secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.updates.mpactworld.com/click/goux-2suyef-d4fam9-kvl0z8t8/
Effective URL:
https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t14...
Submission: On March 27 via manual (March 27th 2024, 6:52:55 pm UTC) from US — Scanned from CA

Summary HTTP 72 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 19 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6813:d459, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 27828.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.156.37.76 15.156.37.76	16509 (AMAZON-02) (AMAZON-02)
1 14	2606:4700::68... 2606:4700::6813:d459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
5	2600:9000:26f... 2600:9000:26fa:5000:0:7d26:ee00:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6813:d359	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5	174.129.203.161 174.129.203.161	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:251... 2600:9000:2514:e200:9:d7ff:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:f945	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
3	142.250.80.78 142.250.80.78	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
72	22

1 15.156.37.76 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-156-37-76.ca-central-1.compute.amazonaws.com

click.updates.mpactworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6813:d459 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26fa:5000:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d359 (United States)

ASN13335 (CLOUDFLARENET, US)

app.revv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 174.129.203.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-203-161.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:e200:9:d7ff:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:f945 (United States)

ASN13335 (CLOUDFLARENET, US)

gtm.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c0b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	winred.com 1 redirects secure.winred.com — Cisco Umbrella Rank: 27828 gtm.winred.com — Cisco Umbrella Rank: 108034	216 KB
10	stripe.com js.stripe.com — Cisco Umbrella Rank: 1209	208 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	585 KB
5	google.ca www.google.ca — Cisco Umbrella Rank: 9137	316 B
5	google.com analytics.google.com — Cisco Umbrella Rank: 148 www.google.com — Cisco Umbrella Rank: 2	481 B
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2872	9 KB
5	cloudfront.net d35ligi1n5bgzc.cloudfront.net	275 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 355	188 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	70 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	274 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 815	724 B
1	t.co t.co — Cisco Umbrella Rank: 676	377 B
1	decide.dev cdn1.decide.dev — Cisco Umbrella Rank: 28288	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 772	15 KB
1	revv.co app.revv.co — Cisco Umbrella Rank: 251394	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 813	7 KB
1	mpactworld.com 1 redirects click.updates.mpactworld.com	371 B
72	19

	Domain	Requested by
14	secure.winred.com	1 redirects secure.winred.com static.cloudflareinsights.com
10	js.stripe.com	secure.winred.com js.stripe.com
6	www.googletagmanager.com	secure.winred.com www.googletagmanager.com
5	www.google.ca	secure.winred.com
5	tags.srv.stackadapt.com	secure.winred.com tags.srv.stackadapt.com
5	d35ligi1n5bgzc.cloudfront.net	secure.winred.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.winred.com
4	maps.googleapis.com	secure.winred.com maps.googleapis.com
3	analytics.google.com	www.googletagmanager.com secure.winred.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com secure.winred.com
2	www.google.com	secure.winred.com
2	gtm.winred.com	www.googletagmanager.com
2	connect.facebook.net	secure.winred.com connect.facebook.net
1	www.facebook.com	secure.winred.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	analytics.twitter.com	secure.winred.com
1	t.co	secure.winred.com
1	cdn1.decide.dev	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	app.revv.co	secure.winred.com
1	static.cloudflareinsights.com	secure.winred.com
1	click.updates.mpactworld.com	1 redirects
72	22

This site contains links to these domains. Also see Links.

Domain
winred.com
stevescalise.com
act.stevescalise.com
www.dropbox.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2024-01-22` - `2024-12-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.decide.dev Amazon RSA 2048 M02	`2023-11-26` - `2024-12-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-04` - `2025-01-02`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Frame ID: 73976B03D25ECC3909B877971AFA284D
Requests: 62 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 2965200E50F117986CDC5A315BEA0863
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-467eb32dd99b244325e42c3a0682f75a.html
Frame ID: 4A7466B087755EA9B2A0C0618D46832E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-7b2db673237c3618f03466809225c5a1.html
Frame ID: F3502C347098D37FB65A7A35963444E7
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-467eb32dd99b244325e42c3a0682f75a.html
Frame ID: 3488C9B70F3ECECC685D1EC55B8352F6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-d95989b726ad774cd0eb30c5e89165fc.html
Frame ID: 7B576DC98D1210A989E478F6F07799AA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-e69ad0bf235ca27dfff58afce516418c.html
Frame ID: 2F9A3762B95FAC1DCC203DB940B6DFD5
Requests: 1 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 480B748F04E49BADA262CF71B444DE96
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-d97dadba4e70da5a268d4090c31b61c0.html
Frame ID: 55E62716F6E97DBE2F8788BD0A379707
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-a4068c92d3b51c48267fa2205a473d93.html
Frame ID: 43360E7C86A753FB2C4FFB8F4ADA3977
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nervous as a cat in a room full of rockers...

Page URL History Show full URLs

http://click.updates.mpactworld.com/click/goux-2suyef-d4fam9-kvl0z8t8/ HTTP 307
https://click.updates.mpactworld.com/click/goux-2suyef-d4fam9-kvl0z8t8/ HTTP 302
https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=2024032... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

72
Requests

99 %
HTTPS

65 %
IPv6

19
Domains

22
Subdomains

22
IPs

2
Countries

1603 kB
Transfer

5044 kB
Size

38
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://winred.com/terms/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://winred.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://stevescalise.com/privacy-policy/
Title: found here

Search URL Search Domain Scan URL

URL: https://act.stevescalise.com/terms-and-conditions/
Title: found here.

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/8ftiburfx5n61v8/Team%20Scalise%20Grassroots%20Contribution%20Form.pdf?dl=0
Title: please fill out this form

Search URL Search Domain Scan URL

URL: https://winred.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://winred.com/about-our-ads/
Title: About Our Ads

Search URL Search Domain Scan URL

URL: https://winred.com/support/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.updates.mpactworld.com/click/goux-2suyef-d4fam9-kvl0z8t8/ HTTP 307
https://click.updates.mpactworld.com/click/goux-2suyef-d4fam9-kvl0z8t8/ HTTP 302
https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/
Redirect Chain

http://click.updates.mpactworld.com/click/goux-2suyef-d4fam9-kvl0z8t8/
https://click.updates.mpactworld.com/click/goux-2suyef-d4fam9-kvl0z8t8/
https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756

51 KB
13 KB

748ms
334ms

Document
text/html

2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa5605cf289193e6db71cd1ccc4d4d28745872456b4822a8fe31d22891f61b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 86b193c62ce936b0-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-rack-cors: miss; no-origin
x-request-id: 9953e9e2-9cad-43fa-a0c6-d9897b7d18d5
x-revv-cache: Hit from Revv
x-runtime: 0.039310
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
content-length: 302
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:22 GMT
location: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
refresh: 0; URL=https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
server: cmp-trk-s1-02

GET
H2 200 / Show response
js.stripe.com/v3/ 607 KB
168 KB 1274ms
186ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bb50bdccfec1f7439b6ecba2f10aff6872a218175fc309912d922b0adfb696d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 18:52:24 GMT
via: 1.1 varnish
age: 57
x-cache: HIT
content-length: 171639
x-request-id: 9131cd8a-54a7-456a-b4c5-3519639ea0a1
x-served-by: cache-yyz4572-YYZ
last-modified: Wed, 27 Mar 2024 17:48:34 GMT
server: Fastly
etag: "5908b093411ba92ed48c995ed5190486"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 49

