secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rwing.us/4eprGM
Effective URL:
https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.1159...
Submission: On July 18 via manual (July 18th 2024, 5:53:00 pm UTC) from US — Scanned from US

Summary HTTP 62 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 62 HTTP transactions. The main IP is 2606:4700::6813:d459, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 60737.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.83.253.106 99.83.253.106	16509 (AMAZON-02) (AMAZON-02)
1 13	2606:4700::68... 2606:4700::6813:d459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.249.48 18.160.249.48	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:400d:c0e::5f	15169 (GOOGLE) (GOOGLE)
5	2600:9000:208... 2600:9000:208f:5600:0:7d26:ee00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400d:c03::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:400d:c01::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.160.249.20 18.160.249.20	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:d359	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:400d:c0d::66	15169 (GOOGLE) (GOOGLE)
1	146.75.76.157 146.75.76.157	54113 (FASTLY) (FASTLY)
1	38.70.189.70 38.70.189.70	399647 (RUMBLE) (RUMBLE)
2	2606:4700::68... 2606:4700::6810:e534	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:400d:c01::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c21::9a	15169 (GOOGLE) (GOOGLE)
2	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::6a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
62	20

1 99.83.253.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab309889489bfc98b.awsglobalaccelerator.com

rwing.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6813:d459 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.249.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-249-48.ord58.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0e::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:208f:5600:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c03::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

lh7-us.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c01::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.160.249.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-249-20.ord58.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d359 (United States)

ASN13335 (CLOUDFLARENET, US)

app.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c0d::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.76.157 (Chicago, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.70.189.70 (Toronto, Canada)

ASN399647 (RUMBLE, US)

a.ads.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:e534 (United States)

ASN13335 (CLOUDFLARENET, US)

gtm.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c01::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::6a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	winred.com 1 redirects secure.winred.com — Cisco Umbrella Rank: 60737 app.winred.com — Cisco Umbrella Rank: 225445 gtm.winred.com — Cisco Umbrella Rank: 180080	217 KB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	152 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	625 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
5	cloudfront.net d35ligi1n5bgzc.cloudfront.net	1013 KB
4	google.com www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	175 B
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 567	206 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	1 KB
2	t.co t.co — Cisco Umbrella Rank: 979	630 B
2	googleusercontent.com lh7-us.googleusercontent.com — Cisco Umbrella Rank: 5757	360 KB
1	rmbl.ws a.ads.rmbl.ws — Cisco Umbrella Rank: 30096	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	rwing.us 1 redirects rwing.us	209 B
62	15

	Domain	Requested by
13	secure.winred.com	1 redirects secure.winred.com static.cloudflareinsights.com
8	js.stripe.com	secure.winred.com js.stripe.com
6	www.googletagmanager.com	secure.winred.com www.googletagmanager.com www.google-analytics.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.winred.com
5	d35ligi1n5bgzc.cloudfront.net	secure.winred.com
4	maps.googleapis.com	secure.winred.com maps.googleapis.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com secure.winred.com
2	analytics.google.com	www.googletagmanager.com secure.winred.com
2	www.google.com	secure.winred.com
2	analytics.twitter.com	secure.winred.com
2	t.co	secure.winred.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	gtm.winred.com	www.googletagmanager.com
2	lh7-us.googleusercontent.com	secure.winred.com
1	a.ads.rmbl.ws	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	app.winred.com	secure.winred.com
1	static.cloudflareinsights.com	secure.winred.com
1	rwing.us	1 redirects
62	19

This site contains links to these domains. Also see Links.

Domain
txtterms.co
winred.com
www.donaldjtrump.com
cdn.donaldjtrump.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2024-01-22` - `2024-12-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2024-09-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.googleusercontent.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
winred.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
a.ads.rmbl.ws E6	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
Frame ID: F98E7C290E926921732C089814B13F50
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 6335DDEA88236A969D1DABF434C7CC7B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-treatment-43da71ca1308923996feb1f8a1753817.html
Frame ID: 4392D8D87853EAEA27F8DE6AB4CF74AC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-839c1d7f447fbdff626b95c422fa95a8.html
Frame ID: A2E9FE884BC679648E350DE9688991E3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-treatment-43da71ca1308923996feb1f8a1753817.html
Frame ID: FDF27EC6CB14C90479FA24854A34EB67
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-74f46427807aa0cea4579084686319be.html
Frame ID: B1118A7930BF1DB86283F2A4EB353656
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-68574587415da4c2855dcfe071f029a9.html
Frame ID: 82204745AE0D95244FA2A59CA90DCD9C
Requests: 1 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Frame ID: A12946E4458B1DD626E9AFA9262E9A4A
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-bd3e333d41dc7008490bbd2f8dc3a00c.html
Frame ID: 6BEAA2F64E2F3D96B9EFB28E495F69D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MAGA

Page URL History Show full URLs

http://rwing.us/4eprGM HTTP 307
https://rwing.us/4eprGM HTTP 307
https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=2024071... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

62
Requests

97 %
HTTPS

65 %
IPv6

15
Domains

19
Subdomains

20
IPs

2
Countries

2623 kB
Transfer

5704 kB
Size

29
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://txtterms.co/88022-2/
Title: txtterms.co/88022-2

Search URL Search Domain Scan URL

URL: https://winred.com/terms/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://winred.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/join
Title: Interested in volunteering? Click here to sign up today.

Search URL Search Domain Scan URL

URL: https://cdn.donaldjtrump.com/djtweb24/general/TNC_Contributor_Form.pdf
Title: Want to donate by mail? Click here to print out a donation form that you can send to our address.

