_id
Value: "v1_vXCx4efn/+bq55emJEqXww=="
.twitter.com/ Name: guest_id
Value: v1%3A171104958699479136
.winred.com/ Name: FPID
Value: FPID2.2.OsBh8M%2FbwSm4iVSLtB5RRT11a2jIeaeBKXu8hbo0bpA%3D.1711049587
.winred.com/ Name: FPGSID
Value: 1.1711049587.1711049587.G-X6H0114PDF.i9MKTSHqY0HWMIwAVlYdIw
.winred.com/ Name: _fbp
Value: fb.1.1711049587189.2080961270
m.stripe.com/ Name: m
Value: 19801861-9b1d-462b-8507-6e7d2e89045003ea59
.secure.winred.com/ Name: __stripe_mid
Value: 3397d446-53cb-40c7-894e-a7d6560e5146fde5a3
.secure.winred.com/ Name: __stripe_sid
Value: c01d7259-fbab-4fdb-8811-43f8a6723fa76bba0f
.google.com/ Name: NID
Value: 512=aahCUohH-216J91Nm-C83eXnGj2r96vd4nJTbQPhxI-Iq5R66M-myq-ZWkmOiXSSwpw65y8fA2D8Izk2E_mWtQfSRZ4vQxwcjf5jwVRSr0bi7SsDNZVDDXxA3E0VzgK4yvgmm8knEYpF7wiSQisnU3ykB4LsP1IJyb8nSz9ZOwg
.winred.com/ Name: FPLC
Value: gMS21s6E9hx%2B6O5DeE1LoMWsM93j2VKoLc32JPE1O0Ul7uFFLPQQ6vexSgGLvk%2BXws%2FzfSFIBNp2EOoav90myvVwsSBWO4JtbfL%2Fv2VwWRFTDOClooBysWAD1m6d7Q%3D%3D
.winred.com/ Name: _ga_X6H0114PDF
Value: GS1.1.1711049586.1.0.1711049587.0.0.609834071
api.hcaptcha.com/ Name: hmt_id
Value: 3189f699-ca0a-445d-9794-8ff308d439a8

32 Console Messages

Source Level URL
Text
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/7027876837222824?v=2.9.150&r=stable&domain=secure.winred.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.winred.com/mccormick-pa/q1-goal-march-sms-bobcl?p_id=9302811055821132q5pe8ie66JMepzzDZYIcoFdeFKUtjV6KA9YmEEFp2&recurring=true&utm_campaign=20240321_topoffq1_bobcl4&utm_medium=p2p&utm_source=bobcl4
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.twitter.com
api.hcaptcha.com
app.revv.co
b.stripecdn.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
dmpa.us
gtm.winred.com
hcaptcha.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
merchant-ui-api.stripe.com
newassets.hcaptcha.com
pay.google.com
play.google.com
r.stripe.com
secure.winred.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
stripe.com
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.18.125.91
104.244.42.5
104.244.42.67
146.75.28.157
151.101.64.176
198.202.176.141
2600:9000:2514:1400:19:7d10:bd80:93a1
2600:9000:26fa:d800:0:7d26:ee00:93a1
2606:4700::6810:5049
2606:4700::6810:fa45
2606:4700::6813:d359
2606:4700::6813:d459
2607:f8b0:4004:c06::5c
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::93
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::64
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::9b
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1d::8a
2a03:2880:f0a5:116:face:b00c:0:3
2a03:2880:f189:184:face:b00c:0:25de
34.102.231.129
50.112.21.45
54.186.23.98
00d78f1b546be10cade7ee23189e82e1fef2bc0af078f85f3b92bcd2e17d0655
022127b699426ba8b3e5307970563207b398ad7cdcb7d1d9e65dd27191b25bb4
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
08c8f5c6fdcf4d4992fe6bcf310cc3e7433ad7100e97fbf2b8bcb793cd367f6e
0a4790ec0fac96ec475979cafff720d93aee9da7877ced4b2197c64d9a10b587
0ea4691f54da4fc5cddc12da99c6271f027a492d0b3bceb1530eb95432bc5e60
12125bff75c6dbdacd97488f6ce70b57aa2f241182dc054fb7aeb7eb38f7c880
1315bf52c35709a0718a3e7e1d54adc144a159455ef92967482d030f24783e16
1b563eda3dbdadcc71e09378d95a6c9f338b9d68b685742c67f07a9a924edb1f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23cb7b3a104a308527233a6467e84a80b618cdfd8e96b87db8f9608db693efcc
2e4e3ab77dba009c6c10a610c019d172550a158502bbc8847ee08af9677f1603
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3689e777c5bad3ef423b24ec1b121e7fd3336f74e5a54a1673d4cdb14f664cd8
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3b961b522ba4ac315a47e59deb708a9d7af02d8d61e4340dbaca0ce69f48ecae