GET
H3 200 landing_page-3968f5904dec2b9e4ac682afbbe1c597411a5c73d3347f649ca3519af7341e26.css
secure.winred.com/assets/ 219 KB
34 KB 235ms
234ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/landing_page-3968f5904dec2b9e4ac682afbbe1c597411a5c73d3347f649ca3519af7341e26.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1443c44a7b57867341dc8672a0760a27022e09b0a879382419e76050b9e3b2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:23 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vxg5CpH_B6xdTh8GwX_mpv80H2TW2BGd
cf-cache-status: HIT
x-amz-request-id: NM0C72HC55JC7KN1
age: 483
cf-polished: origSize=227838
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qD5oZHSLvYg9Yy7GeBBPUcjy2YkvtvaiOONGu9A7NxmEbBa49dZ61wBaMYIZAVIJlMQgwPS1r6U=
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 00:15:44 GMT
server: cloudflare
etag: W/"329984a284542f41c75ad5d8242d14e4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b193c8587236b0-YYZ
expires: Wed, 27 Mar 2024 22:52:23 GMT

GET
H3 200 1711458691.css
secure.winred.com/stylesheets/rv_page_01h63yxa5d0tvnam1fq64gtc2c/ 8 KB
3 KB 2185ms
2184ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/stylesheets/rv_page_01h63yxa5d0tvnam1fq64gtc2c/1711458691.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9531af806020c1c1c89bc227e56a130885e24e0dac177c72319a870ecdeb5497

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: miss; no-origin
date: Wed, 27 Mar 2024 18:52:23 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 1916
cf-polished: origSize=8546
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 85ec9556-4b30-43f3-9759-f83e61e2804d
x-runtime: 0.039479
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 18:20:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556952
cf-ray: 86b193c8587736b0-YYZ
expires: Fri, 28 Mar 2025 00:41:35 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 232 KB
76 KB 773ms
218ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6cdbc3799049e1ae9a52fc01a293c245c4c8585f2ad36f202798c7bc915f1de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77422
x-xss-protection: 0

GET
H3 200 application-landing-page-b78ec89be53c9aa2c404880c3a61bdb343400a7e10696324378b7cf5fa148916.js Show response
secure.winred.com/assets/ 488 KB
137 KB 2383ms
2382ms Script
application/javascript 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/application-landing-page-b78ec89be53c9aa2c404880c3a61bdb343400a7e10696324378b7cf5fa148916.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f68d3cd4f8dd0a5d92cda6c31148e9057db0ab602a26f20cd0431b26031a9c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:23 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 3heAIR9B4zJG4ubHrLgHWWVGC8Fi2_wB
cf-cache-status: HIT
x-amz-request-id: NM09HFCBC87KTACH
age: 483
cf-polished: origSize=500025
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2n4+weAJIIjXcX0zyqyMj0pPzA/A98Z832LYxhgPVcRnO/5fMnIVxvSuKOFa6bG9JcKshUN8Q9Q=
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 00:15:39 GMT
server: cloudflare
etag: W/"a4b6c3ff93e2fa9e3aa3ec9829aa2f75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b193c8587b36b0-YYZ
expires: Wed, 27 Mar 2024 22:52:23 GMT

GET
H2 200 JNK-09v2-3-1024x873.jpg
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/633/580/large/ 91 KB
91 KB 1189ms
570ms Image
image/jpeg 2600:9000:26fa:5000:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/633/580/large/JNK-09v2-3-1024x873.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:5000:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b608f8c8ac9e6d5a18b61f9b114584903598dbe91d90d05bdcaa0247cabaed86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: LoPWROq3ooEFiZIqiJPsMcDOgj85gXz7
date: Wed, 27 Mar 2024 02:35:19 GMT
via: 1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
age: 58628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 93117
last-modified: Tue, 23 May 2023 20:15:33 GMT
server: AmazonS3
etag: "cb834d4af76d0a48ac04d310186131b8"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: 9uZEMeAFZCWv-N_SJecF63NeWwYHjeo7f3xDlJOayczi1oAyL-Pvzg==

GET
H2 200 Scalise-Headshot.JPG
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/055/205/square/ 34 KB
35 KB 1118ms
500ms Image
binary/octet-stream 2600:9000:26fa:5000:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/055/205/square/Scalise-Headshot.JPG
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:5000:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94d77c1ce4b590199edfac861bc03a8ce8b2a4911e66a360bafae2299406200a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 19:39:28 GMT
x-amz-version-id: s60Q6FZEAVFj7VulbOebqQaiz8r.dtYA
via: 1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jul 2021 20:05:52 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 83579
etag: "d64641b6b6c8a334e463a54e16ab348e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 35104
x-amz-cf-id: WQg8txiRDCMufzH9WdBIJPs0Y3ICNSlY919fA2R8gFCozt7_1wra1g==

GET
H2 200 JNK_MMS_1.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/583/212/square/ 12 KB
13 KB 198ms
197ms Image
image/jpeg 2600:9000:26fa:5000:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/583/212/square/JNK_MMS_1.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:5000:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 594de31ed970135559ad3911537e925d2498422c75e59b12cb7d9ef901faa280

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8Zf4vQKEXYMi8VKS7bZA4lEnaBXUzNZy
date: Wed, 27 Mar 2024 16:29:40 GMT
via: 1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
age: 8568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12650
last-modified: Wed, 15 Mar 2023 15:18:56 GMT
server: AmazonS3
etag: "ac01d40e04e90ed424440cd46406b219"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: XP5ZyKSYCpr7ubmR5qFPfXdjUPm5vR2-3AgtsOh5PaThRYgML77C6w==

GET
H3 200 win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 9 KB
10 KB 14444ms
14443ms Image
image/webp 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:27 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aJPW9Tz10D0h5EN716h5nNhnc17HLXCv
cf-cache-status: HIT
x-amz-request-id: 4Y0KM1CZKG37T2B5
age: 361
cf-polished: origFmt=png, origSize=11635
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=K_gu1ok9lukxwJxDaQY3L_TeuFnXBn.UFPPiB7yvvk8-1711565547-1.0.1.1-KXlL0Azb4rE0kU.JJcTbVHg1jWC10.jx1UThCtAs2OqHxuupRbvWt_PN4Ja0Kyi7tjVLmLVOA5meL0jU.PcyaXsaTjkmWl91V_twDo2ZA_gKL25KOdifHHqGOXHqCWdRUI9yUVIQWQ90UNHt8VKBLkqqu.VIZq1PiTWdskQwGqA; report-to cf-csp-endpoint
content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8708
x-amz-id-2: 4OhX8q3tIAqsEEprXzlP0oHGCPShMTSOSC0gF7Iz+nqFXkk7vGV6yN3rk16fgFTZ5dDvEPYtDP0=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Mar 2024 00:21:38 GMT
server: cloudflare
etag: "972c0cca8d1e490484e89513f902e847"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=K_gu1ok9lukxwJxDaQY3L_TeuFnXBn.UFPPiB7yvvk8-1711565547-1.0.1.1-KXlL0Azb4rE0kU.JJcTbVHg1jWC10.jx1UThCtAs2OqHxuupRbvWt_PN4Ja0Kyi7tjVLmLVOA5meL0jU.PcyaXsaTjkmWl91V_twDo2ZA_gKL25KOdifHHqGOXHqCWdRUI9yUVIQWQ90UNHt8VKBLkqqu.VIZq1PiTWdskQwGqA"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b193dfaf0536b0-YYZ
expires: Wed, 27 Mar 2024 22:52:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 469 KB
105 KB 788ms
234ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3c6c1eb15805edcce036c7cbf7c7ee421a0acfe041271d117d6b6ea4bdbff7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107604
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 18:01:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 18:52:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 601 KB
117 KB 1084ms
531ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79625964b0f2bc52c7f237a747a1ceeb265ccf2bf8dd890136004f412186a85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119776
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 18:27:17 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 18:52:42 GMT

