www.tradewindsnews.com Open in urlscan Pro
2a02:c0:ac:6:fe::146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVY...
Effective URL:
https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJL...
Submission: On October 16 via api (October 16th 2020, 6:51:39 pm UTC) from IE

Summary HTTP 63 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 21 domains to perform 63 HTTP transactions. The main IP is 2a02:c0:ac:6:fe::146, located in Sweden and belongs to REDPILL-LINPRO Redpill Linpro, NO. The main domain is www.tradewindsnews.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 9th 2020. Valid for: 2 years.

This is the only time www.tradewindsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6811:85b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a02:c0:ac:6:... 2a02:c0:ac:6:fe::146	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
20	2a02:c0::7 2a02:c0::7	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	142.93.100.57 142.93.100.57	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a02:26f0:10c... 2a02:26f0:10c:59b::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
6	188.40.114.5 188.40.114.5	24940 (HETZNER-AS) (HETZNER-AS)
1	34.254.111.26 34.254.111.26	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:a13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.32.152.233 63.32.152.233	16509 (AMAZON-02) (AMAZON-02)
2	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.28.241.182 52.28.241.182	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
63	24

2 2606:4700::6811:85b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.nhstglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:c0:ac:6:fe::146 (Sweden) 1 redirects

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

www.tradewindsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:c0::7 (Sweden)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

nhst-global-myprofile-prod.situla.bitbit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.100.57 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:10c:59b::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.40.114.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.114.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.111.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-111-26.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a13 (United States)

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.152.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

nhst.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

nhst.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.241.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-241-182.eu-central-1.compute.amazonaws.com

popup.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	bitbit.net nhst-global-myprofile-prod.situla.bitbit.net	2 MB
7	onthe.io cdn.onthe.io tt.onthe.io	29 KB
7	tradewindsnews.com 1 redirects www.tradewindsnews.com	55 KB
4	adobedtm.com assets.adobedtm.com	71 KB
2	facebook.com www.facebook.com	516 B
2	facebook.net connect.facebook.net	91 KB
2	hubspot.com forms.hubspot.com track.hubspot.com	594 B
2	omtrdc.net nhst.d3.sc.omtrdc.net	1 KB
2	wisepops.com loader.wisepops.com popup.wisepops.com	11 KB
2	demdex.net dpm.demdex.net nhst.demdex.net	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	67 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
2	nhstglobal.com 1 redirects www.nhstglobal.com	3 KB
1	hsforms.com forms.hsforms.com	299 B
1	hubapi.com api.hubapi.com	356 B
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hscollectedforms.net js.hscollectedforms.net	25 KB
1	hs-banner.com js.hs-banner.com	11 KB
1	hs-scripts.com js.hs-scripts.com	678 B
63	21

	Domain	Requested by
20	nhst-global-myprofile-prod.situla.bitbit.net	www.tradewindsnews.com nhst-global-myprofile-prod.situla.bitbit.net
7	www.tradewindsnews.com	1 redirects www.nhstglobal.com www.tradewindsnews.com nhst-global-myprofile-prod.situla.bitbit.net
6	tt.onthe.io	cdn.onthe.io
4	assets.adobedtm.com	www.tradewindsnews.com assets.adobedtm.com
2	www.facebook.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	nhst.d3.sc.omtrdc.net	assets.adobedtm.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.tradewindsnews.com
2	stackpath.bootstrapcdn.com	www.tradewindsnews.com stackpath.bootstrapcdn.com
2	www.nhstglobal.com	1 redirects
1	forms.hsforms.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	popup.wisepops.com	loader.wisepops.com
1	forms.hubspot.com	js.hscollectedforms.net
1	nhst.demdex.net	assets.adobedtm.com
1	loader.wisepops.com	www.nhstglobal.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	dpm.demdex.net	assets.adobedtm.com
1	js.hs-scripts.com	www.tradewindsnews.com
1	cdn.onthe.io	www.tradewindsnews.com
63	25

This site contains links to these domains. Also see Links.

