urlscan.io logo urlscan.io
SecurityTrails logo

secure.winred.com Open in urlscan Pro
2606:4700::6812:9b15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.magadonors.com/els/v2/7P23sWeZeFb/T3N5R2lvaHVVUWNHUmt4YllFVmpBOFdnYUkrMFlGdEVRNmtORUN3aWN5RURXZHJycEV0cS9DZUZJc...
Effective URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=202205...
Submission: On June 07 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 1 countries across 32 domains to perform 169 HTTP transactions. The main IP is 2606:4700::6812:9b15, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 69655.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 5th 2021. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.112.68.25 19795 (ACOUSTIC-...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
31 151.101.192.176 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:235... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
42 54.186.23.98 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
17 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.80.66 15169 (GOOGLE)
1 146.75.36.157 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 23.52.162.190 16625 (AKAMAI-AS)
3 151.101.129.44 54113 (FASTLY)
2 108.156.126.241 16509 (AMAZON-02)
1 2600:9000:234... 16509 (AMAZON-02)
2 2001:4998:14:... 14777 (YAHOO)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.129.108 54113 (FASTLY)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 23.52.162.163 16625 (AKAMAI-AS)
2 35.169.111.138 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 38.133.127.159 22075 (AS-OUTBRAIN)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
3 2607:f8b0:400... 15169 (GOOGLE)
1 68.67.161.210 29990 (ASN-APPNEX)
1 6 35.190.43.134 15169 (GOOGLE)
1 2 2600:141b:13:... 20940 (AKAMAI-ASN1)
4 2607:f8b0:400... 15169 (GOOGLE)
1 76.13.32.146 26101 (YAHOO-BF1)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.2.2.162 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 52.41.199.178 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
2 54.235.30.242 14618 (AMAZON-AES)
2 2 107.178.246.49 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
2 141.226.224.48 200478 (TABOOLA-AS)
169 40
1    74.112.68.25 (United States)

ASN19795 (ACOUSTIC-ATL-01, US)
links.magadonors.com
11    2606:4700::6812:9b15 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.winred.com
app.winred.com
31    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
4    2607:f8b0:4006:81c::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
4    2600:9000:2351:be00:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)
d35ligi1n5bgzc.cloudfront.net
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4006:81e::2008 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
42    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
4    2607:f8b0:4004:c17::5c (Washington, United States)

ASN15169 (GOOGLE, US)
pay.google.com
17    2607:f8b0:4006:823::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
play.google.com
2    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
www.googleadservices.com
1    146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    108.156.126.241 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-126-241.ord56.r.cloudfront.net
sc-static.net
1    2600:9000:234f:c400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2600:141b:13::17d7:82b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
rtxpx-a.akamaihd.net
1    23.52.162.163 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-163.deploy.static.akamaitechnologies.com
s.ntv.io
2    35.169.111.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-111-138.compute-1.amazonaws.com
jadserve.postrelease.com
1    2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    38.133.127.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
tr.outbrain.com
2    2607:f8b0:4006:817::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2607:f8b0:4006:81c::2004 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    68.67.161.210 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
6    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
2    2600:141b:13::17d7:82b9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
stickyid-a.akamaihd.net
4    2607:f8b0:4006:81d::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com
1    2600:1f18:730:b130:4c96:5596:18cd:cf5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.2.2.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-2-162.compute-1.amazonaws.com
rp4.liadm.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.41.199.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-199-178.us-west-2.compute.amazonaws.com
m.stripe.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    54.235.30.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-30-242.compute-1.amazonaws.com
rtclx.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
72 stripe.com
js.stripe.com — Cisco Umbrella Rank: 979
q.stripe.com — Cisco Umbrella Rank: 6438
r.stripe.com — Cisco Umbrella Rank: 4454
m.stripe.com — Cisco Umbrella Rank: 896
802 KB
20 google.com
pay.google.com — Cisco Umbrella Rank: 3255
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 29
390 KB
11 winred.com
secure.winred.com — Cisco Umbrella Rank: 69655
app.winred.com — Cisco Umbrella Rank: 211319
253 KB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 991
trc.taboola.com — Cisco Umbrella Rank: 633
pips.taboola.com — Cisco Umbrella Rank: 1491
cds.taboola.com — Cisco Umbrella Rank: 1409
trc-events.taboola.com — Cisco Umbrella Rank: 1652
22 KB
6 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 980
2 KB
4 gstatic.com
www.gstatic.com
103 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
40 KB
4 cloudfront.net
d35ligi1n5bgzc.cloudfront.net
699 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 304
176 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
2 KB
3 akamaihd.net
rtxpx-a.akamaihd.net — Cisco Umbrella Rank: 66057
stickyid-a.akamaihd.net — Cisco Umbrella Rank: 69042
32 KB
3 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3539
rp.liadm.com — Cisco Umbrella Rank: 2544
rp4.liadm.com — Cisco Umbrella Rank: 11037
12 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2032
tr.outbrain.com — Cisco Umbrella Rank: 1872
4 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 324
12 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 405
558 B
2 rtclx.com
rtclx.com — Cisco Umbrella Rank: 15127
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
426 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1033
17 KB
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1078
1 KB
2 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 550
ib.adnxs.com — Cisco Umbrella Rank: 214
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
114 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 378
7 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1086
15 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 114
16 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
148 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 765
631 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 506
356 B
1 t.co
t.co — Cisco Umbrella Rank: 505
336 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 2708
120 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 608
15 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1125
5 KB
1 magadonors.com
links.magadonors.com
529 B
169 32
Domain Requested by
34 r.stripe.com js.stripe.com
29 js.stripe.com secure.winred.com
js.stripe.com
13 play.google.com www.gstatic.com
10 secure.winred.com secure.winred.com
static.cloudflareinsights.com
8 q.stripe.com secure.winred.com
6 tr.snapchat.com 1 redirects sc-static.net
secure.winred.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 www.google-analytics.com www.googletagmanager.com
secure.winred.com
www.gstatic.com
4 pay.google.com js.stripe.com
pay.google.com
secure.winred.com
www.gstatic.com
4 d35ligi1n5bgzc.cloudfront.net secure.winred.com
4 maps.googleapis.com secure.winred.com
maps.googleapis.com
3 www.google.com secure.winred.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
secure.winred.com
2 trc-events.taboola.com cdn.taboola.com
2 pixel.tapad.com 2 redirects
2 rtclx.com rtxpx-a.akamaihd.net
2 www.facebook.com secure.winred.com
2 stickyid-a.akamaihd.net 1 redirects secure.winred.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 tr.outbrain.com amplify.outbrain.com
secure.winred.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 jadserve.postrelease.com secure.winred.com
s.ntv.io
2 connect.facebook.net secure.winred.com
connect.facebook.net
2 s.yimg.com secure.winred.com
s.yimg.com
2 sc-static.net www.googletagmanager.com
tr.snapchat.com
2 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.googletagmanager.com secure.winred.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 m.stripe.com m.stripe.network
1 rp4.liadm.com secure.winred.com
1 rp.liadm.com 1 redirects
1 sp.analytics.yahoo.com secure.winred.com
1 ib.adnxs.com secure.winred.com
1 analytics.twitter.com secure.winred.com
1 t.co secure.winred.com
1 trc.taboola.com cdn.taboola.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s.ntv.io secure.winred.com
1 rtxpx-a.akamaihd.net secure.winred.com
1 acdn.adnxs.com secure.winred.com
1 b-code.liadm.com www.googletagmanager.com
1 amplify.outbrain.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 app.winred.com secure.winred.com
1 static.cloudflareinsights.com secure.winred.com
1 links.magadonors.com 1 redirects
169 48

This site contains links to these domains. Also see Links.

Domain
bit.ly
winred.com
www.nrsc.org
Subject Issuer Validity Valid
www.winred.com
DigiCert SHA2 Extended Validation Server CA		 2021-10-05 -
2022-10-26		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-05-02 -
2022-06-22		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-16 -
2022-06-14		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh
1p1eqpotato.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-11 -
2023-03-24		 a year crt.sh

This page contains 13 frames:

Primary Page: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Frame ID: 04B966F05DB65D7C8B9A4DF50A11EE3D
Requests: 71 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-588e554a3732f54c5145b955ae4f335e.html
Frame ID: 58E9A6E3C33301B29BB8E7204EE1BEE3
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Frame ID: 9A5415866A33F0CA7768D67623BA0A82
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
Frame ID: 259066562D329AB07987E5B29D742D40
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Frame ID: 549D23CBCF44C5A5A2885AF9201B167A
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
Frame ID: 771D6A3AE8404A052500F29D6A1809E1
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-8f96ab970a9675e550fc1b51dd888929.html
Frame ID: 845071EE5590FD5703D5DAAA91503828
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 761150B8A8D22407C17B06CB8D1D3122
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 9D6951FF66348FE79F71777D338CBB5C
Requests: 15 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=db23cbdb-20db-44d4-b6a5-07bc2f403227
Frame ID: BB4FBC1F75FA71C72BD0BC9ED29AB67E
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1654308252729&pnid=140&pcid=037065db-a48e-4b9f-9cdc-7f7a958e6c4e
Frame ID: EB90431330A6F7E751746A03D0B420ED
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
Frame ID: 0611A3418C6AA7ED401996B3427C8183
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 728E124EE721674588B5080F500C549D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Take the Election Year Poll!

Page URL History Show full URLs

  1. http://links.magadonors.com/els/v2/7P23sWeZeFb/T3N5R2lvaHVVUWNHUmt4YllFVmpBOFdnYUkrMFlGdEVRNmtORUN3aWN5R... HTTP 302
    https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