GET
H3 200 win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 19 KB
8 KB 14971ms
14970ms Image
image/svg+xml 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:27 GMT
x-amz-version-id: h6JYfO46CxPHIVbhCFXhjqzuvgXn2_Zk
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: SYVKE6PZK8XW4XXW
age: 7003
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=mjJWj9kGGFBdogU44zbgBo4Xf9yBrtsbUQurRerbyTo-1711565547-1.0.1.1-7HH3TFtJLX2I_Ec0BKZNj7SG8kpd2x6Ld0MHM0YqqxC.w1lOEYSnBjINx_GhTMAPwex0TLfvgKHfIU6TeYacp6EptyhhC_TDqKKXfE0tokouzm0GTqR5i18fEQrTrD3B0r_OQ3.Hgu3HCKPyd3yTmrn.3CeIyx5U2Wqh_c14RkA; report-to cf-csp-endpoint
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6d0AIzqvzmxAqdSUCxk5MS6Iawf0Lp68gsmQE1nKUEwzbZJlWIz3hbyCiPgBrknm5prKcil1JXc=
last-modified: Fri, 23 Feb 2024 02:52:53 GMT
server: cloudflare
etag: W/"d31530d4186af669daf4f47099614593"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=mjJWj9kGGFBdogU44zbgBo4Xf9yBrtsbUQurRerbyTo-1711565547-1.0.1.1-7HH3TFtJLX2I_Ec0BKZNj7SG8kpd2x6Ld0MHM0YqqxC.w1lOEYSnBjINx_GhTMAPwex0TLfvgKHfIU6TeYacp6EptyhhC_TDqKKXfE0tokouzm0GTqR5i18fEQrTrD3B0r_OQ3.Hgu3HCKPyd3yTmrn.3CeIyx5U2Wqh_c14RkA"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b193dfbf2036b0-YYZ
expires: Wed, 27 Mar 2024 22:52:27 GMT

GET
H3 200 email-decode.min.js Show response
secure.winred.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
860 B 517ms
514ms Script
application/javascript 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:42 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 86b1943b7cdc36b0-YYZ
expires: Fri, 29 Mar 2024 18:52:42 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 767ms
225ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
Origin: https://secure.winred.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:42 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 86b1943edcfa36d0-YYZ

GET
H3 200 American_Flag_Background.jpg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/052/267/large/ 134 KB
134 KB 178ms
177ms Image
image/jpeg 2600:9000:26fa:5000:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/052/267/large/American_Flag_Background.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01h63yxa5d0tvnam1fq64gtc2c/1711458691.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:5000:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9306c2781b12e1477058087fac325a2dde9ad1c174947aab95733a1fd18c4c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6kF553eE8qwAEeW.geHCAAkG9MZBoWud
date: Wed, 27 Mar 2024 12:06:13 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
age: 24390
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 137362
last-modified: Sun, 18 Jul 2021 17:23:19 GMT
server: AmazonS3
etag: "f61d7569e72ca36f61f890ec4120c98e"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: s_hfk69j_UWzNFOf2tkxI2_KW7ywwXB7pMhmnD6t8EGyT3WQj1CLJw==

GET
H3 200 icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ 290 B
820 B 509ms
509ms Image
image/webp 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/landing_page-3968f5904dec2b9e4ac682afbbe1c597411a5c73d3347f649ca3519af7341e26.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/assets/landing_page-3968f5904dec2b9e4ac682afbbe1c597411a5c73d3347f649ca3519af7341e26.css
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:42 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: WrwkLH_G_74cFy4BsV1m.aK7V4xDq.yM
cf-cache-status: HIT
x-amz-request-id: XMQPY5ZS78TDB5JH
age: 377
cf-polished: origFmt=png, origSize=560
content-disposition: inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
alt-svc: h3=":443"; ma=86400
content-length: 290
x-amz-id-2: gNVVqlPCF7P8n9+20HAS6OzNiS/cDnFDT2depKmuqf/qRJUExCrY0JlF5ZCcTSNvymfXXAGlwk4=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Mar 2024 00:21:36 GMT
server: cloudflare
etag: "571ee659b7ee9af9291e7dd8176721d5"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b1943b7ce836b0-YYZ
expires: Wed, 27 Mar 2024 22:52:42 GMT

GET
H3 200 icomoon-34054612395e15cc596894bf698d0a9d948caa556ade929b78a604447b9fbc3d.ttf
secure.winred.com/assets/ 3 KB
3 KB 507ms
507ms Font
binary/octet-stream 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/icomoon-34054612395e15cc596894bf698d0a9d948caa556ade929b78a604447b9fbc3d.ttf?8qpoa3

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/landing_page-3968f5904dec2b9e4ac682afbbe1c597411a5c73d3347f649ca3519af7341e26.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34054612395e15cc596894bf698d0a9d948caa556ade929b78a604447b9fbc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/assets/landing_page-3968f5904dec2b9e4ac682afbbe1c597411a5c73d3347f649ca3519af7341e26.css
Origin: https://secure.winred.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:42 GMT
x-amz-version-id: Llb934GOYP2biyy_jEgdojw3luKWLTLW
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 1MYWHKHE2HX6R6WY
age: 2178
alt-svc: h3=":443"; ma=86400
content-length: 2988
x-amz-id-2: 86FlWv9bEQL0Ytuybs0DOhVfDF559VEoBlThcQNZuOVm7TANdNwLcap2lznTgN0xiSdXSNegA1s=
last-modified: Wed, 27 Mar 2024 00:15:43 GMT
server: cloudflare
etag: "881732c4f2792db71043332dcb707586"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b1943b8cee36b0-YYZ
expires: Wed, 27 Mar 2024 22:52:42 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 2965 0
0 1058ms
649ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 11586729
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:43 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 197002
x-content-type-options: nosniff
x-request-id: b4bf8fdf-e092-462d-8ebd-8363c915f5b8
x-served-by: cache-yyz4546-YYZ

GET
H2 200 controller-experimental-467eb32dd99b244325e42c3a0682f75a.html
js.stripe.com/v3/ Frame 4A74 0
0 1001ms
648ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-experimental-467eb32dd99b244325e42c3a0682f75a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 229
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:43 GMT
etag: "467eb32dd99b244325e42c3a0682f75a"
last-modified: Wed, 27 Mar 2024 17:09:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 32f0217b-5890-4a70-bbe2-9cd42f65e051
x-served-by: cache-yyz4546-YYZ