Search URL Search Domain Scan URL

URL: https://winred.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://winred.com/about-our-ads/
Title: About Our Ads

Search URL Search Domain Scan URL

URL: https://winred.com/support/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rwing.us/4eprGM HTTP 307
https://rwing.us/4eprGM HTTP 307
https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/
Redirect Chain

http://rwing.us/4eprGM
https://rwing.us/4eprGM
https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213

77 KB
17 KB

188ms
116ms

Document
text/html

2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29e8ee4321b7a9031ada20427d26cdc48c36e617ef6b48eabddda89465008a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8a5453fd0eac41cf-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:52:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-rack-cors: miss; no-origin
x-request-id: 4da0bf4b-74c4-4c7f-88ce-6b4424d78fe5
x-revv-cache: Hit from Revv
x-runtime: 0.029136
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/octet-stream
date: Thu, 18 Jul 2024 17:52:53 GMT
location: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
server: awselb/2.0

GET
H2 200 / Show response
js.stripe.com/v3/ 624 KB
152 KB 270ms
75ms Script
text/javascript 18.160.249.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-48.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b51b04fec7c87ea669c531ef19b8bc01f66f6f476999ca321c4e1a681d3875c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:14 GMT
content-encoding: br
via: 1.1 533a5d9af0ba89d040a59600c6a91ff4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 40
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
last-modified: Thu, 18 Jul 2024 17:52:11 GMT
server: Cloudfront
etag: W/"e7c0ebe481788ded13569388b8a935fc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: jHNl5aAG_uAyabHYqk4YUTw2jkG4iP5iu6hlLQ2gHeHn7-YS_aSLWQ==

GET
H3 200 landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
secure.winred.com/assets/ 220 KB
34 KB 54ms
52ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tOpBJg5htPvOaTyjGLLYiHKpyv._FiKY
cf-cache-status: HIT
x-amz-request-id: DG3JRM30G9F55PFR
age: 4103
cf-polished: origSize=227910
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +22Hygp0CW+xKXOpFk7lvDgzYaaF5igPOo0cMGSIt4Rds9/3Fc3raQZ1HmuzXm6YdfNyRAEAf78=
cf-bgj: minify
last-modified: Fri, 10 May 2024 01:11:53 GMT
server: cloudflare
etag: W/"0d589e3ee739618497567fffac3f6955"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 8a5453fdefb441cf-EWR
expires: Thu, 18 Jul 2024 21:52:53 GMT

GET
H3 200 1721226599.css
secure.winred.com/stylesheets/rv_page_01htz19n26ya2dzmavk28jc7ap/ 8 KB
3 KB 81ms
79ms Stylesheet
text/css 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/stylesheets/rv_page_01htz19n26ya2dzmavk28jc7ap/1721226599.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a5218f3675a4ccda81b12b5121a4127434fcab9eb0712f08c917fda3fcdf60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Thu, 18 Jul 2024 17:52:53 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 98462
cf-polished: origSize=8464
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d8fcacb0-1da0-49b4-a74a-80bc4edee77a
x-runtime: 0.047246
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 17 Jul 2024 14:31:51 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556952
cf-ray: 8a5453fdefb641cf-EWR
expires: Fri, 18 Jul 2025 23:42:05 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 278 KB
92 KB 189ms
80ms Script
text/javascript 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

04269bc817e6340ff3dec44dd7c8b6a1982adb9fa1504e282aebfdac11a1d54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94296
x-xss-protection: 0

GET
H3 200 application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js Show response
secure.winred.com/assets/ 491 KB
137 KB 82ms
80ms Script
application/javascript 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3deacd1799bf73a270353064e107ac0ccc729f69f360908e491ec50875dc19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: duHZNfotTPXG6DecBysGtwaDu5DT1hEA
cf-cache-status: HIT
x-amz-request-id: XNNWRJ4PSDTPZEB2
age: 2102
cf-polished: origSize=502523
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ETwnoSPYOC+gXJnY9anSoFJ+3oLNaJ/aQkjJvXPMBegUp3KVEaGgO9GY1GrtQWR6BAgATIqKyWk=
cf-bgj: minify
last-modified: Fri, 14 Jun 2024 01:35:41 GMT
server: cloudflare
etag: W/"cca090abb8473b60249239b3bfcde2c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8a5453fdefb941cf-EWR
expires: Thu, 18 Jul 2024 21:52:53 GMT

GET
H2 200 TRUMPVANCE-OFFICIALLOGO.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/026/029/large/ 359 KB
360 KB 147ms
38ms Image
image/png 2600:9000:208f:5600:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/026/029/large/TRUMPVANCE-OFFICIALLOGO.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:5600:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 455d931923a1399e40980a05030ccca274f7ff53018307091dee2dd48d25ee30

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: K1P83YsB2SUmvAQZKR04aUX9YFvLgm20
date: Thu, 18 Jul 2024 14:47:21 GMT
via: 1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 11133
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 367483
last-modified: Mon, 15 Jul 2024 20:18:21 GMT
server: AmazonS3
etag: "2c43d5483f48728e700ab545ecb8a7d6"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 0-exUPumMF1nX58-syC4S9zN8XGSNDGUbnBHGnecIMcC2ZQgS-nBxA==

GET
H2 200 UET0mw6k3__Rtq12V5J8yk29aoWfmYD666VeUqZpUq5Hw8GxxE_fxutD6th36uPFWftBOShCUyNs2CGq5RuVSIZJC5TyWhTxr5iqgj7LaAwZHC7QGh2fQAEa6dKIQp7adPGtD_fAs2xhobjctPacrlE
lh7-us.googleusercontent.com/ 354 KB
355 KB 198ms
57ms Image
image/png 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/UET0mw6k3__Rtq12V5J8yk29aoWfmYD666VeUqZpUq5Hw8GxxE_fxutD6th36uPFWftBOShCUyNs2CGq5RuVSIZJC5TyWhTxr5iqgj7LaAwZHC7QGh2fQAEa6dKIQp7adPGtD_fAs2xhobjctPacrlE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ec21f3a88e2b4fba18a074541bef001d87c50e667cf5d52437961c1b5a3c953b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 14:36:08 GMT
x-content-type-options: nosniff
age: 11805
content-disposition: inline;filename="DJT-TRUMPPOLL.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362818
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 19 Jul 2024 14:36:08 GMT

GET
H2 200 bEVmiBAlrMNHqy8pYp6es3R_SGCX0rOh-5MJKw3B6i_L2qlob_wNs8XJaFAhpwwow-ZcPq_qlxb3kEhHRc7wAE1HvyVsoEbb_cj0vm5_mmxCKnsijw0yeSIk30aoo1k6PLKAXCZRaO4oYjE4luuo8qE
lh7-us.googleusercontent.com/ 5 KB
5 KB 82ms
81ms Image
image/png 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/bEVmiBAlrMNHqy8pYp6es3R_SGCX0rOh-5MJKw3B6i_L2qlob_wNs8XJaFAhpwwow-ZcPq_qlxb3kEhHRc7wAE1HvyVsoEbb_cj0vm5_mmxCKnsijw0yeSIk30aoo1k6PLKAXCZRaO4oYjE4luuo8qE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce483bd57a7d0576c16db84df9cf92b4d94a2c8472f3254dbd2a759704d0fbfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 15:28:51 GMT
x-content-type-options: nosniff
age: 8642
content-disposition: inline;filename="_QW1zW-kTCSjbaqIOpuRy5VMvh61fpZv212Q1YCWeOexOYKps9CRhiAxX9Kvvq-lIdKhd_eQcyu6vBuNlCq3u2RFxweb4FxaKIYDq3EaTHdLU2IPQQ2fCV-KVJygrIgkrOcUZ9htsl6GD76yV3Xaut4.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5209
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 19 Jul 2024 15:28:51 GMT