169
Requests

98 %
HTTPS

47 %
IPv6

32
Domains

48
Subdomains

40
IPs

1
Countries

3011 kB
Transfer

8850 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.magadonors.com/els/v2/7P23sWeZeFb/T3N5R2lvaHVVUWNHUmt4YllFVmpBOFdnYUkrMFlGdEVRNmtORUN3aWN5RURXZHJycEV0cS9DZUZJc2FsTnQyZXJ2UW40SXkzUHdmZU5SN1RWS1FhRXJwdzVFdVdiVmlhdDFyZDFrdjVHNTA9S0/ HTTP 302
    https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106
  • https://stickyid-a.akamaihd.net/id?o=https%3A%2F%2Fsecure.winred.com HTTP 302
  • https://stickyid-a.akamaihd.net/id?cc=1&o=https%3A%2F%2Fsecure.winred.com
Request Chain 114
  • https://rp.liadm.com/j?dtstmp=1654609275637&aid=a-00r9&se=e30&duid=5fe568a6c8fd--01g4z6bth5k3a5n5571sjvw1jj&tna=v2.3.1&pu=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&wpn=lc-bundle&c=PHRpdGxlPlRha2UgdGhlIEVsZWN0aW9uIFllYXIgUG9sbCE8L3RpdGxlPjxtZXRhIGNvbnRlbnQ9IjxwIHN0eWxlPSZxdW90O3RleHQtYWxpZ246IGNlbnRlcjsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7YmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7Zm9udC1zaXplOiAxNHB0OyBjb2xvcjogIzAwMDAwMDsgYmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHN0cm9uZyBzdHlsZT0mcXVvdDtmb250LWZhbWlseTogYXJpYWwsIGhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxOHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmYzUwOyZxdW90Oz7wn5qoPC9zdHJvbmc-PHN0cm9uZz5TVEFORCBXSVRIIFRSVU1QITwvc3Ryb25nPjwvc3Bhbj48c3Ryb25nIHN0eWxlPSZxdW90O2ZvbnQtZmFtaWx5OiBhcmlhbCwgaGVsdmV0aWNhLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IDE4cHg7IGJhY2tncm91bmQtY29sb3I6ICNmZmZjNTA7JnF1b3Q7PvCfmqg8L3N0cm9uZz48L3NwYW4-PC9wPgo8cCBzdHlsZT0mcXVvdDt0ZXh0LWFsaWduOiBjZW50ZXI7JnF1b3Q7PjxzcGFuIHN0eWxlPSZxdW90O2ZvbnQtc2l6ZTogMTguNjY2N3B4OyZxdW90Oz48Yj5XZSBjYW5ub3QgdGFrZSBiYWNrIFRydW1wJ3MgTWFqb3JpdHkgd2l0aG91dCBZT1VSIGlucHV0LiBUYWtlIHRoZSBFbGVjdGlvbiBZZWFyIFBvbGwgbm93ITwvYj48L3NwYW4-PC9wPiIgbmFtZT0iZGVzY3JpcHRpb24iPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1654609275637&aid=a-00r9&se=e30&duid=5fe568a6c8fd--01g4z6bth5k3a5n5571sjvw1jj&tna=v2.3.1&pu=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&wpn=lc-bundle&c=PHRpdGxlPlRha2UgdGhlIEVsZWN0aW9uIFllYXIgUG9sbCE8L3RpdGxlPjxtZXRhIGNvbnRlbnQ9IjxwIHN0eWxlPSZxdW90O3RleHQtYWxpZ246IGNlbnRlcjsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7YmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7Zm9udC1zaXplOiAxNHB0OyBjb2xvcjogIzAwMDAwMDsgYmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHN0cm9uZyBzdHlsZT0mcXVvdDtmb250LWZhbWlseTogYXJpYWwsIGhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxOHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmYzUwOyZxdW90Oz7wn5qoPC9zdHJvbmc-PHN0cm9uZz5TVEFORCBXSVRIIFRSVU1QITwvc3Ryb25nPjwvc3Bhbj48c3Ryb25nIHN0eWxlPSZxdW90O2ZvbnQtZmFtaWx5OiBhcmlhbCwgaGVsdmV0aWNhLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IDE4cHg7IGJhY2tncm91bmQtY29sb3I6ICNmZmZjNTA7JnF1b3Q7PvCfmqg8L3N0cm9uZz48L3NwYW4-PC9wPgo8cCBzdHlsZT0mcXVvdDt0ZXh0LWFsaWduOiBjZW50ZXI7JnF1b3Q7PjxzcGFuIHN0eWxlPSZxdW90O2ZvbnQtc2l6ZTogMTguNjY2N3B4OyZxdW90Oz48Yj5XZSBjYW5ub3QgdGFrZSBiYWNrIFRydW1wJ3MgTWFqb3JpdHkgd2l0aG91dCBZT1VSIGlucHV0LiBUYWtlIHRoZSBFbGVjdGlvbiBZZWFyIFBvbGwgbm93ITwvYj48L3NwYW4-PC9wPiIgbmFtZT0iZGVzY3JpcHRpb24iPg&i6=MjYwMjpmZmM4OjI6MTA0Ojo1&n3pc=true
Request Chain 117
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=1727293915&cv=9&fst=1654609275416&num=1&value=0&label=_VeJCOrpwfcBEMeMlJgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tiba=Take%20the%20Election%20Year%20Poll!&auid=1507843122.1654609275&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=e1WfYpPAHd2MoPMP4_CR-Ao&sscte=1&crd=&eitems=ChEI8O77lAYQgLCbobq_-97zARIdAFrrf-KWJt7qWZWU4qk-fReRiCwQlt9EB2JBako HTTP 302
  • https://www.google.com/pagead/1p-conversion/855967303/?random=1727293915&cv=9&fst=1654609275416&num=1&value=0&label=_VeJCOrpwfcBEMeMlJgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tiba=Take%20the%20Election%20Year%20Poll!&auid=1507843122.1654609275&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=e1WfYpPAHd2MoPMP4_CR-Ao&cid=CAQSKQCNIrLMMevAvBv8Dbjj-75fkkFXBxYz_nd0UPMJp2_LRVtUl4M3nRHH&eitems=ChEI8O77lAYQgLCbobq_-97zARIdAFrrf-J9zOdEDGBFUxfBkLcwrNceN004Ei7xWko&random=1218346313&resp=GooglemKTybQhCsO
Request Chain 123
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1654609275768 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1654308252729%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1654308252729%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1654308252729&pnid=140&pcid=037065db-a48e-4b9f-9cdc-7f7a958e6c4e

169 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request election-year-poll-2x-sm-ar-tst
secure.winred.com/nrsc/
Redirect Chain
  • http://links.magadonors.com/els/v2/7P23sWeZeFb/T3N5R2lvaHVVUWNHUmt4YllFVmpBOFdnYUkrMFlGdEVRNmtORUN3aWN5RURXZHJycEV0cS9DZUZJc2FsTnQyZXJ2UW40SXkzUHdmZU5SN1RWS1FhRXJwdzVFdVdiVmlhdDFyZDFrdjVHNTA9S0/
  • https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurri...
64 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abcd3234804a5623452b29f8ff7dbc4df1f1dcc8c73ae33e06efddb03bf9a68
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7179cddc8b31d153-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-rack-cors
miss; no-origin
x-request-id
80a93be5-0ed6-46ed-8c50-deef570e41c1
x-revv-cache
Hit from Revv
x-runtime
0.028006
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 07 Jun 2022 13:41:14 GMT
content-language
en-US
location
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
server
istio-envoy
x-envoy-upstream-service-time
8
/
js.stripe.com/v3/ 		312 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ccb3d39720a9df27a4b214eb1b18df33070d49ffd57d6c9211a12c0c54832630
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
47
x-cache
HIT
content-length
75013
etag
"8a316502fcc1c7eabe3e4e98806f4a43"
x-request-id
7877cc3d-3e3f-4c5a-8ff9-30a7500cfd0b
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:30:42 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
landing_page-ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3.css
secure.winred.com/assets/ 		218 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/landing_page-ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7882021c146dcae49f5972ca0d5805b784a4f284a0ffe4c9b83e2434084a01
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1680
cf-polished
origSize=226035
last-modified
Sat, 07 May 2022 01:58:19 GMT
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
VNBR1VZRDBE6ZDV2
x-amz-id-2
et/POUvRtlNGCuZEroKhj5NjkkU79jT6OfdqbRBWrADPHMcA3w8XjfM2pw+k3OI94OyA6nMBs4M=
cf-bgj
minify
server
cloudflare
etag
W/"fdd1d398e08d7edc60962d56b79312a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-version-id
SHMO1MpqVwDNpLIuT1UmHd30ZDJuthZf
cf-ray
7179cddd2c10d153-BUF
expires
Tue, 07 Jun 2022 17:41:14 GMT
1652883087.css
secure.winred.com/stylesheets/rv_page_01g3br29xr1pjf9m0kczdm0qh7/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/stylesheets/rv_page_01g3br29xr1pjf9m0kczdm0qh7/1652883087.css
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd82715ba47d037774b6a1f5df9968d06bb665f6ce158be5d34e3911ff86114a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-rack-cors
miss; no-origin
date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=7209
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
76ee80ba-fc3e-4ccd-93f8-2b2019bca069
x-runtime
0.033316
expires
Wed, 07 Jun 2023 19:30:26 GMT
last-modified
Tue, 07 Jun 2022 13:21:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=31556952
cf-ray
7179cddd2c12d153-BUF
cf-bgj
minify
js
maps.googleapis.com/maps/api/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
6fb3331bc23a401c18618f01def58ed20e058fd780a77ff3d32351191226c2c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54912
x-xss-protection
0
expires
Tue, 07 Jun 2022 14:11:14 GMT
application-landing-page-3680daae6754f78a2fff08bed817ff8b1ef50854f0d212397427ab120d50a35b.js
secure.winred.com/assets/ 		622 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/assets/application-landing-page-3680daae6754f78a2fff08bed817ff8b1ef50854f0d212397427ab120d50a35b.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4d1674a36ad8767d051c1cdd2b3662fb3d28ca10243ea71a7f0f5a5a30aacf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6661
cf-polished
origSize=637153
last-modified
Thu, 02 Jun 2022 00:42:05 GMT
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HZGX7FZKPV8849T1
x-amz-id-2
VJKpyZiRruYXHShjiKl2RCGAjgC7/sHLvZOk6H4axZwrH82oLThdicDdor4xnwXxJDZ1JuoxuXM=
cf-bgj
minify
server
cloudflare
etag
W/"d4ce1c3e2fcf6e7df4ac94d925c74ac9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
x-amz-version-id
aM3kWmXDe1Da4ZV.qICtrtzFU5qcRtaC
cf-ray
7179cddd2c13d153-BUF
expires
Tue, 07 Jun 2022 17:41:14 GMT
api.js
secure.winred.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
text/javascript
vary
Accept-Encoding
cache-control
max-age=604800, public
cf-ray
7179cdde0c78d157-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
NRSC_Top_Horizontal-White.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/054/568/large/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/054/568/large/NRSC_Top_Horizontal-White.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2351:be00:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3edd67927202a576956ddf19559f52bf6ba9833e30d2296abc158088289f6112

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
2eUw.cIymawSjg3isPaR.co3Z99rAlg0
via
1.1 087e16218fcf1ccb7472a2c9f6a4cbe2.cloudfront.net (CloudFront)
etag
"0bc78e2da56659207d61290f7795d0e9"
last-modified
Fri, 14 Aug 2020 18:06:05 GMT
server
AmazonS3
age
1415
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 07 Jun 2022 13:23:04 GMT
x-amz-cf-pop
ORD56-P1
accept-ranges
bytes
content-length
7498
x-amz-cf-id
TxTY-HiSxaztGLaK2ehTldsB1C1UJU116OqE5zqeMZNUiYBPeOpdAw==
NRSC_WinRed_ExitIntent_400x200_v1.gif
d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/072/067/original/ 		424 KB
425 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/072/067/original/NRSC_WinRed_ExitIntent_400x200_v1.gif
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2351:be00:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83ee43e52a13b2428e29ef8fa8cbb0c5d3e7aca08cede416b96c737860d1a371