GET
H2 200 elements-inner-card-7b2db673237c3618f03466809225c5a1.html
js.stripe.com/v3/ Frame F350 0
0 983ms
647ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-7b2db673237c3618f03466809225c5a1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5991
cache-control: max-age=31536000
content-encoding: br
content-length: 360
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:43 GMT
etag: "7b2db673237c3618f03466809225c5a1"
last-modified: Wed, 27 Mar 2024 17:09:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 163
x-content-type-options: nosniff
x-request-id: af883e9f-f3aa-410a-b57f-83c8115aa3f6
x-served-by: cache-yyz4546-YYZ

GET
H3 200 current_with_info Show response
app.revv.co/api/v3/users/ 162 B
1 KB 715ms
306ms XHR
application/vnd.api+json 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-b78ec89be53c9aa2c404880c3a61bdb343400a7e10696324378b7cf5fa148916.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

504b1bacc6c872b41019fc2e87251083f3d52cb7ed5f0ae57b18cec34d975c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors-original-access-control-allow-origin: https://secure.winred.com
x-rack-cors: hit
date: Wed, 27 Mar 2024 18:52:43 GMT
x-rack-cors-original-access-control-max-age: 0
x-rack-cors-original-access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-encoding: br
x-rack-cors-original-access-control-allow-methods: GET, POST, OPTIONS
x-rack-cors-original-access-control-expose-headers
alt-svc: h3=":443"; ma=86400
x-request-id: da51181f-3734-49a3-9995-76f1482ce766
x-runtime: 0.011099
server: cloudflare
etag: W/"504b1bacc6c872b41019fc2e87251083"
access-control-max-age: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.api+json
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
vary: Origin
cf-ray: 86b19443cf2a3739-YYZ

GET
H3 200 rv_page_01h63yxa5d0tvnam1fq64gtc2c-a0e764a352b7732cc6dd42b3d8f9288ba48dadf4 Show response
secure.winred.com/api/v3/donations/live/ 452 B
535 B 812ms
811ms XHR
application/json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/api/v3/donations/live/rv_page_01h63yxa5d0tvnam1fq64gtc2c-a0e764a352b7732cc6dd42b3d8f9288ba48dadf4?stream_id=93e14beefca9f6a70428e75f0887423bd5d40c4c&_=1711565562099

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-b78ec89be53c9aa2c404880c3a61bdb343400a7e10696324378b7cf5fa148916.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6a90fdf74b8e5c83195703f619e979b867cfa9ef923e40b539e74adc2fb5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-CSRF-Token: 5p2TBR0E1pawPLIf/wd1ZYFNQ9izDSHLgNwBd0c25z1yPJ+LA1oW0B2jV0fj9uSK3i0EdeIICrDFaiY0Lm6okw==
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: miss; no-origin
date: Wed, 27 Mar 2024 18:52:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 746cc7a7-ed6b-4fe6-aefe-3adbb1f69517
x-runtime: 0.011397
server: cloudflare
etag: W/"3b6a90fdf74b8e5c83195703f619e979"
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: public, max-age=60
cf-ray: 86b194411ebd36b0-YYZ
expires: Wed, 27 Mar 2024 18:53:43 GMT

GET
H2 200 controller-experimental-467eb32dd99b244325e42c3a0682f75a.html
js.stripe.com/v3/ Frame 3488 0
0 636ms
357ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-experimental-467eb32dd99b244325e42c3a0682f75a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 229
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:43 GMT
etag: "467eb32dd99b244325e42c3a0682f75a"
last-modified: Wed, 27 Mar 2024 17:09:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: 7c235134-50f3-4f4c-a53b-f8dea40f2c93
x-served-by: cache-yyz4546-YYZ

GET
H2 200 payment-request-inner-google-pay-d95989b726ad774cd0eb30c5e89165fc.html
js.stripe.com/v3/ Frame 7B57 0
0 918ms
652ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-d95989b726ad774cd0eb30c5e89165fc.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5973
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:43 GMT
etag: "d95989b726ad774cd0eb30c5e89165fc"
last-modified: Wed, 27 Mar 2024 17:10:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 121
x-content-type-options: nosniff
x-request-id: 913bed06-690f-451b-a01d-0c31089494dd
x-served-by: cache-yyz4546-YYZ

GET
H2 200 payment-request-inner-browser-e69ad0bf235ca27dfff58afce516418c.html
js.stripe.com/v3/ Frame 2F9A 0
0 910ms
649ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-e69ad0bf235ca27dfff58afce516418c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 36
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:43 GMT
etag: "e69ad0bf235ca27dfff58afce516418c"
last-modified: Wed, 27 Mar 2024 17:10:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: b15784bd-e414-4dfb-82f4-aa01d4e89237
x-served-by: cache-yyz4546-YYZ

GET
H3

200

main.js Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 480B
Redirect Chain

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

337ms
337ms

Script
application/javascript

2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Requested by

Protocol

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127884c8f3142e3ce97653edd4f9762bcb662e505a64294cf6814ea413389820

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 27 Mar 2024 18:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86b19442b98536b0-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 27 Mar 2024 18:52:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control: max-age=300, public
cf-ray: 86b194416f2a36b0-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 714ms
210ms XHR
application/json 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
96 KB 297ms
295ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5349431a8ddd68e6141825825d842c17762c9ed04594dad7f0e27a9b4510a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 18:52:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 936ms
369ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 18:06:53 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 27 Mar 2024 20:06:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
96 KB 396ms
396ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Y7ZCWY95C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17c3dacc3bb6969e5deb1db684d0837e481fc342d6d3779cf80e219a77016e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 18:52:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
92 KB 827ms
827ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CM6HT6HPTV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f72fab3fea903e75380b98bedb500b2ddf0b7352e5733882895364b607f2ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 18:52:43 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
78 KB 883ms
882ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-818121997&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

105f4c472504c0f6cedb6ac0d8ad242b562832be5f26dbdb3bf61dbb73e332a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79497
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 18:01:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 18:52:43 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 1235ms
464ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:44 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000051-IAD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 1001ms
404ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Mar 2024 18:52:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=13, mss=1392, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: cMBJHdVY8GKGsP4Cx3o9brGeebgoxHpvNMs8pB4fVua9LARzjmwa96c1jLvt2TplpgPG2rEQoYDcgtbQb1/1gw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 865ms
352ms Script
text/javascript 174.129.203.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.203.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-203-161.compute-1.amazonaws.com
Software: /
Resource Hash: a749ce1ac651c496f8cd3c7678a920532ac14bc8fd34bfe6f8657d46a692c7c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 27 Mar 2024 18:52:44 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 teamscalise_trumpsocial_lander.js Show response
cdn1.decide.dev/tracking/ 7 KB
3 KB 1559ms
228ms Script
application/javascript 2600:9000:2514:e200:9:d7ff:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.decide.dev/tracking/teamscalise_trumpsocial_lander.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:e200:9:d7ff:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23f2f78ce6d15a1e59ef738cafc4da5de4f6921b9e85136cdeb8c41bf940606

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ka_oe65ehsbq8xnlKoc4x4dqPOPYrtBh
content-encoding: gzip
via: 1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront)
date: Wed, 27 Mar 2024 08:25:46 GMT
last-modified: Wed, 22 Feb 2023 17:46:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 37619
x-amz-server-side-encryption: AES256
etag: W/"53a29991eb38b269e0e9291e8d871a31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Vo8iTzl8VZEtLwnaQVMOhvipl6OFFyPigQSu_y-1fv3mvfcDYtvV0Q==