GET
H2 200 kUuht00m_400x400.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/ 9 KB
9 KB 37ms
37ms Image
image/jpeg 2600:9000:208f:5600:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/kUuht00m_400x400.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:5600:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 09:41:45 GMT
x-amz-version-id: e6vRznToLKSFlkxhhZl3uvfZed2SXwEW
via: 1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
last-modified: Wed, 20 Mar 2024 15:42:11 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 29469
etag: "86e9d3432d2077771820250698fbb99b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8995
x-amz-cf-id: B6ZyAF8KUgpHIGRFjZOV2epAHKQ1nK5J49JOFv_x5EpHrMq_A6dMNg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 486 KB
110 KB 183ms
59ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

735842fbf1a41abb4d94a1cada4d75d7cae51280fac2422da541e56e184b5ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112489
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 16:04:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jul 2024 17:52:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
111 KB 178ms
110ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8caf83b9355f66979c401fdb28be60c220756cba87558a37a21836fa61544db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113043
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 16:04:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jul 2024 17:52:53 GMT

GET
H3 200 win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 9 KB
9 KB 47ms
47ms Image
image/webp 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aNmAkBv9DfRq7EMYMbo7yshslA6Hmd6W
cf-cache-status: HIT
x-amz-request-id: KE6GKDAQTDGR6P42
age: 3639
cf-polished: origFmt=png, origSize=11635
content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8708
x-amz-id-2: 7EAZbnsrHmQ1InDP+j9Be97Yk1F016XYZS0iA0eLrMAg0b4ru4Mi36hsSPzZ8VcyCMMEHQTHdA0=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 16:05:56 GMT
server: cloudflare
etag: "972c0cca8d1e490484e89513f902e847"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a5453ffba6f41cf-EWR
expires: Thu, 18 Jul 2024 21:52:53 GMT

GET
H3 200 win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 19 KB
7 KB 40ms
39ms Image
image/svg+xml 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
x-amz-version-id: ea7GvxzWHWpdhDHNLg3Ca2YWEz2JTdeo
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: TMYGY0MQ5813RMDK
age: 197
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: n/ZBugS1289BE12wUfPKShx3nRBIyZk/+BvBXcGW7amJo510V7wUf6S8mcQLSKxzw19bLeBFj3k=
last-modified: Fri, 10 May 2024 01:11:55 GMT
server: cloudflare
etag: W/"d31530d4186af669daf4f47099614593"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8a5454007b2b41cf-EWR
expires: Thu, 18 Jul 2024 21:52:53 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 156ms
67ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://secure.winred.com/
Origin: https://secure.winred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8a545401092f4245-EWR

GET
H3 200 OFFICIAL-TRUMPVANCE-LOGO-BACKGROUND.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/026/054/large/ 637 KB
637 KB 27ms
26ms Image
image/png 2600:9000:208f:5600:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/026/054/large/OFFICIAL-TRUMPVANCE-LOGO-BACKGROUND.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01htz19n26ya2dzmavk28jc7ap/1721226599.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:208f:5600:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f6ae6ec61e2160f36c1997889b26a650802d5bf3f94d29755a592599a096a1a

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 05:36:36 GMT
x-amz-version-id: WsCdPEnHAsvd1JaCNKrUxbjZgpygl.Aw
via: 1.1 75bba5dfd2aa92cc6ca63ecca3b5248c.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jul 2024 20:29:09 GMT
server: AmazonS3
age: 44178
x-amz-cf-pop: IAD79-C3
etag: "9cb73af3c2ecf1c87983f538a6af1068"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 651855
x-amz-cf-id: zjUjP9BlYUPhKcGau0IOAOnsB_bGU_Qd47o7IkhvDjndttwuF1Z4Bg==

GET
H3 200 icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ 290 B
820 B 53ms
53ms Image
image/webp 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:53 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JXpchAyAQd3AxNHLZ1FszI6Rlaw2988r
cf-cache-status: HIT
x-amz-request-id: VWJDJ10H1KBYCMKM
age: 5168
cf-polished: origFmt=png, origSize=560
content-disposition: inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
alt-svc: h3=":443"; ma=86400
content-length: 290
x-amz-id-2: dWYq9VQojnirRYSiXOWygw0P68TFFsBVUBSo9DgL+qesL7cEuTzQ73/lm9uHTDNDvc6JbE8JxD0=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 16:05:54 GMT
server: cloudflare
etag: "571ee659b7ee9af9291e7dd8176721d5"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a5454009b4e41cf-EWR
expires: Thu, 18 Jul 2024 21:52:53 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 6335 0
0 172ms
67ms Document
text/html 18.160.249.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-20.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 892
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:38:02 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Thu, 11 Jul 2024 17:59:41 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7b0c56156aa23390beef6359f4bdb40a.cloudfront.net (CloudFront)
x-amz-cf-id: IEVYV7vYg4_aQBC01IoPXgSQK8sxxKKLah1SZ2QeWpOtzpuS4OhRuw==
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-with-muas-treatment-43da71ca1308923996feb1f8a1753817.html
js.stripe.com/v3/ Frame 4392 0
0 163ms
84ms Document
text/html 18.160.249.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-muas-treatment-43da71ca1308923996feb1f8a1753817.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-20.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 50
cache-control: max-age=60, stale-while-revalidate=900
content-length: 663
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:52:15 GMT
etag: "43da71ca1308923996feb1f8a1753817"
last-modified: Thu, 18 Jul 2024 17:15:31 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7b0c56156aa23390beef6359f4bdb40a.cloudfront.net (CloudFront)
x-amz-cf-id: O2hUb7HI1mzV7VoYtnrEnp6c9uZMWgybN1-z8PiGKIcbgArp-hXE1A==
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-839c1d7f447fbdff626b95c422fa95a8.html
js.stripe.com/v3/ Frame A2E9 0
0 152ms
83ms Document
text/html 18.160.249.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-839c1d7f447fbdff626b95c422fa95a8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-20.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 1935
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:20:40 GMT
etag: W/"839c1d7f447fbdff626b95c422fa95a8"
last-modified: Thu, 18 Jul 2024 17:15:31 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7b0c56156aa23390beef6359f4bdb40a.cloudfront.net (CloudFront)
x-amz-cf-id: gmuxX_b7P9dK6it-Pjx1WUnwDulmPEHi_kX0LrU1MUELInaWvamR5g==
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 current_with_info Show response
app.winred.com/api/v3/users/ 162 B
1 KB 231ms
92ms XHR
application/vnd.api+json 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.winred.com/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d11af5c6d2676418f2361b14cd7d51ac7779bb245f71434185ad989ff736824c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin: https://secure.winred.com
x-rack-cors: hit
date: Thu, 18 Jul 2024 17:52:54 GMT
x-rack-cors-original-access-control-max-age: 0
x-rack-cors-original-access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-encoding: br
x-rack-cors-original-access-control-allow-methods: GET, POST, OPTIONS
x-rack-cors-original-access-control-expose-headers
alt-svc: h3=":443"; ma=86400
x-request-id: a47c9467-873b-4ca2-a494-959f3c3b0ef8
x-runtime: 0.008344
server: cloudflare
etag: W/"d11af5c6d2676418f2361b14cd7d51ac"
access-control-max-age: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.api+json
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
vary: Origin
cf-ray: 8a545402b901439d-EWR