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 06 Jun 2022 15:54:13 GMT
via
1.1 087e16218fcf1ccb7472a2c9f6a4cbe2.cloudfront.net (CloudFront)
last-modified
Sat, 17 Jul 2021 13:07:49 GMT
server
AmazonS3
age
78422
etag
"ce4f6d0df9cc82402df9aba362e86e2c"
x-cache
Hit from cloudfront
x-amz-version-id
0MAGpNZQ7FKe_SDAToQebWkL_vJRdJ8G
x-amz-cf-pop
ORD56-P1
accept-ranges
bytes
content-type
binary/octet-stream
content-length
434052
x-amz-cf-id
-Wvfr3Hk55IE1I7_NBzDewHjFFPPAEi0p8HLgLu23VW8WT3sY4yXIQ==
default-360x250.png
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/012/048/square/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/012/048/square/default-360x250.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2351:be00:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f38456ec82ed63fda4f038cb5f6cf4afcb11b28825242c0b1a1000a6b35bea23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 06 Jun 2022 15:09:11 GMT
via
1.1 087e16218fcf1ccb7472a2c9f6a4cbe2.cloudfront.net (CloudFront)
last-modified
Sat, 17 Jul 2021 18:30:35 GMT
server
AmazonS3
age
81124
etag
"4d1514e7a61275dc48eb6284c6215857"
x-cache
Hit from cloudfront
x-amz-version-id
g3HO94iOuW2BZonuVejzoTFgWKG9BruR
x-amz-cf-pop
ORD56-P1
accept-ranges
bytes
content-type
image/png
content-length
9912
x-amz-cf-id
rD0g6bej728FgfWxGR-qLdaceLvXUCQz_R680Svny6DPuCVYsLb9cQ==
win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
S49XMK0F4TJ53G65
cf-polished
origFmt=png, origSize=11635
cf-ray
7179cdde7dd6d157-BUF
content-disposition
inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8708
x-amz-id-2
NgoEeC5KXyAbCzlPa5EQiWjJ3ZJFcRMYuOWGa2J8eF6KeWUClGiM2yPEj2+0OywbHxSJKaKUdf0=
expires
Tue, 07 Jun 2022 17:41:14 GMT
last-modified
Thu, 19 May 2022 03:11:49 GMT
server
cloudflare
etag
"972c0cca8d1e490484e89513f902e847"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
x-amz-version-id
kwbD2z2dCua5OuGmmr78127xogtprzZn
vary
Accept
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1677
content-type
image/svg+xml
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BCXEDH087MVBQGGW
x-amz-id-2
WuaW2NQGbgbAdARWE5oBPqbUENJp7Rl8QA9b/dEzkmdHJVrEPJb2BjcTqbZnCrohMUSZqcuvwHQ=
last-modified
Sun, 01 Aug 2021 04:38:40 GMT
server
cloudflare
etag
W/"d31530d4186af669daf4f47099614593"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Mx.E1m3nz1bm4vsF8Q.JawodiIk.JRm8
cache-control
public, max-age=14400
cf-ray
7179cdde7dd8d157-BUF
expires
Tue, 07 Jun 2022 17:41:14 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://secure.winred.com/
Origin
https://secure.winred.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7179cddebe0ed157-BUF
gtm.js
www.googletagmanager.com/ 		300 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d635882d5a419679c8bf84a532e0ed76b133dd58d371db5c5ab92aa33ed4f93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67758
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jun 2022 13:41:14 GMT
gtm.js
www.googletagmanager.com/ 		245 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bfad16988b8dfda18e1b122ef8769b030bb30ff3fc1829e67840f21f6b6ffc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82852
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jun 2022 13:41:14 GMT
Trump-Wave-LP-01.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/014/876/large/ 		256 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/014/876/large/Trump-Wave-LP-01.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01g3br29xr1pjf9m0kczdm0qh7/1652883087.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2351:be00:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3a1cb2a525d305f417304ff7f1801ffe7f66a249c3413b7dd91b83e47c4db01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
l5CG95yxks5JTFqIAuBlOrMLwCHq7Hi9
via
1.1 087e16218fcf1ccb7472a2c9f6a4cbe2.cloudfront.net (CloudFront)
etag
"a59fa7346e656ae72adbf074740ee398"
last-modified
Sat, 17 Jul 2021 23:03:35 GMT
server
AmazonS3
age
74331
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Mon, 06 Jun 2022 17:02:24 GMT
x-amz-cf-pop
ORD56-P1
accept-ranges
bytes
content-length
261931
x-amz-cf-id
sm63lty1OffUcx6jq8SDZ7m7VbpOkke7lEYVNu01LGJxto-PO4DG1Q==
icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ 		290 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.winred.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/landing_page-ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/assets/landing_page-ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
73Z6VN5XHJ4VPY94
cf-polished
origFmt=png, origSize=560
cf-ray
7179cddece4cd157-BUF
content-disposition
inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
290
x-amz-id-2
OQPqvcNfXkEp25SHhqxTUmotwWjX2Y7bB8Z6gIhchN3jvg1N82mNkqyxZeAzfsG63gL4zAHJPas=
expires
Tue, 07 Jun 2022 17:41:14 GMT
last-modified
Thu, 19 May 2022 03:11:46 GMT
server
cloudflare
etag
"571ee659b7ee9af9291e7dd8176721d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
x-amz-version-id
sJ0zl_ASytKyHXNCqB42_dFRzUOwx1G7
vary
Accept
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://secure.winred.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
m-outer-588e554a3732f54c5145b955ae4f335e.html
js.stripe.com/v3/ Frame 58E9 		240 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-588e554a3732f54c5145b955ae4f335e.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
079a0a04f46f7a576d7e85c8be838778a8b645f031800a1aeb48a8a50e4a30c2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
496578
cache-control
max-age=31536000
content-encoding
br
content-length
140
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:14 GMT
etag
"588e554a3732f54c5145b955ae4f335e"
last-modified
Wed, 01 Jun 2022 19:43:42 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
217614
x-content-type-options
nosniff
x-request-id
fa3d0709-1d91-4f25-bb0a-ef622dd0ce35
x-served-by
cache-ewr18131-EWR
controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
js.stripe.com/v3/ Frame 9A54 		349 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
81a5c7a6778664ba209af76fe9a3a23a71f3423252330b8f5a0cb76aa27c1d6e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
59
cache-control
max-age=60
content-encoding
br
content-length
167
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:14 GMT
etag
"b4ba408f65a8c26f88d3b7d0b69cc63a"
last-modified
Mon, 06 Jun 2022 20:29:43 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
23
x-content-type-options
nosniff
x-request-id
15d2403d-b4af-43f2-babf-8af8e056cdd9
x-served-by
cache-ewr18131-EWR
elements-inner-card-40bf25549f04634142f0e3e221847795.html
js.stripe.com/v3/ Frame 2590 		807 B
746 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
904046ada6c3530723b6ddfda136b840de8e9ecb7c6e3a765cdc206875e0ba25
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61777
cache-control
max-age=31536000
content-encoding
br
content-length
308
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:14 GMT
etag
"40bf25549f04634142f0e3e221847795"
last-modified
Mon, 06 Jun 2022 20:29:14 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2847
x-content-type-options
nosniff
x-request-id
3b188626-9dc9-483f-ae24-2ed31443649f
x-served-by
cache-ewr18131-EWR
current_with_info
app.winred.com/api/v3/users/ 		162 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.winred.com/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-3680daae6754f78a2fff08bed817ff8b1ef50854f0d212397427ab120d50a35b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dab3910216c7bb926e671fadef6a762b798a628057f7950c10c36df0baf8d3a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.winred.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin
https://secure.winred.com
date
Tue, 07 Jun 2022 13:41:14 GMT
x-rack-cors-original-access-control-max-age
0
x-rack-cors-original-access-control-allow-credentials
true
cf-cache-status
DYNAMIC
x-rack-cors-original-access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
0
x-rack-cors-original-access-control-expose-headers
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
2f4bd86d-00f1-4dd9-a410-9d4f7e773f14
x-runtime
0.009001
server
cloudflare
etag
W/"9dab3910216c7bb926e671fadef6a762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.api+json
access-control-allow-origin
https://secure.winred.com
vary
Origin
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7179cddfd83ad153-BUF
x-rack-cors
hit
x-content-type-options
nosniff
access-control-expose-headers
controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
js.stripe.com/v3/ Frame 549D 		349 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
81a5c7a6778664ba209af76fe9a3a23a71f3423252330b8f5a0cb76aa27c1d6e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
59
cache-control
max-age=60
content-encoding
br
content-length
167
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:14 GMT
etag
"b4ba408f65a8c26f88d3b7d0b69cc63a"
last-modified
Mon, 06 Jun 2022 20:29:43 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
24
x-content-type-options
nosniff
x-request-id
07815bb0-1b90-43a8-be2e-3c35eb8dda2b
x-served-by
cache-ewr18131-EWR
payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
js.stripe.com/v3/ Frame 771D 		434 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7fa97df4138ce391cd96fdb129d551a1ec7e5c82a70eb489859978840322c69b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
37
cache-control
max-age=60
content-encoding
br
content-length
197
content-security-policy
default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:14 GMT
etag
"4bfd4dee77c010ec4c2038d350162b25"
last-modified
Mon, 06 Jun 2022 20:29:15 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
4
x-content-type-options
nosniff
x-request-id
4a57b787-e8ff-49aa-bc16-de2c4151cc71
x-served-by
cache-ewr18131-EWR
payment-request-inner-browser-8f96ab970a9675e550fc1b51dd888929.html
js.stripe.com/v3/ Frame 8450 		370 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-8f96ab970a9675e550fc1b51dd888929.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0c3bed872e370b7e8227192bca7e37e5468629202f139485d50d5855ffc2c304
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26
cache-control
max-age=60
content-encoding
br
content-length
177
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:14 GMT
etag
"8f96ab970a9675e550fc1b51dd888929"
last-modified
Mon, 06 Jun 2022 20:29:43 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-content-type-options
nosniff
x-request-id
de0e1276-3fa0-49a5-b16b-afb1b1e4312c
x-served-by
cache-ewr18131-EWR
csp-report
q.stripe.com/ Frame 58E9 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 9A54 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2590 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
11
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 549D 		0
572 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
288
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 771D 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8450 		0
572 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
288
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-a2bf84db055994524227b9819d1c5b06.js
js.stripe.com/v3/fingerprinted/js/ Frame 58E9 		1 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a2bf84db055994524227b9819d1c5b06.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-588e554a3732f54c5145b955ae4f335e.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