POST
H3 200 86b193c62ce936b0 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 480B 0
343 B 304ms
272ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/86b193c62ce936b0

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Mar 2024 18:52:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 86b19445bec636b0-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 collect Show response
gtm.winred.com/g/ 734 B
921 B 874ms
436ms XHR
text/plain 2606:4700::6810:f945
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je43p0v867905447z872410129za200&_p=1711565543754&gcd=13l3l3l3l1&npa=0&dma=0&cid=1558947063.1711565565&ecid=1797846496&ul=en-us&sr=800x600&_fplc=0&ur=CA-ON&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sst.uc=CA&sst.gse=1&sst.etld=google.ca&sst.gcd=13l3l3l3l1&sst.tft=1711565543754&sst.ude=0&_s=1&sid=1711565564&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&dt=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p&epn.load_time_sec=-1711565542&epn.event_fire_time=1711565563528&ep.event_uuid=6920d53b-a99f-4ef1-80ff-b53714e29d7d&ep.isVideoPage=f&ep.referrer=&tfd=22477&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f945 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb18503b45eb92b6e6b6fe9e6f4f3ada78ad3b95242f64fd752391e3d95b77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:45 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 86b1944d0e7d36bc-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 233ms
232ms Stylesheet
text/css 174.129.203.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.203.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-203-161.compute-1.amazonaws.com
Software: /
Resource Hash: f5090c876363b9a6d94ca0c4a160a9dcc30f4d8736940a8c2a9ff36618718bd4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 27 Mar 2024 18:52:44 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 4131ms
2591ms Fetch
image/jpeg 174.129.203.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.203.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-203-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 27 Mar 2024 18:52:46 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
147 B 816ms
814ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=373862095&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&ul=en-us&de=UTF-8&dt=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDAiEABBAAAACAEK~&jid=769300336&gjid=1286665014&cid=1558947063.1711565565&tid=UA-73658561-7&_gid=280850757.1711565565&_slc=1&gtm=45He43p0n71NTQZ9Nv72410129za200&cd61=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&gcd=13l3l3l3l1&dma=0&z=2080287493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 1760ms
876ms XHR
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=1558947063.1711565565&jid=769300336&gjid=1286665014&_gid=280850757.1711565565&_u=YCDAiEABBAAAAGAEK~&z=1243501142

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 27 Mar 2024 18:52:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 810ms
809ms Image
image/gif 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=373862095&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&ul=en-us&de=UTF-8&dt=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&sd=24-bit&sr=800x600&vp=1600x1113&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YCDAiEABBAAAAGAEK~&jid=&gjid=&cid=1558947063.1711565565&tid=UA-73658561-7&_gid=280850757.1711565565&gtm=45He43p0n71NTQZ9Nv72410129za200&cd41=anonymous&cd58=f&cd61=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&gcd=13l3l3l3l1&dma=0&z=1729415884

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 08:42:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36642
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 2342ms
327ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bb017efa-59c3-4be9-b593-19f730ebd69d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=54f19ad0-f79d-4c38-9a7d-75fe4ed9ed00&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&tw_iframe_status=0&txn_id=oegy8&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 74
date: Wed, 27 Mar 2024 18:52:46 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 78bbcc3890e2bada
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 1849144f98bae58314b01a56c18d8e073b10819a2e962edb039e55d1fc55b21c
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 2168ms
351ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bb017efa-59c3-4be9-b593-19f730ebd69d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=54f19ad0-f79d-4c38-9a7d-75fe4ed9ed00&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&tw_iframe_status=0&txn_id=oegy8&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 6
date: Wed, 27 Mar 2024 18:52:45 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 67de20a210b19d94
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 4cfbdf673e5cb466a40e4dfeea622c7bc1969fb725832598a1c9029c7555af25
content-length: 43

GET
H3 200 collect Show response
gtm.winred.com/g/ 503 B
851 B 541ms
540ms XHR
text/plain 2606:4700::6810:f945
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je43p0v867905447z872410129za200&_p=1711565543754&gcd=13l3l3l3l1&npa=0&dma=0&cid=1558947063.1711565565&ecid=1797846496&ul=en-us&sr=800x600&_fplc=0&ur=CA-ON&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sst.uc=CA&sst.gse=1&sst.etld=google.ca&sst.gcd=13l3l3l3l1&sst.tft=1711565543754&sst.ude=0&_s=2&sid=1711565564&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&dt=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&en=user%20session%20start&ep.pagepath=%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p&epn.load_time_sec=-1711565542&epn.event_fire_time=1711565563556&ep.event_uuid=d5ed3e97-a6df-4c16-88ce-6ad1d4893a6a&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=6&tfd=22989&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f945 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bfa13fbf93620c7f46a529599195616ceceff32611bdb93371d94b36e226040

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:52:45 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 86b1944d7fbd36bc-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
288 B 640ms
639ms XHR
text/plain 174.129.203.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=7WlXqkCbytjp_O_OKWgGWg&is_js=true&landing_url=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&t=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&tip=3LAoMF9NYR5PxPtcZiPqVMNhDq79FbsM18H4f8Fq8bQ&host=https%3A%2F%2Fsecure.winred.com&sa-user-id-v3=s%253AAQAKIL3Ccm2Sy4uk0xDsR8rJNlDgKI9CEorD8fFrK4TpNPeQEAEYAyD81ZGwBjABOgT7-sM6QgRIM3ML.aKX%252FbRUXYEVqxX1zXE4fYpbCF2exlNpqJ9jlZHFH8ZA&sa-user-id-v2=s%253AGQQxpKbwWd55v1A87_eszKYAzVg.8QMkVnb3z4syk%252ByjXYlsMk4vvOfpIelnnbIT2sISuQ0&sa-user-id=s%253A0-190431a4-a6f0-59de-79bf-503ceff7accc.HRDtfp8lEH1PWi6GzmN8ZKQ812zEeJ%252BOUBB%252FGbHRgwU
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.203.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-203-161.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://secure.winred.com
date: Wed, 27 Mar 2024 18:52:45 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H2 204 collect
www.google-analytics.com/g/ 0
47 B 704ms
703ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CM6HT6HPTV&gtm=45je43p0v883914665z8858067114za200&_p=1711565543754&gcd=13l3l3l3l1&npa=0&dma=0&cid=1558947063.1711565565&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711565565&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&dt=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&en=page_view&_fv=1&_ss=1&ep.ex_tid=20240326_MM-GOP1.113481_t1466156-1756&tfd=23300
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CM6HT6HPTV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 1354ms
525ms Ping
text/plain 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4Y7ZCWY95C&gtm=45je43p0v877957326z8858067114za200&_p=1711565543754&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1558947063.1711565565&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711565565&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&dt=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&en=page_view&_fv=1&_ss=1&tfd=23345
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Y7ZCWY95C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s35-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 1039ms
878ms Ping
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4Y7ZCWY95C&cid=1558947063.1711565565&gtm=45je43p0v877957326z8858067114za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Y7ZCWY95C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 1265ms
481ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4Y7ZCWY95C&cid=1558947063.1711565565&gtm=45je43p0v877957326z8858067114za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=765287672