GET
H3 200 rv_page_01htz19n26ya2dzmavk28jc7ap-9657db8120e36dcb1bb126012166b42990a1caa3 Show response
secure.winred.com/api/v3/donations/live/ 461 B
545 B 48ms
48ms XHR
application/json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/api/v3/donations/live/rv_page_01htz19n26ya2dzmavk28jc7ap-9657db8120e36dcb1bb126012166b42990a1caa3?stream_id=cc6c14c6f9a0fa9b837d1aa1b1f95b0d7336c88d&_=1721325173795

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133f8775448db576eb7e0376518ac538e4a3b867b0222976a23e465c92b60680

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
X-CSRF-Token: KSxW6jGRZm52z/uq5ppikIcHyrOe/djs1WOTfBOjGnI8p4wQoKDepLxZajJ7K54IX8Pl0uoPXESSfV0VWNyL7g==
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 58
alt-svc: h3=":443"; ma=86400
x-request-id: 11ece842-1646-4872-b706-2fa99533bbd1
x-runtime: 0.009758
server: cloudflare
etag: W/"133f8775448db576eb7e0376518ac538"
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: public, max-age=60
cf-ray: 8a545401fcfc41cf-EWR
expires: Thu, 18 Jul 2024 17:53:54 GMT

GET
H3 200 rv_page_01htz19n26ya2dzmavk28jc7ap-b074e0e24361c29a2f5637ef320249d144a44084 Show response
secure.winred.com/api/v3/donations/live/ 457 B
535 B 49ms
48ms XHR
application/json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/api/v3/donations/live/rv_page_01htz19n26ya2dzmavk28jc7ap-b074e0e24361c29a2f5637ef320249d144a44084?stream_id=1f21cdfb0925fb80cdbc64ac808363ac4678c366&_=1721325173796

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34cf1b8f84c02fe0f20f2b6ea92ac6c57e41ef46f81113eb8f4475b8ce196abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
X-CSRF-Token: KSxW6jGRZm52z/uq5ppikIcHyrOe/djs1WOTfBOjGnI8p4wQoKDepLxZajJ7K54IX8Pl0uoPXESSfV0VWNyL7g==
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6
alt-svc: h3=":443"; ma=86400
x-request-id: bf181807-faa9-475c-bc29-84ce339e2680
x-runtime: 0.006644
server: cloudflare
etag: W/"34cf1b8f84c02fe0f20f2b6ea92ac6c5"
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: public, max-age=60
cf-ray: 8a545401fcfe41cf-EWR
expires: Thu, 18 Jul 2024 17:53:54 GMT

GET
H2 200 controller-with-muas-treatment-43da71ca1308923996feb1f8a1753817.html
js.stripe.com/v3/ Frame FDF2 0
0 107ms
107ms Document
text/html 18.160.249.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-muas-treatment-43da71ca1308923996feb1f8a1753817.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-20.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 50
cache-control: max-age=60, stale-while-revalidate=900
content-length: 663
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:52:15 GMT
etag: "43da71ca1308923996feb1f8a1753817"
last-modified: Thu, 18 Jul 2024 17:15:31 GMT
origin-agent-cluster: ?1
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7b0c56156aa23390beef6359f4bdb40a.cloudfront.net (CloudFront)
x-amz-cf-id: O2hUb7HI1mzV7VoYtnrEnp6c9uZMWgybN1-z8PiGKIcbgArp-hXE1A==
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-74f46427807aa0cea4579084686319be.html
js.stripe.com/v3/ Frame B111 0
0 98ms
83ms Document
text/html 18.160.249.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-74f46427807aa0cea4579084686319be.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-20.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2129
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:17:26 GMT
etag: "74f46427807aa0cea4579084686319be"
last-modified: Thu, 18 Jul 2024 17:15:47 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7b0c56156aa23390beef6359f4bdb40a.cloudfront.net (CloudFront)
x-amz-cf-id: vL8enDv5MTj9q2jZKfVjalKrcfJJbTF0EfH701R5ubjR2lhzc9Bozg==
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-68574587415da4c2855dcfe071f029a9.html
js.stripe.com/v3/ Frame 8220 0
0 87ms
74ms Document
text/html 18.160.249.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-68574587415da4c2855dcfe071f029a9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-20.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 53
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:52:13 GMT
etag: "68574587415da4c2855dcfe071f029a9"
last-modified: Thu, 18 Jul 2024 17:15:47 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7b0c56156aa23390beef6359f4bdb40a.cloudfront.net (CloudFront)
x-amz-cf-id: 6YV2rwmV0U7dwFUMkPom0kfrLPXLi3fblQXdtdGQGrZ5SreCpzglAQ==
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 DJT-FLAGEMOJI.png
d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/895/484/small_square/ 5 KB
5 KB 29ms
28ms Image
image/png 2600:9000:208f:5600:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/895/484/small_square/DJT-FLAGEMOJI.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:208f:5600:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 420ac6c617ee74fe7974f174a88e74d415000487a2e515797094e02e099b48ba