Domain
www.rechargenews.com
info.tradewindsnews.com
info.rechargenews.com
tradewindsadvertise.com

Subject Issuer	Validity	Valid
www.nhstglobal.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
*.tradewindsnews.com DigiCert SHA2 Secure Server CA	`2020-04-09` - `2022-04-14`	2 years	crt.sh
situla.bitbit.net Let's Encrypt Authority X3	`2020-08-14` - `2020-11-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2020-04-07` - `2021-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
loader.wisepops.com Amazon	`2020-04-16` - `2021-05-16`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Frame ID: 50E2BAC712C6E7DC4C2EB1709F1D9934
Requests: 62 HTTP requests in this frame

Frame: https://nhst.demdex.net/dest5.html?d_nsid=0
Frame ID: 7F396E9D41D2C4FFF00A1C4E48A1CA3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV... Page URL
https://www.nhstglobal.com/events/public/v1/track/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV... HTTP 307
http://www.tradewindsnews.com/subscription/?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5... HTTP 302
https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLw... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

63
Requests

100 %
HTTPS

75 %
IPv6

21
Domains

25
Subdomains

24
IPs

7
Countries

2126 kB
Transfer

2877 kB
Size

33
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rechargenews.com/subscription/product/recharge-intro-offer-with-recurring
Title: S

Search URL Search Domain Scan URL

URL: https://info.tradewindsnews.com/tw-customer-service-form?__hstc=101862852.d84adf1c6b622b89f861653036d61811.1602874282949.1602874282949.1602874282949.1&__hssc=101862852.1.1602874282949&__hsfp=2017058934
Title: Questions? Contact us.

Search URL Search Domain Scan URL

URL: https://info.rechargenews.com/re-customer-service-form?__hstc=101862852.d84adf1c6b622b89f861653036d61811.1602874282949.1602874282949.1602874282949.1&__hssc=101862852.1.1602874282949&__hsfp=2017058934
Title: Q

Search URL Search Domain Scan URL

URL: http://tradewindsadvertise.com/
Title: Advertise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1 Page URL
https://www.nhstglobal.com/events/public/v1/track/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1?_ud=c304f99f-cef8-4e67-92a5-6cae44170dd7&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
http://www.tradewindsnews.com/subscription/?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&utm_content=97570799&utm_source=hs_email HTTP 302
https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pc... Show response
www.nhstglobal.com/e2t/tc/ 8 KB
2 KB 59ms
58ms Document
text/html 2606:4700::6811:85b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:85b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de453ae95c4644566c19c10c347c6b79aaa3dc967cbebe609af34b043c6b3a3f

Request headers

:method: GET
:authority: www.nhstglobal.com
:scheme: https
:path: /e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 16 Oct 2020 18:51:18 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d9d3d2bd4afbf6d56412b99c1648641781602874278; expires=Sun, 15-Nov-20 18:51:18 GMT; path=/; domain=.www.nhstglobal.com; HttpOnly; SameSite=Lax __cfruid=6af1341feed6139f3b60dcbf335df5078196194d-1602874278; path=/; domain=.www.nhstglobal.com; HttpOnly; Secure; SameSite=None
cf-ray: 5e33f8709f23d6fd-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 05d4599a5f0000d6fde298a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.tradewindsnews.com/subscription/
Redirect Chain

https://www.nhstglobal.com/events/public/v1/track/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY...
http://www.tradewindsnews.com/subscription/?utm_medium=email&_hsmi=97570799&_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&utm_content=9...
https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799

10 KB
4 KB

219ms
109ms

Document
text/html

2a02:c0:ac:6:fe::146
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799

Requested by

Host: www.nhstglobal.com
URL: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:c0:ac:6:fe::146 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

gunicorn/19.7.1 /

Resource Hash

d7909aed629bd3e0c8b581707ae2527ac9a888c88be5be9143d445dccf057887

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.tradewindsnews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1