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/818121997/ 3 KB
2 KB 2251ms
1372ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/818121997/?random=1711565565397&cv=11&fst=1711565565397&bg=ffffff&guid=ON&async=1&gtm=45be43p0z8858067114za201&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&hn=www.googleadservices.com&frm=0&tiba=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&npa=0&pscdl=noapi&auid=243858614.1711565564&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-818121997&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dd0fcfc93cc82efa7c5a9ec1d8a9b2a406d27e397846be886c8d6e1b1c2111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
analytics.google.com/g/s/ 0
46 B 1316ms
526ms Image
text/plain 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e43q0v867905447z872410129z9867900975za200&_gsid=X6H0114PDFRL_v9VFM6ip_gMg6kNfi2w
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s35-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 1544ms
797ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&tid=G-X6H0114PDF&cid=iUree8NhH%2FaNHtwsqTndxvW58WCZ2ug99zFJ6jofvsQ%3D.1711565565&gtm=45j91e43q0v867905447z872410129z9867900975za200&aip=1&z=1566037375

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 999ms
877ms Image
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-X6H0114PDF&cid=iUree8NhH%2FaNHtwsqTndxvW58WCZ2ug99zFJ6jofvsQ%3D.1711565565&gtm=45j91e43q0v867905447z872410129z9867900975za200&aip=1
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
analytics.google.com/g/s/ 0
53 B 316ms
313ms Image
text/plain 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e43q0v867905447z872410129z9867900975za200&_gsid=X6H0114PDFXa2-G59GaVwC71WRhVBn0A
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s35-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 389ms
389ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 1294ms
757ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73658561-7&cid=1558947063.1711565565&jid=769300336&_u=YCDAiEABBAAAAGAEK~&z=191323419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 301ms
300ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73658561-7&cid=1558947063.1711565565&jid=769300336&_u=YCDAiEABBAAAAGAEK~&z=191323419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1943878355872195 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 172ms
171ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1943878355872195?v=2.9.151&r=stable&domain=secure.winred.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f1f6cea605151a2a01c72c48ed7770a58fdcd44e877c668859467720804b491

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Mar 2024 18:52:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11650
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=60, mss=1392, tbw=63167, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: YUZ6NsbG+5f5XqPocPwBjf4R0F384It1vCh1vB+l19Zd01owWQmR8htOxlRHxJWmeNhkvZuiohZ/1RbS2Y4F7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 2596ms
2015ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1943878355872195&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&rl=&if=false&ts=1711565567099&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711565567097.2119598627&ler=empty&cdl=API_unavailable&it=1711565566728&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 27 Mar 2024 18:52:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/818121997/ 42 B
64 B 245ms
243ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/818121997/?random=1711565565397&cv=11&fst=1711562400000&bg=ffffff&guid=ON&async=1&gtm=45be43p0z8858067114za201&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&frm=0&tiba=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqRxoIzqXd-_W3P5naRAIh5YSeNfgXtg&random=814093176&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/818121997/ 42 B
64 B 241ms
240ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/818121997/?random=1711565565397&cv=11&fst=1711562400000&bg=ffffff&guid=ON&async=1&gtm=45be43p0z8858067114za201&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F%3Frecurring%3Dtrue%26utm_campaign%3D20240326_MM-GOP1.113481_t1466156-1756%26ex_tid%3D20240326_MM-GOP1.113481_t1466156-1756&frm=0&tiba=Nervous%20as%20a%20cat%20in%20a%20room%20full%20of%20rockers...&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqRxoIzqXd-_W3P5naRAIh5YSeNfgXtg&random=814093176&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 18:52:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/5/ 255 KB
56 KB 755ms
751ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/5/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022127b699426ba8b3e5307970563207b398ad7cdcb7d1d9e65dd27191b25bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 18:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56812
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 20:45:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Mar 2025 18:13:19 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/5/ 181 KB
56 KB 403ms
400ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/5/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea4691f54da4fc5cddc12da99c6271f027a492d0b3bceb1530eb95432bc5e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 13:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57076
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 20:45:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Mar 2025 13:23:49 GMT

GET
H2 200 hcaptcha-invisible-d97dadba4e70da5a268d4090c31b61c0.html
js.stripe.com/v3/ Frame 55E6 0
0 164ms
163ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-d97dadba4e70da5a268d4090c31b61c0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-CcQcyy7yBxG0O/M7nLNHagqOAoPOmNxCosWnEWzXko8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5996
cache-control: max-age=31536000
content-encoding: br
content-length: 25165
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-CcQcyy7yBxG0O/M7nLNHagqOAoPOmNxCosWnEWzXko8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:49 GMT
etag: "d97dadba4e70da5a268d4090c31b61c0"
last-modified: Wed, 27 Mar 2024 17:10:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 196
x-content-type-options: nosniff
x-request-id: 2bb49237-f2d6-43dd-a098-67dea8d81ebc
x-served-by: cache-yyz4546-YYZ

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
40 KB 157ms
156ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 18:52:49 GMT
via: 1.1 varnish
age: 8382855
x-cache: HIT
content-length: 40295
x-request-id: f61417fb-6d16-4c23-b9c8-893f51e18734
x-served-by: cache-yyz4572-YYZ
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 542

GET
H2 200 elements-inner-link-button-for-card-a4068c92d3b51c48267fa2205a473d93.html
js.stripe.com/v3/ Frame 4336 0
0 468ms
467ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-a4068c92d3b51c48267fa2205a473d93.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5996
cache-control: max-age=31536000
content-encoding: br
content-length: 16248
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 18:52:49 GMT
etag: "a4068c92d3b51c48267fa2205a473d93"
last-modified: Wed, 27 Mar 2024 17:09:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 115
x-content-type-options: nosniff
x-request-id: 22856c29-2504-4aac-86c8-5c8264449d79
x-served-by: cache-yyz4546-YYZ

POST
H3 204 rum Show response
secure.winred.com/cdn-cgi/ 0
143 B 200ms
83ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Mar 2024 18:52:53 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://secure.winred.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 86b194848f7836b0-YYZ

GET
H3 200 Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/ 1 KB
2 KB 99ms
98ms Other
image/png 2600:9000:26fa:5000:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:5000:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FN8PLjpE4LnyaM50_d0emgSd0vAz496F
date: Wed, 27 Mar 2024 13:36:08 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
age: 19006
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1512
last-modified: Wed, 10 Jul 2019 18:21:57 GMT
server: AmazonS3
etag: "7b9c8b7070c8f9c81fc9a133d26daf4e"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: AQvcRHQdJtAf855Q9Fw4bh8Tj9jcKwlB6yg94heKWhMedCqTfFs06A==