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: M4KLoYbFwXBAms0NGtqd77injo3C.q8l
date: Thu, 18 Jul 2024 03:11:20 GMT
via: 1.1 75bba5dfd2aa92cc6ca63ecca3b5248c.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 05:29:44 GMT
server: AmazonS3
age: 52895
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
etag: "4911b815850d287208be1ce338439b2a"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4937
x-amz-cf-id: oiPtJFVB898kqoBLkxHXog4Un0ku8N-fWBW3y7k_XToqBy_0j6Waig==

GET
H3

200

main.js Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/ Frame A129
Redirect Chain

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

8 KB
4 KB

35ms
34ms

Script
application/javascript

2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

Requested by

Protocol

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e067fe8dd820be7f1d150bfa023ecf281f79bf388e00f52668ea074c479c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a545402ee3141cf-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a5454022d3541cf-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 160ms
40ms XHR
application/json 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
101 KB 52ms
51ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7901cdacd1302675fad6f419e468d00bde1327eb21af47bca475179b571fe6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jul 2024 17:52:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 169ms
55ms Script
text/javascript 2607:f8b0:400d:c0d::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 18 Jul 2024 16:39:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4385
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 18 Jul 2024 18:39:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 349 KB
115 KB 41ms
40ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcf4cb6c585abb21c2f3a2a11cb797d955402ed42f0cd878953ce74e5c472b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 117984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jul 2024 17:52:54 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 209ms
60ms Script
application/javascript 146.75.76.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.76.157 Chicago, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2024 20:58:07 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200117-IAD, cache-chi-kigq8000150-CHI

GET
H2 200 ratag Show response
a.ads.rmbl.ws/ 3 KB
2 KB 279ms
98ms Script
application/javascript 38.70.189.70
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ads.rmbl.ws/ratag?id=AV-6622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.70.189.70 Toronto, Canada, ASN399647 (RUMBLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 706e4b2b1a0b48a95a2468ed5bbd10ea6cb9874aff64afd280e979c2f141cb0e

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: gzip
server: nginx
etag: W/"b467be32e4974b38f38aeb3d9a695138"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=900
access-control-allow-credentials: true

POST
H3 200 8a5453fd0eac41cf Show response
secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A129 0
1 KB 51ms
45ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a5453fd0eac41cf

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=F3ChBlW0ypfmdo6qpi2CeKbekdFFMPBRLhkJpS9bOLw-1721325174-1.0.1.1-sH30F76jOkniFmhq4Lx2E4M69j25VzD0seCB2rjVp4MxEeA7sVMWymmytk3P6SoEQHIaGayYZQP40EV4_QhEABc4s8w.J654e0uXl_zZLp2dUrijClREwtuAVgZrXz0bANuAD3CQ.jtcu.HNoDvUOBLSDiUjTNkkBT5zveeS_8k; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=F3ChBlW0ypfmdo6qpi2CeKbekdFFMPBRLhkJpS9bOLw-1721325174-1.0.1.1-sH30F76jOkniFmhq4Lx2E4M69j25VzD0seCB2rjVp4MxEeA7sVMWymmytk3P6SoEQHIaGayYZQP40EV4_QhEABc4s8w.J654e0uXl_zZLp2dUrijClREwtuAVgZrXz0bANuAD3CQ.jtcu.HNoDvUOBLSDiUjTNkkBT5zveeS_8k"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/plain; charset=UTF-8
cf-ray: 8a545403ff8641cf-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect Show response
gtm.winred.com/g/ 494 B
950 B 324ms
250ms XHR
text/plain 2606:4700::6810:e534
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je47h0v867905447z872410129za200zb72410129&_p=1721325173434&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=515673529.1721325174&ecid=409892209&ul=en-us&sr=1600x1200&_fplc=0&ur=US-VA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1721325173434&sst.ude=0&_s=1&sid=1721325174&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&dt=MAGA&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma&epn.load_time_sec=-1721325171.9&epn.event_fire_time=1721325174183&ep.event_uuid=18856e6f-7d08-4710-a0f1-0c8d0b72b80c&ep.isVideoPage=f&ep.referrer=&tfd=2487&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e534 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1304e2c2024edc7c4e72d7a745acc001a970dbded1c1daac5c986292ebd8f740

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8a545404bf5542c0-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 40ms
37ms XHR
text/plain 2607:f8b0:400d:c0d::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=312051145&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&ul=en-us&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=476926473&gjid=851725343&cid=515673529.1721325174&tid=UA-73658561-7&_gid=1784125435.1721325174&_slc=1&gtm=45He47h0n71NTQZ9Nv72410129za200&cd61=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=37104868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 211ms
97ms XHR
text/plain 2607:f8b0:400d:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=515673529.1721325174&jid=476926473&gjid=851725343&_gid=1784125435.1721325174&_u=YCDAiEABBAAAAGAEK~&z=695418639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jul 2024 17:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
84 B 95ms
94ms XHR
text/plain 2607:f8b0:400d:c0d::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=312051145&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&ul=en-us&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAGAEK~&jid=1453463374&gjid=1359052670&cid=515673529.1721325174&tid=UA-60901920-1&_gid=1784125435.1721325174&_r=1&_slc=1&gtm=45He47h0n71M27JCGv72350723za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=2043644443

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2be40f02e37e46e793761339c8501e3a1f629b120a7e0335a0540606bdd5fb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
133 B 51ms
50ms Image
image/gif 2607:f8b0:400d:c0d::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=312051145&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&ul=en-us&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YCDAiEABBAAAAGAEK~&jid=&gjid=&cid=515673529.1721325174&tid=UA-73658561-7&_gid=1784125435.1721325174&gtm=45He47h0n71NTQZ9Nv72410129za200&cd41=anonymous&cd58=f&cd61=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1230174082