Response headers

Server: gunicorn/19.7.1
Date: Fri, 16 Oct 2020 18:51:19 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Set-Cookie: csrftoken=7STLRUdtdwjLfsDinaZVBmIVNyDFwkNP8yY6APOB98iG1U1X0UctlpWuGFrGP9B5; expires=Fri, 15-Oct-2021 18:51:19 GMT; Max-Age=31449600; Path=/ JsloginCookie=guest; expires=Sat, 16-Oct-2021 18:51:19 GMT; Max-Age=31536000; Path=/ c42b1bc52d69f1fbfc8ef62cbd90583a=c3680d00576e58c7265087460a75d4e4; path=/; HttpOnly
Content-Encoding: gzip
Cache-control: private
X-Webcache-Server: fe0-osl2.nhst.c.bitbit.net
Vary: Cookie, Accept-Encoding
X-Varnish: 71228680
Age: 0
Via: 1.1 varnish-v4
X-Cache: MISS
Accept-Ranges: bytes
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Date: Fri, 16 Oct 2020 18:51:18 GMT
Server: Varnish
X-Varnish: 552569737
Location: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK bootstrap.min.css
nhst-global-myprofile-prod.situla.bitbit.net/css/ 16 KB
16 KB 277ms
83ms Stylesheet
text/css 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/bootstrap.min.css
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 6a79e7813ef421b8c56d1410b2b51317e58e6e72cabfa63673de75884610725e

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:19 GMT
Last-Modified: Wed, 31 Jul 2019 06:40:34 GMT
x-amz-request-id: tx00000000000000d89061f-005f89eba7-27fb430c-default
ETag: "63ca846177422564aa4dc5b965bfc094"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15934

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 3221ms
31ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK tradewinds.css
nhst-global-myprofile-prod.situla.bitbit.net/css/ 43 KB
43 KB 247ms
45ms Stylesheet
text/css 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: ca36d83a6e9b6d831248a8c37f7be166a5872de2a1b3e17cc6fd44656b7a1da4

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:19 GMT
Last-Modified: Mon, 14 Oct 2019 12:04:24 GMT
x-amz-request-id: tx000000000000006688cf5-005f89eba7-283f6468-default
ETag: "b19e998a7b0f3ecd3c8b34e93ce9a642"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43640

GET
H/1.1 200
OK ie_fix.css
nhst-global-myprofile-prod.situla.bitbit.net/css/ 108 B
414 B 276ms
60ms Stylesheet
text/css 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/ie_fix.css
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: c8c39ff028ebfc8fd71d4540f93d706fb38caf7facd5a0c6333c72b504e4da3e

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:19 GMT
Last-Modified: Wed, 31 Jul 2019 06:40:35 GMT
x-amz-request-id: tx000000000000001b61211-005f89eba7-290159b9-default
ETag: "81f9e00236cfa66811ca336df181fd2a"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 108

GET
H/1.1 200
OK generic.css
nhst-global-myprofile-prod.situla.bitbit.net/css/ 6 KB
6 KB 271ms
55ms Stylesheet
text/css 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/generic.css
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 37a20bd1f55aa09ee44daec697f1ed336133f8b609ec437164dad50164ddde93

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:19 GMT
Last-Modified: Thu, 20 Aug 2020 10:50:56 GMT
x-amz-request-id: tx000000000000001b61210-005f89eba7-290159b9-default
ETag: "e37682ff3fbc23fc3353f829153ae4e4"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6237

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3357865-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec39da592144f20f17895308e9b163292a5df90d818d9f173c2b3811a98f5893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37886
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Oct 2020 18:51:19 GMT

GET
H/1.1 200
OK Wm2IKF5FcrBf Show response
cdn.onthe.io/io.js/ 71 KB
27 KB 127ms
50ms Script
text/javascript 142.93.100.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/Wm2IKF5FcrBf
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.100.57 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 52ba3b3137a365f7432075c159ad5c87b823f5c4d3d703b5751d14c1710e7728

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 09:34:11 GMT
Server: nginx
ETag: W/"5f48cf93-11a76"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 17 Oct 2020 18:51:20 GMT