4594458e10f3bbbbd120b9a11bd0dd49262022cf6a4fc6097dcb5345ae7ec996
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5467d800a5dba181f97a50a574ebdee92676cf2585f582608e2e30831d85b82b
54ce6dfbff9580fedc2bf83983e61c4e60be591db426b894cee0856f940d3d4d
570474c4c0cd5c681dbac417338f042041148c2b93cf4176102973b0ad93fbde
5955466dd83f0c5b2726dc948e1917eeb29b480b0eaefac04f7341744ba683eb
5b63fd077baba6c28e30b43a992c291aae2a7e03d414d765b19f80093ad5cf56
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
684abfdf9accfc4f91488a7aa23a69058b1735c76172bc9cf22e1166bf12e6ac
7046e325bee6e4ffd4581616a2b76772f5749fbd45eb77998a1b5810ed476d2e
75090f1f739e9858dd6a8b457369c28c82c0e7b0f513a5829bc24b54c575b417
757f3cf8ec35cc60d7e6617aec6d6be534a01644f72cb7ee03825bfc9f9ce174
81aaf31de5d4f6c62c1591581aeaae2c178bda07d48a9689c3eeb03f2bb51cd3
8293f99ab5044743e33100d09ebcaf7097cd4fa2a7574fbd476e99e987beebdf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89818d0f252047d1ad939d0982d33455a9f31a5b236bab5bbabc2b9dfada71a4
937bf21c22c7694f6a367f7d9da088ba819763c7ab6bd1bd6c99c367801f9e16
94628f7fa989d5833eb6640bfd6d55d09e3da7af57af23f2589d95d787a08a58
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95db91c76fa27d0e779236f95557481d1f2a65ec1f86ecb57b324c54fbfd247d
961951e588ed2cbd0dadda321becf5c4d27451bb0896262f86e7d922da5794ca
9686f1d72ecac1891927614d9cf97912988aa6ad8bb106485ac21c8552bc1521
9a05280ceba0981711495da22b3183275dd9fb296f69414476b22a40af69efba
9b03638c2cb7a717bc097c3bf9748b9e5566c12d1b79b5449b899df6fe462a4c
9bd4877f739f44179ccdad1d15476451e0f65ea9d7a67e7858b98415fced7ad5
9c027b89c4391bfc52486ad22d377f8599a4176290fcc43a6b0a36ac12019a59
a736f90e9ae7fbb9c9d209d8fc1e45adf23e47023e92f6761e3bd15358fb44ad
a76888aba9148a29ab1e0a64d01e72d6255b4b5ab54888b8108d9b703c8f783a
a822578947b59a967c22031f5e839c377eee5ecd82d96f5d90915b4c31edc125
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac95d3faf410ee82c9745c9dc6a5a049ae52800dce219ff894c62aca9d82c655
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb07e0848b1ca63dbd98207afbf32c5935fae75c05be3e7e67bcbb48441acb6e
c073dbd3008e525565a37cacee6fb8960a017a1713ab97257e4e1763fe973984
c1d200c7495efbff8d3917102586f66326de2a8993d55c9fa0832086a311a035
c3f799b622f9da3d5d794f053121ab050df0323d2856939fd8c409342658af19
c55695d2700264c33b2a33530f453527daecbb0986317b15d0b83a1f158da723
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce5bf601250ca0b81f273f7b65d22c3af4e16fa443284028a1f141e1ca43637e
cf47d3a034eb704dbc6a1b479427ab513892062349ae526c3b96a4ba6465e3d4
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d9b7faa0259f5b0961455f53b4a507fba4bd0ed70dffac0bdaf2f94298c74b40
dc009d0a6b3539bd512c40a5165423f42391f6b0b1160eb90a6ba9daaff7715a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df82b07a0a1754ebde47031d31d0fa8546a50725c61325b3a7c237fec21f3274
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ea518923d3d811ef2eafdb37a2b58d78792945041cb9d97c4b93b6c8b26b37c0
ea88d1ff163b63bcdb3091144c3c92fed69749cddb3c54c0936f5b113aa065e4
eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b
eae2015abe74e3e2b48f400740017195384f62cb7b1f7b2515bc942b76558844
eccf72d793ee9369fb1c8217a3cebd89e035b728e6eae08b7e12332886b0f95e
ecefb434ffc013bcccb97e4f91522f3960a3a40a980dec8f29db52f37984f3d8
eec3dcad85a9000398ba548046929c2ff646e9ab3217a1d25282b878c7165726
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa38eebb1eca7c94241152ae35cec12209d942905dc49f6d00dbe50636441258
fa982878228fb5f58b64cb0dd4018d2e6de845ffdffaeba55395e5f9ea5f5676
fc2e52ee9e3c6923f731ec22d8a82cbdbcae502f496d94cb3d8dab2299516a0d
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
ff3bcb4b6ff50975328f38e8553353ce3c0a5bf93a578f9c4d6affc81870c349