60f9cdffa54b3516f9dd33888dd028cd28dc363e562d305bc291660cd5da2ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-588e554a3732f54c5145b955ae4f335e.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
31
x-cache
HIT
content-length
671
etag
"f8f64b5dfcb745dea9887f0f79421f26"
x-request-id
59cef0aa-c002-45c5-972f-6b2798566c7d
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Wed, 01 Jun 2022 19:43:19 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
52
shared-dae2430dd6ad089f13585acdfe9f3412.js
js.stripe.com/v3/fingerprinted/js/ Frame 9A54 		215 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dd50978e3070b9eeb79b3e53c35c38178927e7da19b175d984c1b8a31946f4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
18
x-cache
HIT
content-length
55011
etag
"7e82e5899b48443725ba559890512925"
x-request-id
f1e20f64-9853-47fd-95cc-bc6753ca7ddd
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:19 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
controller-b7258249218c5c28737a5888794f95cc.js
js.stripe.com/v3/fingerprinted/js/ Frame 9A54 		389 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-b7258249218c5c28737a5888794f95cc.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4574da0e7384e54417d62212c8bbf08920a2a891a6166b192362e2e73bcdfe4e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
6
x-cache
HIT
content-length
97639
etag
"65cd82569e0278aef56ac505f3a38143"
x-request-id
82edaa1c-32e4-4588-b8b2-f7e1e5dd6a7d
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:24 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
ui-shared-2304e57f3b840222ab088f6d7c06903e.css
js.stripe.com/v3/fingerprinted/css/ Frame 2590 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-2304e57f3b840222ab088f6d7c06903e.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e8363621702202acbb66b2915ac0ba46ee9c720b33aa6e81c1350e23a0a4c367
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
59
x-cache
HIT
content-length
2679
etag
"c69451a0a6500eccf19f163bae889ff6"
x-request-id
89d90b03-4633-4564-8e9d-0b8886f4936e
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Tue, 24 May 2022 17:32:22 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 2590 		5 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
27
x-cache
HIT
content-length
893
etag
"0de3030d19b9e3517790795cb6ccc87d"
x-request-id
57ad5b29-cd65-441d-a20a-650184d0f372
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Tue, 08 Mar 2022 20:28:40 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
shared-dae2430dd6ad089f13585acdfe9f3412.js
js.stripe.com/v3/fingerprinted/js/ Frame 2590 		215 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dd50978e3070b9eeb79b3e53c35c38178927e7da19b175d984c1b8a31946f4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
18
x-cache
HIT
content-length
55011
etag
"7e82e5899b48443725ba559890512925"
x-request-id
98a7cddf-1132-40ae-859e-d62b0776e046
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:19 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
ui-shared-625c2caf206549e2844ab86799d8a374.js
js.stripe.com/v3/fingerprinted/js/ Frame 2590 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-625c2caf206549e2844ab86799d8a374.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
562a1d89258bc9a8fd005063a1f80aae81700c0b1554f9ea81b1eacc970a7de6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
17
x-cache
HIT
content-length
62232
etag
"6b7d60addebe8ce85ce8cbab8ca3f21f"
x-request-id
f2fb24de-7859-4302-92a8-46ca394422ea
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:23 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
elements-inner-card-06caa3222e140ddb232cf3ee77f39a10.js
js.stripe.com/v3/fingerprinted/js/ Frame 2590 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-06caa3222e140ddb232cf3ee77f39a10.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d868a102fd2d618e0256df919f7d1b3d30399c80daf85315f3c6556c590cb3dc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
5
x-cache
HIT
content-length
11764
etag
"05cd30162420f4bd1b5b883c7d58d160"
x-request-id
ce533535-7c1e-4c5d-9efb-0daa65936944
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Fri, 03 Jun 2022 20:28:36 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
shared-dae2430dd6ad089f13585acdfe9f3412.js
js.stripe.com/v3/fingerprinted/js/ Frame 549D 		215 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dd50978e3070b9eeb79b3e53c35c38178927e7da19b175d984c1b8a31946f4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
18
x-cache
HIT
content-length
55011
etag
"7e82e5899b48443725ba559890512925"
x-request-id
42115388-2859-43b5-860a-be1fb9ccf558
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:19 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
controller-b7258249218c5c28737a5888794f95cc.js
js.stripe.com/v3/fingerprinted/js/ Frame 549D 		389 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-b7258249218c5c28737a5888794f95cc.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4574da0e7384e54417d62212c8bbf08920a2a891a6166b192362e2e73bcdfe4e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-b4ba408f65a8c26f88d3b7d0b69cc63a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
6
x-cache
HIT
content-length
97639
etag
"65cd82569e0278aef56ac505f3a38143"
x-request-id
1d5ed416-1d55-48a4-ad85-b7c7aa69fcae
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:24 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
pay.js
pay.google.com/gp/p/js/ Frame 771D 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04e84921e6e976280e3e76c27ae42071b5140e57e20c4176996e4b50fdd72022
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lui-aLd14yXh-S4y3F_JdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-lui-aLd14yXh-S4y3F_JdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-lui-aLd14yXh-S4y3F_JdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-lui-aLd14yXh-S4y3F_JdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Tue, 07 Jun 2022 13:41:15 GMT
shared-dae2430dd6ad089f13585acdfe9f3412.js
js.stripe.com/v3/fingerprinted/js/ Frame 771D 		215 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dd50978e3070b9eeb79b3e53c35c38178927e7da19b175d984c1b8a31946f4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
18
x-cache
HIT
content-length
55011
etag
"7e82e5899b48443725ba559890512925"
x-request-id
ba596ea5-738a-4cfa-bcbc-afef03cc30a1
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:19 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
payment-request-inner-google-pay-7d7e2b0339b6168c8a5d5fe5336ca706.js
js.stripe.com/v3/fingerprinted/js/ Frame 771D 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-7d7e2b0339b6168c8a5d5fe5336ca706.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
baca64b4367b39b5e035acd77c84e36569a4c1b398ed3c00e4b3cf21743580ad
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-4bfd4dee77c010ec4c2038d350162b25.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
24
x-cache
HIT
content-length
4392
etag
"4bab72ca5fef2ffa04c499cc33e5bcd4"
x-request-id
f46d3f08-650a-4cab-9767-18e29bedd097
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Wed, 01 Jun 2022 19:43:21 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
shared-dae2430dd6ad089f13585acdfe9f3412.js
js.stripe.com/v3/fingerprinted/js/ Frame 8450 		215 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-8f96ab970a9675e550fc1b51dd888929.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dd50978e3070b9eeb79b3e53c35c38178927e7da19b175d984c1b8a31946f4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-8f96ab970a9675e550fc1b51dd888929.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
18
x-cache
HIT
content-length
55011
etag
"7e82e5899b48443725ba559890512925"
x-request-id
f327e8e3-8cd2-40e3-9c90-c28f190b8db1
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:19 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
payment-request-inner-browser-70c82f40371e49acd97137a618e46205.js
js.stripe.com/v3/fingerprinted/js/ Frame 8450 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-70c82f40371e49acd97137a618e46205.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-8f96ab970a9675e550fc1b51dd888929.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a8362e52a31903241d8763d701d813a261624335ea29a8c83a5c469b443eeeda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-8f96ab970a9675e550fc1b51dd888929.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
24
x-cache
HIT
content-length
4091
etag
"d734d52d12d9a5b5b65b128c2fa030e6"
x-request-id
20b5cdfa-4e63-45cf-885d-61c583351300
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Fri, 03 Jun 2022 20:28:38 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3095
date
Tue, 07 Jun 2022 12:49:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Jun 2022 14:49:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
15d0496d60d7ca591b1b904291d2437c15d9d527cceb4efee3ccd70efd7441b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15004
x-xss-protection
0
server
cafe
etag
9907665835789967655
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 13:41:15 GMT
uwt.js
static.ads-twitter.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 20:01:41 GMT
etag
"37e15fed72b47b0100cbd5c7aaa9d3a0+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14634
x-served-by
cache-iad-kcgs7200149-IAD
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 263E0143E2E94872B112110E68813302 Ref B: EWR311000101029 Ref C: 2022-06-07T13:41:15Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 07 Jun 2022 13:41:14 GMT
accept-ranges
bytes
content-length
11333
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:41:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 12:30:38 GMT
Server
AkamaiNetStorage
ETag
"23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Tue, 07 Jun 2022 14:01:15 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1409910/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1409910/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
267ed9191dc8ef5ad9eb2ea7fdd302aeededcb0451c057d24e22fa8898b02c3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
s2wv1FL38E8wYD7AeiJE3D.1pIzLdsob
content-encoding
gzip
etag
"0ec6a9d378e9014471313c23123510cb"
age
68
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17378
x-amz-id-2
GXqB3wySWbKo5eAkmq0MeP8Cd8TVO+z87PAg3iJKPfOLY+zDROaYzzuB2PJqpQRaOzCJxuwzNxI=
x-served-by
cache-ewr18128-EWR
last-modified
Sun, 05 Jun 2022 11:16:02 GMT
server
AmazonS3
x-timer
S1654609275.103655,VS0,VE1
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
x-amz-request-id
CM25S63BKWS6ZF18
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
44
x-cache-hits
1
scevent.min.js
sc-static.net/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.126.241 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-126-241.ord56.r.cloudfront.net
Software
CloudFront /
Resource Hash
78cd5328984e6258bf179f87054b6aaedb0956ef21f9382fc044d19ac1f079cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
ORD56-P3
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7289
via
1.1 1a713b47fe9d05824094426fde008b1e.cloudfront.net (CloudFront)
x-amz-cf-id
ckXRzwEEANBSZjUP6ybLFM9TF886TIzEEBb12OVob6v5_pnLxLKxNA==
a-00r9.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-00r9.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:234f:c400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d0b8b3174365fda9ffe49fca40b12cc3cdc186a5451cc583b8fb80ccc4922556