GET
H2 204 js_tracking Show response
tags.srv.stackadapt.com/ 0
152 B 151ms
150ms XHR
text/plain 174.129.203.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fsecure.winred.com%2Fteam-scalise%2Fnervous-as-a-cat-kennedy-p%2F&uid=7WlXqkCbytjp_O_OKWgGWg&v=1&host=https%3A%2F%2Fsecure.winred.com
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.203.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-203-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://secure.winred.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://secure.winred.com
date: Wed, 27 Mar 2024 18:52:55 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.revv.co/api/v3/users	1970-01-21 05:02:05	Name: rvid Value: e6de8968-87ec-416b-91dc-310164d8c4f8
.winred.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: eU1PcWdSZVNYQ2hIMHUyTnFZVFg5eVZySUNTVUJPVk9LaFpqdnQ2TVNMT2tQR3krTnpMakhPczJoNTFYYjgzc0NhZEkvc0pSZ0QzaUlVRFRYZUhxc3A4NE9haitnOVJlWXZHYi9ndnJGS09IbkM2RjlsLzBKRG9CTWppSXNHa1djUUd0ZkJQeEpIcWZSM2hXd2YxY1lxN0toU3FpWFlHODVyanBWVzd5NU05Nkc5cVpoZzYzZVk3aXd5WXJoMTg5aHJya29oRGc0bjY0VEUxUXhwaHFsUjNVOFdaUE8wQldEbWVVVExZcjBhcE5UZFJ5VWNaKzVXZk5takNqc3lQTXM0ZzlHTXFnM0x0TTV1UTVhdzZVMlRIQWJDUG5oYWFoWkVNYzJLenVMWkxlWTJ3aSs1Y0xCZ0ZwU3JYeURBTjVNUEE5T2ROV0dzOFAvMHZsd20wZ1dzMFd5VmI5cVVMMnVBTUZkamZsYytJPS0tb1hSaVlQNEVva1N5SFBXSWNZV0xRdz09--acd7b19c0023a632d13fd8c8920ba85b89cf2947
.secure.winred.com/	1970-01-20 19:26:07	Name: __cf_bm Value: Me6xTZ22KAsoSCw4xs_HXolb9.OcaxuImxsf_Svnako-1711565543-1.0.1.1-cL2fq4hGM9QgbaCaxMDP7QRdsJq2_t0j1Jwxwqo4CJd.kiEtCOXYR_7svSO0OHY5Q29zYZAUOJHKhQfoPmXJ0g
secure.winred.com/	1969-12-31 23:59:59	Name: origin_url Value: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756
.winred.com/	1970-01-20 21:35:41	Name: _gcl_au Value: 1.1.243858614.1711565564
.revv.co/	1969-12-31 23:59:59	Name: _revv_v3_session Value: ZEo1ODdvaHBGQUdCNE1zQmVNQ3NuQTFNZkY0L2ZyVFFMc2NyeDkwTTAzY2J2dW9HbTBwVktheVJDNk5hYm1aSVRZbHpHQ0wyZ1doSXZBdllmVHV5enc9PS0tNUNJT1N5bUhYekFrY0tIQThSRnEzQT09--fc3f8b6d895a7ea4ac12af92b5262d10f2dd43c5
.revv.co/	1970-01-20 19:26:07	Name: __cf_bm Value: KLwJAfRqJt1x.F05BjnokTPo_DIMD97xYu..AoNFd7Y-1711565563-1.0.1.1-5rQ52rDwjk98owWp_NpadTa2qZ98jgVjOadAGNlW2TlLejYDPfREDoirW4WhJhN1FA8yIVnGSfnVcQvP3AuQUw
secure.winred.com/	1969-12-31 23:59:59	Name: sso_tries Value: 1
secure.winred.com/	1970-01-21 05:02:05	Name: rvid Value: e6de8968-87ec-416b-91dc-310164d8c4f8
.secure.winred.com/	1970-01-21 04:11:41	Name: cf_clearance Value: MiDOGbdQyD4QTkWRJblyUnZ9gqvH4X7bz3OITl6LSiI-1711565563-1.0.1.1-DssxOYFwnEga2VrSPwyY2uGKlJW8snj973E94GJJ.xtoQy0m5ZoxKWaG1zBp5sgKU7aBhXxc_p2JjxXMEpbfqQ
tags.srv.stackadapt.com/	1970-01-21 04:11:41	Name: sa-user-id Value: s%3A0-190431a4-a6f0-59de-79bf-503ceff7accc.HRDtfp8lEH1PWi6GzmN8ZKQ812zEeJ%2BOUBB%2FGbHRgwU
.srv.stackadapt.com/	1970-01-21 04:11:41	Name: sa-user-id Value: s%3A0-190431a4-a6f0-59de-79bf-503ceff7accc.HRDtfp8lEH1PWi6GzmN8ZKQ812zEeJ%2BOUBB%2FGbHRgwU
tags.srv.stackadapt.com/	1970-01-21 04:11:41	Name: sa-user-id-v2 Value: s%3AGQQxpKbwWd55v1A87_eszKYAzVg.8QMkVnb3z4syk%2ByjXYlsMk4vvOfpIelnnbIT2sISuQ0
.srv.stackadapt.com/	1970-01-21 04:11:41	Name: sa-user-id-v2 Value: s%3AGQQxpKbwWd55v1A87_eszKYAzVg.8QMkVnb3z4syk%2ByjXYlsMk4vvOfpIelnnbIT2sISuQ0
tags.srv.stackadapt.com/	1970-01-21 04:11:41	Name: sa-user-id-v3 Value: s%3AAQAKIL3Ccm2Sy4uk0xDsR8rJNlDgKI9CEorD8fFrK4TpNPeQEAEYAyD81ZGwBjABOgT7-sM6QgRIM3ML.aKX%2FbRUXYEVqxX1zXE4fYpbCF2exlNpqJ9jlZHFH8ZA
.srv.stackadapt.com/	1970-01-21 04:11:41	Name: sa-user-id-v3 Value: s%3AAQAKIL3Ccm2Sy4uk0xDsR8rJNlDgKI9CEorD8fFrK4TpNPeQEAEYAyD81ZGwBjABOgT7-sM6QgRIM3ML.aKX%2FbRUXYEVqxX1zXE4fYpbCF2exlNpqJ9jlZHFH8ZA
.winred.com/	1970-01-21 05:02:05	Name: _ga_X6H0114PDF Value: GS1.1.1711565564.1.0.1711565564.0.0.1797846496
secure.winred.com/	1970-01-21 04:11:41	Name: sa-user-id Value: s%253A0-190431a4-a6f0-59de-79bf-503ceff7accc.HRDtfp8lEH1PWi6GzmN8ZKQ812zEeJ%252BOUBB%252FGbHRgwU
secure.winred.com/	1970-01-21 04:11:41	Name: sa-user-id-v2 Value: s%253AGQQxpKbwWd55v1A87_eszKYAzVg.8QMkVnb3z4syk%252ByjXYlsMk4vvOfpIelnnbIT2sISuQ0
secure.winred.com/	1970-01-21 04:11:41	Name: sa-user-id-v3 Value: s%253AAQAKIL3Ccm2Sy4uk0xDsR8rJNlDgKI9CEorD8fFrK4TpNPeQEAEYAyD81ZGwBjABOgT7-sM6QgRIM3ML.aKX%252FbRUXYEVqxX1zXE4fYpbCF2exlNpqJ9jlZHFH8ZA
.winred.com/	1970-01-20 19:27:31	Name: _gid Value: GA1.2.280850757.1711565565
.winred.com/	1970-01-20 19:26:05	Name: _dc_gtm_UA-73658561-7 Value: 1
.winred.com/	1970-01-21 05:02:05	Name: _ga_CM6HT6HPTV Value: GS1.1.1711565565.1.0.1711565565.0.0.0
.winred.com/	1970-01-21 05:02:05	Name: _ga Value: GA1.1.1558947063.1711565565
.winred.com/	1970-01-21 05:02:05	Name: _ga_4Y7ZCWY95C Value: GS1.1.1711565565.1.0.1711565565.60.0.0
.winred.com/	1970-01-21 05:02:05	Name: FPID Value: FPID2.2.iUree8NhH%2FaNHtwsqTndxvW58WCZ2ug99zFJ6jofvsQ%3D.1711565565
.winred.com/	1970-01-20 19:27:17	Name: FPLC Value: dcpzaSVTW8DFVHc2NZAFyDZAABpvaXduhBDesMQMj5W%2Flh4GPzeaKRP6fnfsy4EOY9oItKHypxaPOvGf5%2BjopS5red9MDnc1dj6OkyYNJnMBW8sl5wB0e4MlDSEyOw%3D%3D
.winred.com/	1970-01-20 19:26:07	Name: FPGSID Value: 1.1711565565.1711565565.G-X6H0114PDF.Xa2-G59GaVwC71WRhVBn0A
.twitter.com/	1970-01-21 05:02:05	Name: guest_id_marketing Value: v1%3A171156556675938405
.twitter.com/	1970-01-21 05:02:05	Name: guest_id_ads Value: v1%3A171156556675938405
.twitter.com/	1970-01-21 05:02:05	Name: personalization_id Value: "v1_SQpYaOzzV+pYABAHruGVKA=="
.twitter.com/	1970-01-21 05:02:05	Name: guest_id Value: v1%3A171156556675938405
.winred.com/	1970-01-20 21:35:41	Name: _fbp Value: fb.1.1711565567097.2119598627
.t.co/	1970-01-21 05:02:05	Name: muc_ads Value: b1673d2a-1d89-4dde-994c-54bec7587cb2
.doubleclick.net/	1970-01-20 19:26:06	Name: test_cookie Value: CheckForPermission
m.stripe.com/	1970-01-21 05:02:05	Name: m Value: d6ddab1a-f9e9-4d5b-81ae-26feebc022d9ba7797
.secure.winred.com/	1970-01-21 04:11:41	Name: __stripe_mid Value: a6943588-2239-42d1-a05f-52f8da43db825831bd
.secure.winred.com/	1970-01-20 19:26:07	Name: __stripe_sid Value: b1ca7b2f-d6a1-4b9b-9ee7-94e9e2b5d113bdc5dd