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 05:46:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43582
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 62ms
62ms Fetch
text/plain 2607:f8b0:400d:c0d::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0YWKLMCX4D&gtm=45je47h0v9102512289z872350723za200zb72350723&_p=1721325173434&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=515673529.1721325174&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721325174&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&dt=MAGA&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&tfd=2553&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/ 3 KB
1 KB 142ms
45ms Script
text/javascript 2607:f8b0:4004:c21::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/?random=1721325174494&cv=11&fst=1721325174494&bg=ffffff&guid=ON&async=1&gtm=45je47h0v9102512289z872350723za200zb72350723&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=998165174.1721325174&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config%3BcookieDomain%3Dauto&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

512b086b8e1fa7091bb992923f39c23f720bad4b41c46a33fe066491f8c994ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1459
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 286ms
154ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b2f9e8b2-7a47-43a3-b3d5-a275f22e95e7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2e4311ab-0dba-4e68-ada6-ec78725deae7&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 79
date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: a43651740dce4da5
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: c5466d6f5fa4d9ad11e57f5c0e9e62f343cee6539706d5b875513eebca2b6b39
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 203ms
70ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b2f9e8b2-7a47-43a3-b3d5-a275f22e95e7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2e4311ab-0dba-4e68-ada6-ec78725deae7&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: e5825ad6d7e04c53
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 9b410384cb57c78778f65c4424b7afe4de83e0135fe39c66b1c5466ab34d436b
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
252 B 330ms
199ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=60e4d45c-36fa-4068-8260-18620d491ee4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2e4311ab-0dba-4e68-ada6-ec78725deae7&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&tw_iframe_status=0&txn_id=ol48j&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 78
date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: f81a1df4507467bd
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d4b82634bf6bc441b7b4a5487dc1903aefdbc84e331ac4bf1a654e473b127a99
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
547 B 269ms
136ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=60e4d45c-36fa-4068-8260-18620d491ee4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2e4311ab-0dba-4e68-ada6-ec78725deae7&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&tw_iframe_status=0&txn_id=ol48j&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 73
date: Thu, 18 Jul 2024 17:52:54 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: caf02b38fe7fdc6c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 9b410384cb57c78778f65c4424b7afe4de83e0135fe39c66b1c5466ab34d436b
content-length: 43

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
97 KB 42ms
41ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e62f3822adb10d74cada6543aa925d05aefdd417021146257362c1f50efe02dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99189
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jul 2024 17:52:54 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11091438865/ 42 B
64 B 161ms
45ms Image
image/gif 2607:f8b0:400d:c0d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11091438865/?random=1721325174494&cv=11&fst=1721322000000&bg=ffffff&guid=ON&async=1&gtm=45je47h0v9102512289z872350723za200zb72350723&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=998165174.1721325174&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config%3BcookieDomain%3Dauto&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLaYiydicyajI4VhVV6JS2iujtpeV9Wg&random=2181325852&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::6a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 137ms
46ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HNR33QTX08&gtm=45je47h0v9164375506za200&_p=1721325173434&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=515673529.1721325174&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&dt=MAGA&sid=1721325174&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2765&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 39ms
38ms Ping
text/plain 2607:f8b0:400d:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-HNR33QTX08&cid=515673529.1721325174&gtm=45je47h0v9164375506za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c01::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
analytics.google.com/g/s/ 0
47 B 105ms
63ms Image
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e47h0v867905447z872410129z9867900975za200zb72410129&_gsid=X6H0114PDFWT7YEZ0HVcN7aZz_MSfPZQ
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 54ms
53ms Image
text/plain 2607:f8b0:400d:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-X6H0114PDF&cid=6gWehQJ80p8kAFRqyVFKs7P1aOuvWCzpWpmz6%2BbFnEk%3D.1721325174&gtm=45j91e47h0v867905447z872410129z9867900975za200zb72410129&aip=1
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c01::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect Show response
gtm.winred.com/g/ 65 B
540 B 243ms
243ms XHR
text/plain 2606:4700::6810:e534
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je47h0v867905447z872410129za200zb72410129&_p=1721325173434&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=515673529.1721325174&ecid=409892209&ul=en-us&sr=1600x1200&_fplc=0&ur=US-VA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.gcd=13l3l3l3l1&sst.tft=1721325173434&sst.ude=0&_s=2&sid=1721325174&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&dt=MAGA&en=user%20session%20start&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma&epn.load_time_sec=-1721325171.9&epn.event_fire_time=1721325174207&ep.event_uuid=1d41ce34-62d6-4378-b0f3-280aa32f902c&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=4&tfd=2994&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e534 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8a5454076b1942c0-EWR
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
secure.winred.com/cdn-cgi/ 0
143 B 38ms
36ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://secure.winred.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8a5454079c1f41cf-EWR

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
91 KB 41ms
41ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cefdff0f3f2b39a5c0b2675ad8db5a3910f68ccf585d2d3f8ac62d4ebaf5882a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 17:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92710
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 16:04:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jul 2024 17:52:54 GMT