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 11:43:30 GMT
via
1.1 192228dcba44aa7310059d7f976fd506.cloudfront.net (CloudFront)
age
7065
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
ORD56-P3
content-encoding
gzip
x-amz-cf-id
rjPnoHVYfeQXZVfgFFPS6VRkoEXbal0hNM7jzjN-5WHz1aIxl8pQ9w==
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
FREG9VXGV7CJQE2B
x-amz-id-2
JzEmHfwn2nFPBfbP8bHagQj2uYhNUs5TKpPhm+n7u3Zi75eEZ68xejsqGS0PF9Il/fcEUF0QoSM=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
HcEWMmQCdvbfUh6OWRK4mWRm7u9Q6b5jyErX/buY58uXeIMn2a+FfedvuM7CLsi1ERO3sRK6iZMDodTPoqbY6w==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 07 Jun 2022 13:41:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixie.js
acdn.adnxs.com/dmp/up/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:41:15 GMT
Content-Encoding
gzip
Age
28028
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21982-LGA, cache-ewr18143-EWR
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1654609275.158304,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 2719
main.js
rtxpx-a.akamaihd.net/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtxpx-a.akamaihd.net/main.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:82b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cd6e55f30592f2d07f9d038d85872e5d4fe5b079c86cadf29a3776694593d7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:41:15 GMT
Content-Encoding
gzip
x-amz-request-id
D7F288384DD2413B
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
30922
x-amz-id-2
efxhD5lxtdA+bj0wH4T6QZ66krnFumsZtQJ3kss04lMOYqJBa5h8HlBN65JkkMfDE+n9k29Rc/c=
Pragma
no-cache
Last-Modified
Thu, 28 Jan 2021 21:02:34 GMT
Server
AmazonS3
ETag
"0e00eda4d7973d0a511ce8aae95bef1c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Tue, 07 Jun 2022 13:41:15 GMT
load.js
s.ntv.io/serve/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.163 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0d7c1fa48c90d365563ca650d93c91309617d666e5645d08e3dd86577a7432c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:41:15 GMT
Content-Encoding
gzip
x-amz-request-id
2VAEN7FQJF39HWS0
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
VwU5Rz4qFn7by9kjvrlcN+bXVxGT4305DuaAod0nGSMTpp2/4VY5xtREeLeMiRDCXKLLsqOL9s0=
Last-Modified
Thu, 02 Jun 2022 19:34:27 GMT
Server
AmazonS3
ETag
"44bba9b48c58072234c27d7a7754e088"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rt.gif
jadserve.postrelease.com/ 		43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/rt.gif?ntv_tg=16bfbe43c9c5407f9a7961f266beb03b&ord=[cache_buster]
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.111.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-111-138.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
inner.html
m.stripe.network/ Frame 7611 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a2bf84db055994524227b9819d1c5b06.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
198
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:15 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
271
x-content-type-options
nosniff
x-request-id
e40bfd20-92db-4304-a3cd-88d958c9b0d8
x-served-by
cache-ewr18131-EWR
x-timer
S1654609275.109767,VS0,VE0
result
secure.winred.com/cdn-cgi/bm/cv/ 		0
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/bm/cv/result?req_id=7179cddc8b31d153
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
date
Tue, 07 Jun 2022 13:41:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cf-ray
7179cde148d1d157-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
csp-report
q.stripe.com/ Frame 7611 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
collect
stats.g.doubleclick.net/j/ 		2 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73658561-7&cid=887825824.1654609275&jid=1492838585&gjid=1352595079&_gid=1092475362.1654609275&_u=YGBAiEABBAAAAE~&z=1573960619
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 07 Jun 2022 13:41:15 GMT
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1272025980&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&ul=en-us&de=UTF-8&dt=Take%20the%20Election%20Year%20Poll!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=1492838585&gjid=1352595079&cid=887825824.1654609275&tid=UA-73658561-7&_gid=1092475362.1654609275&gtm=2wg660NTQZ9N&cd61=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&z=1379654086
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 18:58:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67388
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1272025980&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&ul=en-us&de=UTF-8&dt=Take%20the%20Election%20Year%20Poll!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YGDAiEABBAAAAE~&jid=&gjid=&cid=887825824.1654609275&tid=UA-73658561-7&_gid=1092475362.1654609275&gtm=2wg660NTQZ9N&cd41=anonymous&cd58=t&cd61=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&z=1840776533
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 18:58:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67388
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
payframe
pay.google.com/gp/p/ui/ Frame 9D69 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb6166b0e0d3ab63a82ed49571245300e7693e27d5acb77808424bb1ae70b327
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yb6WjYrGliTQ384cO0B2aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-yb6WjYrGliTQ384cO0B2aw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yb6WjYrGliTQ384cO0B2aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-yb6WjYrGliTQ384cO0B2aw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 07 Jun 2022 13:41:15 GMT
expires
Tue, 07 Jun 2022 13:41:15 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
countryRanges-2362ae52e66bb2e80a8043e5add253fa.json
js.stripe.com/v3/fingerprinted/data/ Frame 2590 		143 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/countryRanges-2362ae52e66bb2e80a8043e5add253fa.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6de48c97b08bca88630c7a68fe36fe18a43010ed4d33add156a505fb84176694
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-40bf25549f04634142f0e3e221847795.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
50
x-cache
HIT
content-length
36469
etag
"2362ae52e66bb2e80a8043e5add253fa"
x-request-id
28b5e1a0-f30e-4e62-8da4-a4d1a47da110
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Tue, 22 Mar 2022 15:32:36 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
content-type
application/json
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
json
trc.taboola.com/1409910/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1409910/trc/3/json?tim=1654609275370&data=%7B%22id%22%3A639%2C%22ii%22%3A%22%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1654609275360%2C%22cv%22%3A%2220220602-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnrsc-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1654609275369%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A24%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1409910/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e016af58cb21d6c7dc2ec7a6e0670d9542e8fa19e8b5648b9defaa9e8cd41fd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1654609275.396948,VS0,VE18
x-served-by
cache-ewr18128-EWR
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
out-4.5.42.js
m.stripe.network/ Frame 7611 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
102
x-cache
HIT
content-length
16031
x-request-id
4a83aafb-f911-455d-b864-d799e0b19fd7
x-served-by
cache-ewr18131-EWR
server
Fastly
x-timer
S1654609275.399014,VS0,VE0
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
153
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00a57e16539986d0eda5fcb3cdf025defc
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
X-TraceId
86d9d9d5f1c6b7b60944210da650fb5b
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00a57e16539986d0eda5fcb3cdf025defc&obApiVersion=1.0-gtm&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&optOut=false&bust=05720021126129786
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:41:15 GMT
Cache-Control
no-cache
X-TraceId
4aefbcf57187db6438050dc8359a7ebe
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
10099393.json
s.yimg.com/wi/config/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10099393.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:38:54 GMT
x-content-type-options
nosniff
age
141
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
G2N0NPXFXYBFKD7F
x-amz-id-2
XM32TRHU3VaMmOhe73hqwkvEsr1+lXKNQEQfF+Vfxn7aFWgi4KyNmU2D6dSeNX9b+0OnJFRsZlA=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
726955087976350
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/726955087976350?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4e4cfe72e96cb6a9664fc91729ce1c0e26cae66d297bf36bc21ab994de19e87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89196
x-xss-protection
0
pragma
public
x-fb-debug
QE2W/wyg24upZL1Iioph+2D7hIZK0E8MWMukM8ErTVMw5kXr5hEV3sDs034xJrIhWV8wBntjP7m8/+TY6xt/gg==
x-frame-options
DENY
date
Tue, 07 Jun 2022 13:41:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/?random=1654609275413&cv=9&fst=1654609275413&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tiba=Take%20the%20Election%20Year%20Poll!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1eefb105e50feccd11b072f5c0e5654c78fbc630b516b8498764a0207a9c0d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1113
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/855967303/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/855967303/?random=1654609275416&cv=9&fst=1654609275416&num=1&value=0&label=_VeJCOrpwfcBEMeMlJgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tiba=Take%20the%20Election%20Year%20Poll!&auid=1507843122.1654609275&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
6044eba5f333196e668cfc0a5b5cba4b6bf86375d034ccd65d25c8a8e682c0da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=o09rg&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=76c2f41c-02b7-4fe7-b6a1-aed581ae0cc4
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
6
date
Tue, 07 Jun 2022 13:41:15 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
cccf2221fcc4475c028c7535e64cfbce9f3dd5471baf6448321b411b43b1b8b5
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=o09rg&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=76c2f41c-02b7-4fe7-b6a1-aed581ae0cc4
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
6
date
Tue, 07 Jun 2022 13:41:15 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
feb928032ed55daf8b5d854a6f5efab5459a371639d6a0489f03cb76867b5178
content-length
43
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73658561-7&cid=887825824.1654609275&jid=1492838585&_u=YGBAiEABBAAAAE~&z=660469325
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
ib.adnxs.com/ 		42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=26e1b8dd-a273-4727-b1c1-de9229a26953&it=1654609275445&v=0.0.20&u=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&st=1654609275445&et=1654609275446&if=0
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.210 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:41:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
96.9.246.195; 96.9.246.195; 805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 9D69 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
5576699.js
bat.bing.com/p/action/ 		0
120 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5576699.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 48E517D4086842DC95BCE97EE550398C Ref B: EWR311000101029 Ref C: 2022-06-07T13:41:15Z
date
Tue, 07 Jun 2022 13:41:14 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5576699&tm=gtm002&Ver=2&mid=888907e2-5ec5-40bc-aac6-4ba63fb994e9&sid=809165d0e66711ec903a7f09a31ccc3a&vid=80918680e66711eca4f1b114d70df8b7&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Take%20the%20Election%20Year%20Poll!&p=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&r=&lt=909&evt=pageLoad&msclkid=N&sv=1&rn=128097
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 982B7CED4A264D628E02B9E935ACC531 Ref B: EWR311000101029 Ref C: 2022-06-07T13:41:15Z
date
Tue, 07 Jun 2022 13:41:14 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
tr.snapchat.com/ 		126 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=db23cbdb-20db-44d4-b6a5-07bc2f403227
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
9208e589d3cc80625d7079666fd3ce55f9b36069b682b6627ad13fb512a5f455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://secure.winred.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google, 1.1 google
is_enabled
tr.snapchat.com/collector/ 		63 B
150 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=db23cbdb-20db-44d4-b6a5-07bc2f403227&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
05bbb4daaa2e71f99f97ec373b6c27ce1a99bed86495d34ca5513821bce07f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://secure.winred.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google, 1.1 google
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
id
stickyid-a.akamaihd.net/
Redirect Chain
  • https://stickyid-a.akamaihd.net/id?o=https%3A%2F%2Fsecure.winred.com
  • https://stickyid-a.akamaihd.net/id?cc=1&o=https%3A%2F%2Fsecure.winred.com
90 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stickyid-a.akamaihd.net/id?cc=1&o=https%3A%2F%2Fsecure.winred.com
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3-Q050
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2e974a500bb90b2ca201b2c679d559021a8770e55fa80b62c3ed6d4fed7b4058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
server
AkamaiNetStorage
etag
"d2715d34e10e5a9f3692d96bd0fbb282:1592835897"
quic-version
Q050
p3p
CP="We do not have a P3P policy."
access-control-allow-origin
https://secure.winred.com
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
90
expires
Tue, 07 Jun 2022 13:41:15 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 13:41:15 GMT
Server
AkamaiNetStorage
ETag
"d2715d34e10e5a9f3692d96bd0fbb282:1592835897"
Location
/id?cc=1&o=https%3A%2F%2Fsecure.winred.com
P3P
CP="We do not have a P3P policy."
Access-Control-Allow-Origin
https://secure.winred.com
Cache-Control
max-age=0, no-cache, no-store, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
154
Expires
Tue, 07 Jun 2022 13:41:15 GMT
t
jadserve.postrelease.com/ 		115 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.111.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-111-138.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
122
expires
Mon, 1 Jan 1990 12:00:00 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh17... Frame 9D69 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5691f424cc1ed0898b2c90c9b245c404b99b9108309766810a18282eaebc90f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54136
x-xss-protection
0
last-modified
Sun, 05 Jun 2022 01:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 16:12:40 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2007%20Jun%202022%2013%3A41%3A15%20GMT&n=0&b=Take%20the%20Election%20Year%20Poll!&.yp=10099393&f=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&enc=UTF-8&yv=1.12.0&tagmgr=gtm
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Tue, 07 Jun 2022 13:41:15 GMT
i
tr.snapchat.com/cm/ Frame BB4F 		672 B
605 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=db23cbdb-20db-44d4-b6a5-07bc2f403227
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
gzip
content-type
text/html
date
Tue, 07 Jun 2022 13:41:15 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
10
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
p
tr.snapchat.com/ 		68 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?trackId=fc6a864e-709f-4c6f-89ae-9fe39946232f&pid=db23cbdb-20db-44d4-b6a5-07bc2f403227&ev=PAGE_VIEW&pl=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&ts=1654609275553&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=1505&m_rd=1614&m_pi=779&m_ic=0&u_c1=8571df1c-a2bb-49cd-b990-e10d7b2621f4
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
via
1.1 google, 1.1 google
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1409910/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
784
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
fyktYwwLkUsXlRkyUu2P9Rcv8yNtMvba+ENZsruFdgSi2jAsn7KD+VNqR3/NcLX4HKLAVuF3fB0=
x-served-by
cache-ewr18128-EWR
last-modified
Tue, 05 Apr 2022 10:34:30 GMT
server
AmazonS3
x-timer
S1654609276.648254,VS0,VE0
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
x-amz-request-id
YTZW9KQ23FYSGPR1
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
47
x-cache-hits
2453
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1654609275637&aid=a-00r9&se=e30&duid=5fe568a6c8fd--01g4z6bth5k3a5n5571sjvw1jj&tna=v2.3.1&pu=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3F...
  • https://rp4.liadm.com/j?dtstmp=1654609275637&aid=a-00r9&se=e30&duid=5fe568a6c8fd--01g4z6bth5k3a5n5571sjvw1jj&tna=v2.3.1&pu=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3...
13 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1654609275637&aid=a-00r9&se=e30&duid=5fe568a6c8fd--01g4z6bth5k3a5n5571sjvw1jj&tna=v2.3.1&pu=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&wpn=lc-bundle&c=PHRpdGxlPlRha2UgdGhlIEVsZWN0aW9uIFllYXIgUG9sbCE8L3RpdGxlPjxtZXRhIGNvbnRlbnQ9IjxwIHN0eWxlPSZxdW90O3RleHQtYWxpZ246IGNlbnRlcjsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7YmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7Zm9udC1zaXplOiAxNHB0OyBjb2xvcjogIzAwMDAwMDsgYmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHN0cm9uZyBzdHlsZT0mcXVvdDtmb250LWZhbWlseTogYXJpYWwsIGhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxOHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmYzUwOyZxdW90Oz7wn5qoPC9zdHJvbmc-PHN0cm9uZz5TVEFORCBXSVRIIFRSVU1QITwvc3Ryb25nPjwvc3Bhbj48c3Ryb25nIHN0eWxlPSZxdW90O2ZvbnQtZmFtaWx5OiBhcmlhbCwgaGVsdmV0aWNhLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IDE4cHg7IGJhY2tncm91bmQtY29sb3I6ICNmZmZjNTA7JnF1b3Q7PvCfmqg8L3N0cm9uZz48L3NwYW4-PC9wPgo8cCBzdHlsZT0mcXVvdDt0ZXh0LWFsaWduOiBjZW50ZXI7JnF1b3Q7PjxzcGFuIHN0eWxlPSZxdW90O2ZvbnQtc2l6ZTogMTguNjY2N3B4OyZxdW90Oz48Yj5XZSBjYW5ub3QgdGFrZSBiYWNrIFRydW1wJ3MgTWFqb3JpdHkgd2l0aG91dCBZT1VSIGlucHV0LiBUYWtlIHRoZSBFbGVjdGlvbiBZZWFyIFBvbGwgbm93ITwvYj48L3NwYW4-PC9wPiIgbmFtZT0iZGVzY3JpcHRpb24iPg&i6=MjYwMjpmZmM4OjI6MTA0Ojo1&n3pc=true
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Server
52.2.2.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-2-162.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-pixel-event-id
9bb64fdb-9de5-4779-b6f9-b62603f76151
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
8a3fc1b3d5f442ba
request-time
1
content-length
13
x-content-type-options
nosniff