GET
H2 200 launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js Show response
assets.adobedtm.com/ 162 KB
48 KB 253ms
232ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 25ca19137f459bf4e0a400ae1467972d1453c1b6ccd4b8e8cbe8f5b380ed3de4

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 18:51:20 GMT
content-encoding: gzip
last-modified: Tue, 22 Sep 2020 03:22:08 GMT
server: AkamaiNetStorage
status: 200
etag: "4a0ba035235dfc8884d338ddc2b0f5b8:1600744928.109908"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.tradewindsnews.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 49009
expires: Fri, 16 Oct 2020 18:51:20 GMT

GET
H/1.1 200
OK / Show response
www.tradewindsnews.com/subscription/jsi18n/ 3 KB
1 KB 62ms
61ms Script
text/javascript 2a02:c0:ac:6:fe::146
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradewindsnews.com/subscription/jsi18n/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:c0:ac:6:fe::146 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

gunicorn/19.7.1 /

Resource Hash

a4e8e7e36370fe3237c5b28a69c13180862247c2fbe36138fa8bdde00f1da731

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: gunicorn/19.7.1
Age: 0
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
Content-Type: text/javascript
Via: 1.1 varnish-v4
Cache-control: private
Transfer-Encoding: chunked
X-Varnish: 71228682
Connection: keep-alive
Accept-Ranges: bytes
X-Webcache-Server: fe0-osl2.nhst.c.bitbit.net

GET
H/1.1 200
OK TradewindsLogo.svg
nhst-global-myprofile-prod.situla.bitbit.net/gfx/ 3 KB
4 KB 53ms
51ms Image
image/svg+xml 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/gfx/TradewindsLogo.svg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 188244085101da72f3542ccbd1152a16e6fe4ea591919afd01ec99160e269a2b

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:20 GMT
Last-Modified: Wed, 31 Jul 2019 06:40:16 GMT
x-amz-request-id: tx000000000000001b6121d-005f89eba8-290159b9-default
ETag: "d52125cf6c5eb6e7bf38e35638e55aa4"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3575

GET
H/1.1 200
OK app.bundle.js Show response
nhst-global-myprofile-prod.situla.bitbit.net/subscription/ 709 KB
710 KB 43ms
42ms Script
application/javascript 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/subscription/app.bundle.js
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 8062685c57a0c40f84dec104f4ee3adfa46553eaae40195cf465fac7e9916932

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:19 GMT
Last-Modified: Wed, 16 Sep 2020 06:36:15 GMT
x-amz-request-id: tx000000000000001b61212-005f89eba7-290159b9-default
ETag: "6934c4f8ddecd01bc13a10278210e9f1"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 726527

GET
H/1.1 200
OK vendor.bundle.js Show response
nhst-global-myprofile-prod.situla.bitbit.net/subscription/ 283 KB
283 KB 196ms
195ms Script
application/javascript 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/subscription/vendor.bundle.js
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 9b8bac6c2bf8878c6a6857f67133031a95aadacd901caad6dcba098c94a6ee4b

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:19 GMT
Last-Modified: Thu, 20 Aug 2020 10:50:41 GMT
x-amz-request-id: tx000000000000001b61218-005f89eba7-290159b9-default
ETag: "f22eaf825e1063c9f486998ca427adc1"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 289657

GET
H/1.1 200
OK TW-Sign-up-Julian-portrait_GaJtgE0.png
nhst-global-myprofile-prod.situla.bitbit.net/uploads/frontend/Tradewinds/ 24 KB
24 KB 42ms
41ms Image
image/png 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/frontend/Tradewinds/TW-Sign-up-Julian-portrait_GaJtgE0.png
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 317d1866195efce2d2ea68e3395cd742d1c442c8de89be3b162d9958a426c256

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:20 GMT
Last-Modified: Wed, 31 Jul 2019 11:33:29 GMT
x-amz-meta-s3cmd-attrs: atime:1564572483/ctime:1564572483/gid:1000/gname:oea/md5:5d6e1f2f2e66796ab4ffd4a546995d95/mode:33188/mtime:1564572483/uid:1000/uname:oea
x-amz-request-id: tx000000000000001b6121f-005f89eba8-290159b9-default
ETag: "5d6e1f2f2e66796ab4ffd4a546995d95"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24369