GET
H3 200 Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/ 1 KB
2 KB 28ms
27ms Other
image/png 2600:9000:208f:5600:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:208f:5600:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FN8PLjpE4LnyaM50_d0emgSd0vAz496F
date: Thu, 18 Jul 2024 13:39:08 GMT
via: 1.1 75bba5dfd2aa92cc6ca63ecca3b5248c.cloudfront.net (CloudFront)
age: 15227
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1512
last-modified: Wed, 10 Jul 2019 18:21:57 GMT
server: AmazonS3
etag: "7b9c8b7070c8f9c81fc9a133d26daf4e"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: NtSwnziQjRfkpE8K4mfCKh2YG2E8ShgxQ2oWUWMWqw-4qyK7hWtuJA==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/ 3 KB
1 KB 46ms
45ms Script
text/javascript 2607:f8b0:4004:c21::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/?random=1721325175059&cv=11&fst=1721325175059&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9102692410za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=998165174.1721325174&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958a12ffce01fafe323589734f06dc491b0aa1dffd941f14fee92d33991a145f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1460
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11094181768/ 42 B
64 B 52ms
51ms Image
image/gif 2607:f8b0:400d:c0d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11094181768/?random=1721325175059&cv=11&fst=1721322000000&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9102692410za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-sms-trump-poll-v13-tma%2F%3Futm_campaign%3D20240718_TScillaXL-OP8.115972_t1516561-3213%26ex_tid%3D20240718_TScillaXL-OP8.115972_t1516561-3213&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=998165174.1721325174&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLQctzx62fryxbizaLRNUeSt4Tyy3PYuFFiSRC8O-bECPMvWxg&random=37058568&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::6a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 17:52:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hcaptcha-invisible-bd3e333d41dc7008490bbd2f8dc3a00c.html
js.stripe.com/v3/ Frame 6BEA 0
0 68ms
67ms Document
text/html 18.160.249.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-bd3e333d41dc7008490bbd2f8dc3a00c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.249.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-249-20.ord58.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-VyRfdwBbD8grsevkkIJOUoGs9KD7leAUrYZe/XYXmHs='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 2159
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-VyRfdwBbD8grsevkkIJOUoGs9KD7leAUrYZe/XYXmHs='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jul 2024 17:16:57 GMT
etag: W/"a5e503fb552deec2b174ff877456d04a"
last-modified: Thu, 18 Jul 2024 17:15:47 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7b0c56156aa23390beef6359f4bdb40a.cloudfront.net (CloudFront)
x-amz-cf-id: MAMZX-k7NzHMHcEE9IfnM_E4l9uM7xWcZgoI0piyD81_V6F5h06I8w==
x-amz-cf-pop: ORD58-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/9/ 266 KB
57 KB 39ms
37ms Script
text/javascript 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/9/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f2c2243d80b61160c2b2da1ee4906b583c328db3087c30edacba4486789dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 17:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57846
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 20:36:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jul 2025 17:05:50 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/9/ 185 KB
57 KB 56ms
56ms Script
text/javascript 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/9/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3967d836188ae439a4db64f444fc9d9b9bdb240821b99abffc414d36ea95e6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 17:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57773
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 20:36:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jul 2025 17:10:47 GMT

GET trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.winred.com/api/v3/users	1970-01-21 07:44:45	Name: rvid Value: 7d9df778-93df-4345-8d4a-0196190ab2bd
.secure.winred.com/	1970-01-20 22:08:46	Name: __cf_bm Value: unxH34zE.V89PuXMX7kZDOHrLDgbfVto9dSfS5h38kA-1721325173-1.0.1.1-zFx95aq2nVXtR5S66mFqjHSWE3tQ0mz3xbch2K0xWdjIlYnbTX7mV0aB.CjglEAM6qZbIfIcuEqgIehcOSnM8w
secure.winred.com/	1969-12-31 23:59:59	Name: origin_url Value: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213
.winred.com/	1970-01-21 00:18:21	Name: _gcl_au Value: 1.1.998165174.1721325174
.winred.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: a0JZT3REOWxPZkVBeDlYRG1kQTMwejBteE55YTNBalYxWjErWmNqaWlUSVZtc3FjY0JQZzFmZ3NLU0hTd0JZL1RLQ2ZaMS9TT3U4Z2Jmd29vNDU1RDRWcjZjSWduWEZhNWpRT29hRGpRUmdtZlQzUnRwcFpEZVV3Y2ZyT1U3VHpPeEtjMjE0cmhuY0xlaFZYZ0UvWmFWajlSaXdzQ1g4VFF2TWMycWYvU1cyZDBBUDFvRll5ejlDSHlhVEliaDVaNEVoWmVZS1EvNDE1VmdidDFaT0FnVlFXbFlsQ0pBZHJrcTdTbm9JdzNFbXdzRE5RenBUQmxSZjVNV1FxMVR2WDYyL0ZRUnpabGpZemtCanJrV1lhQlljalZJNWVZRzFRZW9SdS95bzdvR0kxdWEwU0o5RnhnTG5VTVhVc1BUa1ZIak8vdWhmRHU4Rm1Zc0VMTC9CSm9XYkZrRTFucFJlSUtEYmdtVTRFYUVBPS0tNFIrTzFrSitIYmJuMkNwTElXcngvdz09--a02dc9bf140d78370d81533f2449b184e61e64e9
secure.winred.com/	1969-12-31 23:59:59	Name: sso_tries Value: 1
secure.winred.com/	1970-01-21 07:44:45	Name: rvid Value: 7d9df778-93df-4345-8d4a-0196190ab2bd
.secure.winred.com/	1970-01-21 06:54:21	Name: cf_clearance Value: dRARpSGKU1Apq4v72uyVVis3HLstOBxrZI4w2DJonhQ-1721325174-1.0.1.1-3trZxc0KBDqwoHmB0X0_rYPPDoR2YQIzA4vM._IRpgE8KQq3kWj3zb0q83zkIgCKBlBzVnY2MNchRVCbVF1KBw
.winred.com/	1970-01-20 22:10:11	Name: _gid Value: GA1.2.1784125435.1721325174
.winred.com/	1970-01-20 22:08:45	Name: _dc_gtm_UA-73658561-7 Value: 1
.winred.com/	1970-01-20 22:08:45	Name: _gat_UA-60901920-1 Value: 1
.winred.com/	1970-01-21 07:44:45	Name: _ga_0YWKLMCX4D Value: GS1.1.1721325174.1.0.1721325174.0.0.0
.winred.com/	1970-01-21 07:44:45	Name: _ga Value: GA1.1.515673529.1721325174
secure.winred.com/	1970-01-21 00:32:45	Name: _cids Value: W10=
.winred.com/	1970-01-21 07:44:45	Name: _ga_HNR33QTX08 Value: GS1.2.1721325174.1.0.1721325174.60.0.0
.winred.com/	1970-01-21 07:44:45	Name: FPID Value: FPID2.2.6gWehQJ80p8kAFRqyVFKs7P1aOuvWCzpWpmz6%2BbFnEk%3D.1721325174
.winred.com/	1970-01-20 22:08:46	Name: FPGSID Value: 1.1721325174.1721325174.G-X6H0114PDF.WT7YEZ0HVcN7aZz_MSfPZQ
.twitter.com/	1970-01-21 07:44:45	Name: guest_id_marketing Value: v1%3A172132517469786578
.twitter.com/	1970-01-21 07:44:45	Name: guest_id_ads Value: v1%3A172132517469786578
.twitter.com/	1970-01-21 07:44:45	Name: personalization_id Value: "v1_4umkKZHQF0eK/Psm2M+ZBQ=="
.twitter.com/	1970-01-21 07:44:45	Name: guest_id Value: v1%3A172132517469786578
.t.co/	1970-01-21 07:44:45	Name: muc_ads Value: 6d9f03aa-cfcb-40e8-826b-fc7d534e43fe
.winred.com/	1970-01-21 07:44:45	Name: _ga_X6H0114PDF Value: GS1.1.1721325174.1.0.1721325174.0.0.409892209
m.stripe.com/	1970-01-21 07:44:45	Name: m Value: 9394675a-e5e5-48fa-b173-9ba3c1c1d212e15e2b
.secure.winred.com/	1970-01-21 06:54:21	Name: __stripe_mid Value: 9f8c1065-058c-4c99-9623-ed758c1ae3c5a6f55d
.secure.winred.com/	1970-01-20 22:08:46	Name: __stripe_sid Value: 4c3878c2-0d24-42ae-8828-37e0f138c795dffe51
.doubleclick.net/	1970-01-21 07:44:45	Name: IDE Value: AHWqTUm2DQVd4bAufJpKFlsoVg2xVhx6OVvqsXPFVOVvxqyUKtsy4k2jJVpeduLY
.winred.com/	1970-01-20 22:09:57	Name: FPLC Value: Qqxr1QFZ6GYj4yMTXC15X4hSqpBjA6uXPRyCpY1O7ah8SeTjximJKcuLjQ4nzXYPEy%2FILWOLY2tVirEd6tlBHHaTdt%2FOpS8j9gB%2Bnjk%2FM8XqaMgOmludD1pVOgbRJA%3D%3D
api.hcaptcha.com/	1970-01-20 22:51:57	Name: hmt_id Value: eb3760af-d5b8-49b2-9944-8e4067a2f6f8