Redirect headers

date
Tue, 07 Jun 2022 13:41:15 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1654609275637&aid=a-00r9&se=e30&duid=5fe568a6c8fd--01g4z6bth5k3a5n5571sjvw1jj&tna=v2.3.1&pu=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&wpn=lc-bundle&c=PHRpdGxlPlRha2UgdGhlIEVsZWN0aW9uIFllYXIgUG9sbCE8L3RpdGxlPjxtZXRhIGNvbnRlbnQ9IjxwIHN0eWxlPSZxdW90O3RleHQtYWxpZ246IGNlbnRlcjsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7YmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHNwYW4gc3R5bGU9JnF1b3Q7Zm9udC1zaXplOiAxNHB0OyBjb2xvcjogIzAwMDAwMDsgYmFja2dyb3VuZC1jb2xvcjogI2ZmZmM1MDsmcXVvdDs-PHN0cm9uZyBzdHlsZT0mcXVvdDtmb250LWZhbWlseTogYXJpYWwsIGhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxOHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmYzUwOyZxdW90Oz7wn5qoPC9zdHJvbmc-PHN0cm9uZz5TVEFORCBXSVRIIFRSVU1QITwvc3Ryb25nPjwvc3Bhbj48c3Ryb25nIHN0eWxlPSZxdW90O2ZvbnQtZmFtaWx5OiBhcmlhbCwgaGVsdmV0aWNhLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IDE4cHg7IGJhY2tncm91bmQtY29sb3I6ICNmZmZjNTA7JnF1b3Q7PvCfmqg8L3N0cm9uZz48L3NwYW4-PC9wPgo8cCBzdHlsZT0mcXVvdDt0ZXh0LWFsaWduOiBjZW50ZXI7JnF1b3Q7PjxzcGFuIHN0eWxlPSZxdW90O2ZvbnQtc2l6ZTogMTguNjY2N3B4OyZxdW90Oz48Yj5XZSBjYW5ub3QgdGFrZSBiYWNrIFRydW1wJ3MgTWFqb3JpdHkgd2l0aG91dCBZT1VSIGlucHV0LiBUYWtlIHRoZSBFbGVjdGlvbiBZZWFyIFBvbGwgbm93ITwvYj48L3NwYW4-PC9wPiIgbmFtZT0iZGVzY3JpcHRpb24iPg&i6=MjYwMjpmZmM4OjI6MTA0Ojo1&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://secure.winred.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
1629c32dede8e2c9
request-time
0
content-length
0
x-content-type-options
nosniff
/
www.google.com/pagead/1p-user-list/863113746/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/863113746/?random=1654609275413&cv=9&fst=1654606800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tiba=Take%20the%20Election%20Year%20Poll!&async=1&fmt=3&is_vtc=1&random=939459829&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=726955087976350&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&rl=&if=false&ts=1654609275667&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22432355648185493%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222915042018814936%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22285609139649075%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%223536133729846044%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1654609275665.1614221174&it=1654609275409&coo=false&exp=p1&rqm=GET
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 07 Jun 2022 13:41:15 GMT
/
www.google.com/pagead/1p-conversion/855967303/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=1727293915&cv=9&fst=1654609275416&num=1&value=0&label=_VeJCOrpwfcBEMeMlJgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
  • https://www.google.com/pagead/1p-conversion/855967303/?random=1727293915&cv=9&fst=1654609275416&num=1&value=0&label=_VeJCOrpwfcBEMeMlJgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/855967303/?random=1727293915&cv=9&fst=1654609275416&num=1&value=0&label=_VeJCOrpwfcBEMeMlJgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tiba=Take%20the%20Election%20Year%20Poll!&auid=1507843122.1654609275&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=e1WfYpPAHd2MoPMP4_CR-Ao&cid=CAQSKQCNIrLMMevAvBv8Dbjj-75fkkFXBxYz_nd0UPMJp2_LRVtUl4M3nRHH&eitems=ChEI8O77lAYQgLCbobq_-97zARIdAFrrf-J9zOdEDGBFUxfBkLcwrNceN004Ei7xWko&random=1218346313&resp=GooglemKTybQhCsO
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Server
2607:f8b0:4006:81c::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/855967303/?random=1727293915&cv=9&fst=1654609275416&num=1&value=0&label=_VeJCOrpwfcBEMeMlJgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse&tiba=Take%20the%20Election%20Year%20Poll!&auid=1507843122.1654609275&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=e1WfYpPAHd2MoPMP4_CR-Ao&cid=CAQSKQCNIrLMMevAvBv8Dbjj-75fkkFXBxYz_nd0UPMJp2_LRVtUl4M3nRHH&eitems=ChEI8O77lAYQgLCbobq_-97zARIdAFrrf-J9zOdEDGBFUxfBkLcwrNceN004Ei7xWko&random=1218346313&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6
m.stripe.com/ Frame 7611 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.199.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-199-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
37a1331e00a5fcce2e185180cc2f24ea2faee710b20b163c061635ffa7c97e47
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WW-... Frame 9D69 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WW-TKyU4pm8.L.B1.O/am=DwAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjv-YB8cgnPQwcg0PWW0MF-NZOwWA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16412da871475189bd2c6d87f655e207cb709aa6d25b8277b9e11c3a581169c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28980
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 04:26:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 16:13:42 GMT
/
pips.taboola.com/ 		64 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
764f44a3a9c7a36c4e529923731f9a1d6aa31b8ff73a5dc120023302b81c5762

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-ewr18133-EWR
access-control-allow-methods
GET
access-control-allow-origin
https://secure.winred.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
scevent.min.js
sc-static.net/ Frame BB4F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=db23cbdb-20db-44d4-b6a5-07bc2f403227
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.126.241 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-126-241.ord56.r.cloudfront.net
Software
CloudFront /
Resource Hash
78cd5328984e6258bf179f87054b6aaedb0956ef21f9382fc044d19ac1f079cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 00:06:22 GMT
content-encoding
gzip
server
CloudFront
age
48893
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
ORD56-P3
access-control-allow-headers
Content-Type
content-length
7289
via
1.1 1a713b47fe9d05824094426fde008b1e.cloudfront.net (CloudFront)
x-amz-cf-id
qXmx_z-ifSCJNB7R7N3bJ_2VPBRS-vtsocQ6Ih_sBpAjA4UaW1wjYw==
/
rtclx.com/s/ 		0
663 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtclx.com/s/?p=7493
Requested by
Host: rtxpx-a.akamaihd.net
URL: https://rtxpx-a.akamaihd.net/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.235.30.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-30-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.winred.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secure.winred.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,X-Forwarded-For,X-Forwarded-Proto,If-Modified-Since,referer,Cache-Control,Content-Type,Range,Pragma,Accept,Accept-Encoding,Accept-Language
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 01 Jan 1970 00:00:00 GMT
p
tr.snapchat.com/cm/ Frame EB90
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1654609275768
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1654308252729%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1654308252729%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1654308252729&pnid=140&pcid=037065db-a48e-4b9f-9cdc-7f7a958e6c4e
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1654308252729&pnid=140&pcid=037065db-a48e-4b9f-9cdc-7f7a958e6c4e
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Tue, 07 Jun 2022 13:41:16 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
14

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 07 Jun 2022 13:41:16 GMT
location
https://tr.snapchat.com/cm/p?rand=1654308252729&pnid=140&pcid=037065db-a48e-4b9f-9cdc-7f7a958e6c4e
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=f068ba4e-4d09-4cff-9269-4dfcf0f49095-tuct998dafb&uad=8f350e4e4d08294a36f7e73e2d3ba0e730e9838aa09381ad77f15543631c9aa1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 07 Jun 2022 13:41:15 GMT
Cache-Control
no-store
Server
nginx
Connection
close
analytics.js
www.google-analytics.com/ Frame 9D69 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WW-TKyU4pm8.L.B1.O/am=DwAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjv-YB8cgnPQwcg0PWW0MF-NZOwWA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3095
date
Tue, 07 Jun 2022 12:49:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Jun 2022 14:49:40 GMT
pay
pay.google.com/gp/p/ui/ Frame 9D69 		1 MB
349 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d012803d25e1e8f7cbb09a91d1168b86a3a98f92c2986a38eb0becbd91bffb4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EREH0o3HtIMC_Acma0XKXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-EREH0o3HtIMC_Acma0XKXg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Tue, 07 Jun 2022 13:41:15 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-EREH0o3HtIMC_Acma0XKXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-EREH0o3HtIMC_Acma0XKXg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Tue, 07 Jun 2022 13:41:15 GMT
log
play.google.com/ Frame 9D69 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 13:41:15 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D69 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 13:41:15 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D69 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 13:41:15 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D69 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 13:41:15 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D69 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 13:41:15 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WW-... Frame 9D69 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WW-TKyU4pm8.L.B1.O/am=DwAC/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjv-YB8cgnPQwcg0PWW0MF-NZOwWA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5f9c74a8d7b1875c39a7c36c5f844b5ef32729c86b4e8a91d42b4553da68e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7201
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 04:26:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 16:13:43 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WW-... Frame 9D69 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.WW-TKyU4pm8.L.B1.O/am=DwAC/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjv-YB8cgnPQwcg0PWW0MF-NZOwWA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55dbcb2e962a6d439ef67cbec1f1d02550cc6cadb577ccf44107032d3743aea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 04:26:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 16:13:43 GMT
log
play.google.com/ Frame 9D69 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 13:41:15 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
js.stripe.com/v3/ Frame 0611 		829 B
803 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1477c3f4ff2bc3983647c9b3e4e41051368fac795c122a28a804fd44cf8b8dfa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61668
cache-control
max-age=31536000
content-encoding
br
content-length
311
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:41:15 GMT
etag
"1a7e0563741aa7f2883f56fde6a8aa36"
last-modified
Mon, 06 Jun 2022 20:29:43 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
345
x-content-type-options
nosniff
x-request-id
f6e557af-db4a-4912-97a3-bc8e47326522
x-served-by
cache-ewr18131-EWR
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
log
play.google.com/ Frame 9D69 		131 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.S6pJaxR3UnM.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh179v_pmHEf1Q-oQ7J8k7L3TYzlg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
csp-report
q.stripe.com/ Frame 0611 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.winred.com
URL: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Jun 2022 13:41:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
ui-shared-2304e57f3b840222ab088f6d7c06903e.css
js.stripe.com/v3/fingerprinted/css/ Frame 0611 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-2304e57f3b840222ab088f6d7c06903e.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e8363621702202acbb66b2915ac0ba46ee9c720b33aa6e81c1350e23a0a4c367
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
60
x-cache
HIT
content-length
2679
etag
"c69451a0a6500eccf19f163bae889ff6"
x-request-id
2e744e85-0127-41b0-a309-4c7173e9e05b
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Tue, 24 May 2022 17:32:22 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
elements-inner-payment-request-abd2b5dfc862df7687f0bde35b5d6f0f.css
js.stripe.com/v3/fingerprinted/css/ Frame 0611 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-abd2b5dfc862df7687f0bde35b5d6f0f.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
79bcb9949cc0712cc735cbd2777724653e11ce0dac3e93e03b237b94757d4bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
15
x-cache
HIT
content-length
1474
etag
"306b18c070c36050e39ae6989acb2812"
x-request-id
907bf67c-e997-4baf-99d2-e77e2362de5a
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Tue, 08 Mar 2022 20:28:40 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
shared-dae2430dd6ad089f13585acdfe9f3412.js
js.stripe.com/v3/fingerprinted/js/ Frame 0611 		215 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dd50978e3070b9eeb79b3e53c35c38178927e7da19b175d984c1b8a31946f4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
19
x-cache
HIT
content-length
55011
etag
"7e82e5899b48443725ba559890512925"
x-request-id
e4ce1290-72cd-4592-a569-7ec157c39d39
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:19 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
12
ui-shared-625c2caf206549e2844ab86799d8a374.js
js.stripe.com/v3/fingerprinted/js/ Frame 0611 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-625c2caf206549e2844ab86799d8a374.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
562a1d89258bc9a8fd005063a1f80aae81700c0b1554f9ea81b1eacc970a7de6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
18
x-cache
HIT
content-length
62232
etag
"6b7d60addebe8ce85ce8cbab8ca3f21f"
x-request-id
0c0ac9ce-2a1f-405a-be41-5f85ca09f651
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Mon, 06 Jun 2022 20:29:23 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5
elements-inner-payment-request-bfb6eb94837eb8ea8d978032bd3c9c7d.js
js.stripe.com/v3/fingerprinted/js/ Frame 0611 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-bfb6eb94837eb8ea8d978032bd3c9c7d.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e4864a02cab520b3c5fa602c847ac29d49fd23e13de9bd0c01ababf29eb3bbd8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-1a7e0563741aa7f2883f56fde6a8aa36.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
15
x-cache
HIT
content-length
12867
etag
"cc7769334c56fc1e2213463e02280ad2"
x-request-id
1e70a76b-6085-4953-b40e-e1deaca3dcd8
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Tue, 31 May 2022 20:42:02 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:15 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 549D 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
rum
secure.winred.com/cdn-cgi/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.winred.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/json