55 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Found 2 elements with non-unique id #conduit_additional_fields_610793189_additional_field_id: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Found 2 elements with non-unique id #conduit_additional_fields_610793189_parameter_slug: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Found 2 elements with non-unique id #conduit_additional_fields_610793189_whitelisted_parameter_id: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Found 2 elements with non-unique id #conduit_employer_name: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Found 2 elements with non-unique id #conduit_mobile_number: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Found 2 elements with non-unique id #conduit_not_employed: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Found 2 elements with non-unique id #conduit_occupation: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1943878355872195?v=2.9.151&r=stable&domain=secure.winred.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.winred.com/team-scalise/nervous-as-a-cat-kennedy-p/?recurring=true&utm_campaign=20240326_MM-GOP1.113481_t1466156-1756&ex_tid=20240326_MM-GOP1.113481_t1466156-1756 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.twitter.com
app.revv.co
cdn1.decide.dev
click.updates.mpactworld.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
gtm.winred.com
js.stripe.com
maps.googleapis.com
secure.winred.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
104.244.42.67
104.244.42.69
142.250.80.78
146.75.28.157
15.156.37.76
151.101.128.176
151.101.64.176
174.129.203.161
2600:9000:2514:e200:9:d7ff:bd00:93a1
2600:9000:26fa:5000:0:7d26:ee00:93a1
2606:4700::6810:4f49
2606:4700::6810:f945
2606:4700::6813:d359
2606:4700::6813:d459
2607:f8b0:4004:c0b::9b
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2008
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200e
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
022127b699426ba8b3e5307970563207b398ad7cdcb7d1d9e65dd27191b25bb4
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0ea4691f54da4fc5cddc12da99c6271f027a492d0b3bceb1530eb95432bc5e60
0f1f6cea605151a2a01c72c48ed7770a58fdcd44e877c668859467720804b491
105f4c472504c0f6cedb6ac0d8ad242b562832be5f26dbdb3bf61dbb73e332a2
127884c8f3142e3ce97653edd4f9762bcb662e505a64294cf6814ea413389820
1443c44a7b57867341dc8672a0760a27022e09b0a879382419e76050b9e3b2e9
17c3dacc3bb6969e5deb1db684d0837e481fc342d6d3779cf80e219a77016e0d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
34054612395e15cc596894bf698d0a9d948caa556ade929b78a604447b9fbc3d
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
3b6a90fdf74b8e5c83195703f619e979b867cfa9ef923e40b539e74adc2fb5ba
3eb18503b45eb92b6e6b6fe9e6f4f3ada78ad3b95242f64fd752391e3d95b77c
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f72fab3fea903e75380b98bedb500b2ddf0b7352e5733882895364b607f2ad7
504b1bacc6c872b41019fc2e87251083f3d52cb7ed5f0ae57b18cec34d975c4e
5349431a8ddd68e6141825825d842c17762c9ed04594dad7f0e27a9b4510a773
594de31ed970135559ad3911537e925d2498422c75e59b12cb7d9ef901faa280
5bfa13fbf93620c7f46a529599195616ceceff32611bdb93371d94b36e226040
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
6cdbc3799049e1ae9a52fc01a293c245c4c8585f2ad36f202798c7bc915f1de5
77dd0fcfc93cc82efa7c5a9ec1d8a9b2a406d27e397846be886c8d6e1b1c2111
79625964b0f2bc52c7f237a747a1ceeb265ccf2bf8dd890136004f412186a85d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
94d77c1ce4b590199edfac861bc03a8ce8b2a4911e66a360bafae2299406200a
9531af806020c1c1c89bc227e56a130885e24e0dac177c72319a870ecdeb5497
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
a23f2f78ce6d15a1e59ef738cafc4da5de4f6921b9e85136cdeb8c41bf940606
a749ce1ac651c496f8cd3c7678a920532ac14bc8fd34bfe6f8657d46a692c7c4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b608f8c8ac9e6d5a18b61f9b114584903598dbe91d90d05bdcaa0247cabaed86
bb50bdccfec1f7439b6ecba2f10aff6872a218175fc309912d922b0adfb696d0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d3c6c1eb15805edcce036c7cbf7c7ee421a0acfe041271d117d6b6ea4bdbff7b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9306c2781b12e1477058087fac325a2dde9ad1c174947aab95733a1fd18c4c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5090c876363b9a6d94ca0c4a160a9dcc30f4d8736940a8c2a9ff36618718bd4
f68d3cd4f8dd0a5d92cda6c31148e9057db0ab602a26f20cd0431b26031a9c1a
fa5605cf289193e6db71cd1ccc4d4d28745872456b4822a8fe31d22891f61b1d
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

secure.winred.com Open in urlscan Pro 2606:4700::6813:d459 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

65 %IPv6

19 Domains

22 Subdomains

22 IPs

2 Countries

1603 kBTransfer

5044 kBSize

38 Cookies

8 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

65 %
IPv6

19
Domains

22
Subdomains

22
IPs

2
Countries

1603 kB
Transfer

5044 kB
Size

38
Cookies

72 HTTP transactions
0 data transactions