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: [DOM] Found 2 elements with non-unique id #conduit_employer_name: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: [DOM] Found 2 elements with non-unique id #conduit_mobile_number: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: [DOM] Found 2 elements with non-unique id #conduit_not_employed: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: [DOM] Found 2 elements with non-unique id #conduit_occupation: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-sms-trump-poll-v13-tma/?utm_campaign=20240718_TScillaXL-OP8.115972_t1516561-3213&ex_tid=20240718_TScillaXL-OP8.115972_t1516561-3213 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ads.rmbl.ws
analytics.google.com
analytics.twitter.com
app.winred.com
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
gtm.winred.com
js.stripe.com
lh7-us.googleusercontent.com
maps.googleapis.com
rwing.us
secure.winred.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
js.stripe.com
104.244.42.3
146.75.76.157
18.160.249.20
18.160.249.48
2001:4860:4802:32::181
2600:9000:208f:5600:0:7d26:ee00:93a1
2606:4700::6810:4f49
2606:4700::6810:e534
2606:4700::6813:d359
2606:4700::6813:d459
2607:f8b0:4004:c21::9a
2607:f8b0:400d:c01::61
2607:f8b0:400d:c01::9b
2607:f8b0:400d:c03::84
2607:f8b0:400d:c0d::66
2607:f8b0:400d:c0d::6a
2607:f8b0:400d:c0e::5f
38.70.189.70
72.21.81.130
99.83.253.106
04269bc817e6340ff3dec44dd7c8b6a1982adb9fa1504e282aebfdac11a1d54f
0a5218f3675a4ccda81b12b5121a4127434fcab9eb0712f08c917fda3fcdf60f
1304e2c2024edc7c4e72d7a745acc001a970dbded1c1daac5c986292ebd8f740
133f8775448db576eb7e0376518ac538e4a3b867b0222976a23e465c92b60680
1a3deacd1799bf73a270353064e107ac0ccc729f69f360908e491ec50875dc19
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9
29e8ee4321b7a9031ada20427d26cdc48c36e617ef6b48eabddda89465008a8e
29f2c2243d80b61160c2b2da1ee4906b583c328db3087c30edacba4486789dde
2be40f02e37e46e793761339c8501e3a1f629b120a7e0335a0540606bdd5fb2d
34cf1b8f84c02fe0f20f2b6ea92ac6c57e41ef46f81113eb8f4475b8ce196abf
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
3967d836188ae439a4db64f444fc9d9b9bdb240821b99abffc414d36ea95e6cb
3f6ae6ec61e2160f36c1997889b26a650802d5bf3f94d29755a592599a096a1a
420ac6c617ee74fe7974f174a88e74d415000487a2e515797094e02e099b48ba
455d931923a1399e40980a05030ccca274f7ff53018307091dee2dd48d25ee30
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
512b086b8e1fa7091bb992923f39c23f720bad4b41c46a33fe066491f8c994ac
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
706e4b2b1a0b48a95a2468ed5bbd10ea6cb9874aff64afd280e979c2f141cb0e
735842fbf1a41abb4d94a1cada4d75d7cae51280fac2422da541e56e184b5ba0
7901cdacd1302675fad6f419e468d00bde1327eb21af47bca475179b571fe6c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8caf83b9355f66979c401fdb28be60c220756cba87558a37a21836fa61544db6
958a12ffce01fafe323589734f06dc491b0aa1dffd941f14fee92d33991a145f
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b51b04fec7c87ea669c531ef19b8bc01f66f6f476999ca321c4e1a681d3875c3
bcf4cb6c585abb21c2f3a2a11cb797d955402ed42f0cd878953ce74e5c472b8b
c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce483bd57a7d0576c16db84df9cf92b4d94a2c8472f3254dbd2a759704d0fbfd
cefdff0f3f2b39a5c0b2675ad8db5a3910f68ccf585d2d3f8ac62d4ebaf5882a
d11af5c6d2676418f2361b14cd7d51ac7779bb245f71434185ad989ff736824c
d4e067fe8dd820be7f1d150bfa023ecf281f79bf388e00f52668ea074c479c50
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62f3822adb10d74cada6543aa925d05aefdd417021146257362c1f50efe02dd
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ec21f3a88e2b4fba18a074541bef001d87c50e667cf5d52437961c1b5a3c953b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

secure.winred.com Open in urlscan Pro 2606:4700::6813:d459 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

65 %IPv6

15 Domains

19 Subdomains

20 IPs

2 Countries

2623 kBTransfer

5704 kBSize

29 Cookies

8 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.winred.com Open in urlscan Pro
2606:4700::6813:d459 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

65 %
IPv6

15
Domains

19
Subdomains

20
IPs

2
Countries

2623 kB
Transfer

5704 kB
Size

29
Cookies

62 HTTP transactions
0 data transactions