Response headers

date
Tue, 07 Jun 2022 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://secure.winred.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7179cde7dcfbd157-BUF
vary
Origin
/
rtclx.com/s/ 		0
663 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtclx.com/s/?p=7508
Requested by
Host: rtxpx-a.akamaihd.net
URL: https://rtxpx-a.akamaihd.net/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.235.30.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-30-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.winred.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secure.winred.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,X-Forwarded-For,X-Forwarded-Proto,If-Modified-Since,referer,Cache-Control,Content-Type,Range,Pragma,Accept,Accept-Encoding,Accept-Language
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 728E 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://secure.winred.com
Referer
https://secure.winred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://secure.winred.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:41:16 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
unip
trc-events.taboola.com/1409910/log/3/ 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1409910/log/3/unip?en=pre_d_eng_tb&tos=1605&scd=24&ssd=1&est=1654609275364&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1654609276970&vi=1654609275360&ri=102e0f46aa2b88e8192ba17f16a9f68c&sd=v2_aeb3d2cc9b3b6d6124c650094574cd40_f068ba4e-4d09-4cff-9269-4dfcf0f49095-tuct998dafb_1654609275_1654609275_CNawjgYQ9oZWGODTl_OTMCABKAEw4QE4kaQOQNWmD0juy9kDUIIEWABgAGif-IjFj4f3lzNwAQ&ui=f068ba4e-4d09-4cff-9269-4dfcf0f49095-tuct998dafb&ref=null&cv=20220602-7-RELEASE&item-url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1409910/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://secure.winred.com
pragma
no-cache
date
Tue, 07 Jun 2022 13:41:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
common.js
maps.googleapis.com/maps-api-v3/api/js/49/3a/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/3a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
275771eff3df7acb103c2c2524c242021f8aefc4418629e3c2952e3fc7578aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 11:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30624
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 11:47:36 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/49/3a/ 		310 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/3a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
016f10ae14b8de88ab14b44c01fc9c8d7fdf2dbd1989479e08f94bdb399bb1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 00:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94200
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Jun 2023 00:41:23 GMT
unip
trc-events.taboola.com/1409910/log/3/ 		0
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1409910/log/3/unip?en=pre_d_eng_tb&tos=4608&scd=24&ssd=1&est=1654609275364&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1654609279972&vi=1654609275360&ri=102e0f46aa2b88e8192ba17f16a9f68c&sd=v2_aeb3d2cc9b3b6d6124c650094574cd40_f068ba4e-4d09-4cff-9269-4dfcf0f49095-tuct998dafb_1654609275_1654609275_CNawjgYQ9oZWGODTl_OTMCABKAEw4QE4kaQOQNWmD0juy9kDUIIEWABgAGif-IjFj4f3lzNwAQ&ui=f068ba4e-4d09-4cff-9269-4dfcf0f49095-tuct998dafb&ref=null&cv=20220602-7-RELEASE&item-url=https%3A%2F%2Fsecure.winred.com%2Fnrsc%2Felection-year-poll-2x-sm-ar-tst%3Futm_medium%3Demail%26utm_source%3Dtst_nrsc_SM%26utm_campaign%3D20220518_na_electionyearpoll-v1_SM_nrsc_nrsc%26utm_content%3Ddonate%26amount%3Dna%26recurring%3Dfalse
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1409910/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://secure.winred.com
pragma
no-cache
date
Tue, 07 Jun 2022 13:41:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
trusted-types-checker-1930daecb72cdcb6cb571c80a6f710ce.js
js.stripe.com/v3/fingerprinted/js/ 		173 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-1930daecb72cdcb6cb571c80a6f710ce.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
409f3b67cde169b211235150abe80a923a841238f12f797bf24081dbcf7874c9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.winred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
53
x-cache
HIT
content-length
120
etag
"ac8409ef561d72c06a1844b033e9cafe"
x-request-id
41a2e15d-b171-4a83-8e9c-78887855e895
x-served-by
cache-ewr18131-EWR
access-control-allow-origin
*
last-modified
Thu, 19 May 2022 16:55:33 GMT
server
Fastly
date
Tue, 07 Jun 2022 13:41:21 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
0
r.stripe.com/ Frame 9A54 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-dae2430dd6ad089f13585acdfe9f3412.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Tue, 07 Jun 2022 13:41:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer boolean| isWinRed string| app_platform object| __webpackStripeJSv3Jsonp function| Stripe function| BestInPlaceEditor function| $ function| jQuery object| jQuery112403606622885769053 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass object| bioEp function| Cookies object| App object| picturefillCFG function| picturefill function| UAParser function| gm_authFailure function| tmpl object| ActionCable object| antiClickjack object| a0_0x433e function| a0_0x3d7e object| __CF$cv$params object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| __cfBeacon function| landingPageFormSubmitRecaptchaSuccess function| landingPageFormSubmitRecaptchaError object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| obApi function| obTag object| __tfa_pixel_init object| _tfa function| snaptr object| dotq function| fbq function| _fbq function| pixie function| rtxq function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| YAHOO function| UET function| UET_init function| UET_push function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| LI object| __li__evt_bus object| liQ object| regeneratorRuntime object| twttr object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge object| ueto_7ae90818bd object| uetq object| __core-js_shared__ object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| __trcWarn

45 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
app.winred.com/api/v3/users Name: rvid
Value: 8c6123b0-3c69-4ee4-a881-0521e91bfb32
.taboola.com/nrsc-sc/ Name: taboola_session_id
Value: v2_aeb3d2cc9b3b6d6124c650094574cd40_f068ba4e-4d09-4cff-9269-4dfcf0f49095-tuct998dafb_1654609275_1654609275_CNawjgYQ9oZWGODTl_OTMCABKAEw4QE4kaQOQNWmD0juy9kDUIIEWABgAGif-IjFj4f3lzNwAQ
secure.winred.com/nrsc Name: ntvSession
Value: {}
links.magadonors.com/ Name: Silverpop_cookie
Value: !blvhAShlF47vJpUnlH2hcLExqpsr6MFupV3EMOtp9fQVgm1Wz1F/y6j9yL1tKlHnx/0bG7skVR17Hfs=
secure.winred.com/ Name: origin_url
Value: https://secure.winred.com/nrsc/election-year-poll-2x-sm-ar-tst?utm_medium=email&utm_source=tst_nrsc_SM&utm_campaign=20220518_na_electionyearpoll-v1_SM_nrsc_nrsc&utm_content=donate&amount=na&recurring=false
.winred.com/ Name: _revv_v3_session
Value: SCszM3lZYXVPbWZ6R0YvNDhqTk96dndMV3dVYlkrVUx6M3dscklBQlE0djRUZG9FR29iTWpsRERwYWlKM3hrNm1nRmQ3WnV1c08wdFlzd21vRTZGUjBTbzBFbTJ3cTRSQSt0M2NvWGJkQVVFVHgvRVNtRG5EOFMxNGZUcTFaMWxIbHo1OWUwRHVaYzFVVUlWcENjZjhKdG9IZk5nNzdhVDJvbEMvVHN0NFkxaVBLTE5DeHEyT3ExQ0lRTDNKVFptMlhHOFUveUphZ2hpaEJYNW8zdnEyK3Ira2hNRUNSUnFQdkVxZDB1a3pPZE90ZDlka0dQejcySGhKbWtqOXJxVzhIRndqSE1YVE5OR0FOZm9hZGg2dm9vWi9PdE5EQzN5Yit0bTczaFlvVVAzK1JrRU1Ndm41STg5c21sZVBFblRhNHZPZXA1cFFIS1ZLV0hmOTNndGVSNjNrS1YvTm9PZjlMbmRVTXZJNDg4PS0tMHUyMXFXOGg3dXMwNFdZS25LZy9yZz09--8fcd0098dd6f95034765764c7f3973cbb3788a35
.winred.com/ Name: _gcl_au
Value: 1.1.1507843122.1654609275
secure.winred.com/ Name: sso_tries
Value: 1
secure.winred.com/ Name: rvid
Value: 8c6123b0-3c69-4ee4-a881-0521e91bfb32
.google.com/ Name: NID
Value: 511=eitIPC6gCawK4hy-awWgYCE3O-ZM9w52Obw5lxg2KoBWaJeIKWQqLQueU8ZNaMkLSsaJyuEuxEvRZNAOyY3zm9NOMzCQwHv25lK5tzQo4Db2Qc-45e7OJbpSL5xBZb8vrCbEKo0C0_ny26PTION2OYIw4zYLABOt6Um8RxpCaeE
.secure.winred.com/ Name: __cf_bm
Value: xNkHiwjEJrL0grShFCJ2DRWEv9YiucqdWTAA5vltkeI-1654609275-0-ARn4ah27WwdCobVNESr3ko695s805fcXHF0Cuta60dCdOfZvHjnm+V3NXRs4G/T2v9ikM+kc4FQA4tQhbTNuLa5VQuY0x9heoDGqDQr59930ivsMNOX/zKEnpjwWjLbFmMX3ZZlBwpQaWG0y/6VFz+LXoO0IkarbKslRJHal6X3PHsXZAK0M8HnqebgtIV3QAg==
.bing.com/ Name: MUID
Value: 348A03FB497C6AE60E401247481B6BED
.bat.bing.com/ Name: MR
Value: 0
.postrelease.com/ Name: visitor
Value: 0acd8d3b-01b8-45c9-880a-f1277d6f7bca
.postrelease.com/ Name: status
Value: 1
.winred.com/ Name: _ga
Value: GA1.2.887825824.1654609275
.winred.com/ Name: _gid
Value: GA1.2.1092475362.1654609275
.winred.com/ Name: _dc_gtm_UA-73658561-7
Value: 1
.taboola.com/ Name: t_gid
Value: f068ba4e-4d09-4cff-9269-4dfcf0f49095-tuct998dafb
.winred.com/ Name: _li_dcdm_c
Value: .winred.com
.winred.com/ Name: _lc2_fpi
Value: 5fe568a6c8fd--01g4z6bth5k3a5n5571sjvw1jj
.winred.com/ Name: _uetsid
Value: 809165d0e66711ec903a7f09a31ccc3a
.winred.com/ Name: _uetvid
Value: 80918680e66711eca4f1b114d70df8b7
.winred.com/ Name: _scid
Value: 8571df1c-a2bb-49cd-b990-e10d7b2621f4
.postrelease.com/ Name: ver
Value: 1
.t.co/ Name: muc_ads
Value: b9af868c-308f-42e5-850a-e402769e359c
.twitter.com/ Name: personalization_id
Value: "v1_8REQoRFRZ+SYuQdMIC+qIA=="
.yahoo.com/ Name: A3
Value: d=AQABBHtVn2ICECRM7smSV8o5JP0Tmxa-uewFEgEBAQGmoGKpYgAAAAAA_eMAAA&S=AQAAAh9BOS1LOGosD3UimAdQIIU
.winred.com/ Name: _fbp
Value: fb.1.1654609275665.1614221174
.akamaihd.net/ Name: b53eedc13__
Value: 3dcde55f4019c11333d61ef35414c913abdae8fd4.1654609275
.liadm.com/ Name: lidid
Value: 6c632d8d-96fb-47f7-bff8-3144f9e3bc94
.facebook.com/ Name: fr
Value: 0V7GXYTctbMRi3H8c..Bin1V7...1.0.Bin1V7.
secure.winred.com/ Name: outbrain_cid_fetch
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUkhxKpqSXoxoQisgvS3eJAqldDa_HX8aFW3AkurAi3GLTBeqwT34p8IxTua
.rtclx.com/ Name: tp_usr
Value: 3dcde55f4019c11333d61ef35414c913abdae8fd4
.rtclx.com/ Name: tp_dfp
Value: 80cd2325e66711ec80f60242ac110003
m.stripe.com/ Name: m
Value: 846120eb-e0a4-48ec-b0ed-a5869d926b5e5d3650
.secure.winred.com/ Name: __stripe_mid
Value: b3573f0e-5d77-477a-87f0-a46f684361fb586e85
.secure.winred.com/ Name: __stripe_sid
Value: b1e2ef7f-bd3e-42ff-8be3-558c9aced83c66aa73
.tapad.com/ Name: TapAd_TS
Value: 1654609275943
.tapad.com/ Name: TapAd_DID
Value: 037065db-a48e-4b9f-9cdc-7f7a958e6c4e
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRHAIAgEwIqYuUNESDeJA1VYvN/sa7/ksukh3NVilZBXmzKCTQzsCj00PPRpjtTl51dc14tpYkAAAAA=
.winred.com/ Name: _sctr
Value: 1|1654560000000

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
amplify.outbrain.com
analytics.twitter.com
app.winred.com
b-code.liadm.com
bat.bing.com
cdn.taboola.com
cds.taboola.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
ib.adnxs.com
jadserve.postrelease.com
js.stripe.com
links.magadonors.com
m.stripe.com
m.stripe.network
maps.googleapis.com
pay.google.com
pips.taboola.com
pixel.tapad.com
play.google.com
q.stripe.com
r.stripe.com
rp.liadm.com
rp4.liadm.com
rtclx.com
rtxpx-a.akamaihd.net
s.ntv.io
s.yimg.com
sc-static.net
secure.winred.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
stickyid-a.akamaihd.net
t.co
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.197
104.244.42.67
107.178.246.49
108.156.126.241
141.226.224.32
141.226.224.48
142.250.80.66
146.75.36.157
151.101.129.108
151.101.129.44
151.101.192.176
2001:4998:14:800::1001
23.52.162.163
23.52.162.190
2600:141b:13::17d7:82b8
2600:141b:13::17d7:82b9
2600:1f18:730:b130:4c96:5596:18cd:cf5
2600:9000:234f:c400:8:8845:1500:93a1
2600:9000:2351:be00:0:7d26:ee00:93a1
2606:4700:440e::6812:2fe6
2606:4700::6812:9b15
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c17::5c
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:823::200e
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::300
35.169.111.138
35.190.43.134
38.133.127.159
52.2.2.162
52.41.199.178
54.186.23.98
54.235.30.242
68.67.161.210
74.112.68.25
76.13.32.146
016f10ae14b8de88ab14b44c01fc9c8d7fdf2dbd1989479e08f94bdb399bb1e8
04e84921e6e976280e3e76c27ae42071b5140e57e20c4176996e4b50fdd72022
05bbb4daaa2e71f99f97ec373b6c27ce1a99bed86495d34ca5513821bce07f95
079a0a04f46f7a576d7e85c8be838778a8b645f031800a1aeb48a8a50e4a30c2
0c3bed872e370b7e8227192bca7e37e5468629202f139485d50d5855ffc2c304
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d7c1fa48c90d365563ca650d93c91309617d666e5645d08e3dd86577a7432c3
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1477c3f4ff2bc3983647c9b3e4e41051368fac795c122a28a804fd44cf8b8dfa
15d0496d60d7ca591b1b904291d2437c15d9d527cceb4efee3ccd70efd7441b4
16412da871475189bd2c6d87f655e207cb709aa6d25b8277b9e11c3a581169c0
1abcd3234804a5623452b29f8ff7dbc4df1f1dcc8c73ae33e06efddb03bf9a68
1cd6e55f30592f2d07f9d038d85872e5d4fe5b079c86cadf29a3776694593d7b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1eefb105e50feccd11b072f5c0e5654c78fbc630b516b8498764a0207a9c0d92
267ed9191dc8ef5ad9eb2ea7fdd302aeededcb0451c057d24e22fa8898b02c3e
275771eff3df7acb103c2c2524c242021f8aefc4418629e3c2952e3fc7578aff
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e974a500bb90b2ca201b2c679d559021a8770e55fa80b62c3ed6d4fed7b4058
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
37a1331e00a5fcce2e185180cc2f24ea2faee710b20b163c061635ffa7c97e47
3bfad16988b8dfda18e1b122ef8769b030bb30ff3fc1829e67840f21f6b6ffc8
3edd67927202a576956ddf19559f52bf6ba9833e30d2296abc158088289f6112
409f3b67cde169b211235150abe80a923a841238f12f797bf24081dbcf7874c9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4574da0e7384e54417d62212c8bbf08920a2a891a6166b192362e2e73bcdfe4e
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55dbcb2e962a6d439ef67cbec1f1d02550cc6cadb577ccf44107032d3743aea4
562a1d89258bc9a8fd005063a1f80aae81700c0b1554f9ea81b1eacc970a7de6
5691f424cc1ed0898b2c90c9b245c404b99b9108309766810a18282eaebc90f2
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6044eba5f333196e668cfc0a5b5cba4b6bf86375d034ccd65d25c8a8e682c0da
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60f9cdffa54b3516f9dd33888dd028cd28dc363e562d305bc291660cd5da2ecc
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6de48c97b08bca88630c7a68fe36fe18a43010ed4d33add156a505fb84176694
6fb3331bc23a401c18618f01def58ed20e058fd780a77ff3d32351191226c2c4
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
764f44a3a9c7a36c4e529923731f9a1d6aa31b8ff73a5dc120023302b81c5762
78cd5328984e6258bf179f87054b6aaedb0956ef21f9382fc044d19ac1f079cf
79bcb9949cc0712cc735cbd2777724653e11ce0dac3e93e03b237b94757d4bf0
7d012803d25e1e8f7cbb09a91d1168b86a3a98f92c2986a38eb0becbd91bffb4
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7fa97df4138ce391cd96fdb129d551a1ec7e5c82a70eb489859978840322c69b
81a5c7a6778664ba209af76fe9a3a23a71f3423252330b8f5a0cb76aa27c1d6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ee43e52a13b2428e29ef8fa8cbb0c5d3e7aca08cede416b96c737860d1a371
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
904046ada6c3530723b6ddfda136b840de8e9ecb7c6e3a765cdc206875e0ba25
9208e589d3cc80625d7079666fd3ce55f9b36069b682b6627ad13fb512a5f455
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
9dab3910216c7bb926e671fadef6a762b798a628057f7950c10c36df0baf8d3a
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a1cb2a525d305f417304ff7f1801ffe7f66a249c3413b7dd91b83e47c4db01
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8362e52a31903241d8763d701d813a261624335ea29a8c83a5c469b443eeeda
ac7882021c146dcae49f5972ca0d5805b784a4f284a0ffe4c9b83e2434084a01
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
baca64b4367b39b5e035acd77c84e36569a4c1b398ed3c00e4b3cf21743580ad
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccb3d39720a9df27a4b214eb1b18df33070d49ffd57d6c9211a12c0c54832630
cd4d1674a36ad8767d051c1cdd2b3662fb3d28ca10243ea71a7f0f5a5a30aacf
cd82715ba47d037774b6a1f5df9968d06bb665f6ce158be5d34e3911ff86114a
d0b8b3174365fda9ffe49fca40b12cc3cdc186a5451cc583b8fb80ccc4922556
d4e4cfe72e96cb6a9664fc91729ce1c0e26cae66d297bf36bc21ab994de19e87
d5f9c74a8d7b1875c39a7c36c5f844b5ef32729c86b4e8a91d42b4553da68e10
d635882d5a419679c8bf84a532e0ed76b133dd58d371db5c5ab92aa33ed4f93a
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d868a102fd2d618e0256df919f7d1b3d30399c80daf85315f3c6556c590cb3dc
dd50978e3070b9eeb79b3e53c35c38178927e7da19b175d984c1b8a31946f4c1
e016af58cb21d6c7dc2ec7a6e0670d9542e8fa19e8b5648b9defaa9e8cd41fd1
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4864a02cab520b3c5fa602c847ac29d49fd23e13de9bd0c01ababf29eb3bbd8
e8363621702202acbb66b2915ac0ba46ee9c720b33aa6e81c1350e23a0a4c367
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f38456ec82ed63fda4f038cb5f6cf4afcb11b28825242c0b1a1000a6b35bea23
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fb6166b0e0d3ab63a82ed49571245300e7693e27d5acb77808424bb1ae70b327
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505