GET
H2 200 1545457.js Show response
js.hs-scripts.com/ 2 KB
678 B 19ms
18ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/1545457.js
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f67f035193dbc84e9ab1781f3dffd138787bea9fee3535028aaaa06574e8bc

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 21
cf-polished: origSize=1777
status: 200
cf-request-id: 05d459a25a00001f1958b95000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B9F40C20A270CA0D646C8838820D44566A231F2BE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.rechargenews.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5e33f87d5eb81f19-FRA
expires: Fri, 16 Oct 2020 18:52:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3357865-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3717
date: Fri, 16 Oct 2020 17:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 16 Oct 2020 19:49:25 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 38ms
24ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHN8XD2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

455e6101970387f9683b9fb1a844eb614048fe1bbbf9ba4b369cb211b6d88de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29952
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Oct 2020 18:51:22 GMT

GET
H/1.1 200
OK decks Show response
www.tradewindsnews.com/subscription/api/v1/ 11 KB
12 KB 112ms
111ms XHR
application/json 2a02:c0:ac:6:fe::146
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradewindsnews.com/subscription/api/v1/decks

Requested by

Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/subscription/app.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:c0:ac:6:fe::146 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

gunicorn/19.7.1 /

Resource Hash

82f9c96221e40fcf0ccb094cbb531b2216e2f8af3433e0d745e2d43d54a16245

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Via: 1.1 varnish-v4
Allow: GET, HEAD, OPTIONS
Server: gunicorn/19.7.1
Age: 0
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
Content-Type: application/json
Cache-control: private
X-Varnish: 76034618
Connection: keep-alive
Accept-Ranges: bytes
X-Webcache-Server: fe0-osl2.nhst.c.bitbit.net
Content-Length: 11365

GET
H/1.1 401
Unauthorized me Show response
www.tradewindsnews.com/subscription/api/v1/ 37 B
467 B 128ms
56ms XHR
application/json 2a02:c0:ac:6:fe::146
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradewindsnews.com/subscription/api/v1/me

Requested by

Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/subscription/app.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:c0:ac:6:fe::146 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

gunicorn/19.7.1 /

Resource Hash

b2d905dd11d164350c3f1c586ea61d4add5cfce153ea458eb8329744379ce8f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Via: 1.1 varnish-v4
Allow: GET, HEAD, OPTIONS
Server: gunicorn/19.7.1
Age: 0
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
Content-Type: application/json
X-Varnish: 151849
Connection: keep-alive
X-Webcache-Server: fe0-osl2.nhst.c.bitbit.net
Content-Length: 37

GET
H/1.1 200
OK decks Show response
www.tradewindsnews.com/subscription/api/v1/ 11 KB
12 KB 214ms
105ms XHR
application/json 2a02:c0:ac:6:fe::146
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradewindsnews.com/subscription/api/v1/decks

Requested by

Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/subscription/app.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:c0:ac:6:fe::146 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

gunicorn/19.7.1 /

Resource Hash

82f9c96221e40fcf0ccb094cbb531b2216e2f8af3433e0d745e2d43d54a16245

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Via: 1.1 varnish-v4
Allow: GET, HEAD, OPTIONS
Server: gunicorn/19.7.1
Age: 0
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
Content-Type: application/json
Cache-control: private
X-Varnish: 557697537
Connection: keep-alive
Accept-Ranges: bytes
X-Webcache-Server: fe1-osl3.nhst.c.bitbit.net
Content-Length: 11365

GET
H/1.1 200
OK corporateproduct Show response
www.tradewindsnews.com/subscription/api/v1/ 25 KB
26 KB 327ms
221ms XHR
application/json 2a02:c0:ac:6:fe::146
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradewindsnews.com/subscription/api/v1/corporateproduct

Requested by

Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/subscription/app.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:c0:ac:6:fe::146 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

gunicorn/19.7.1 /

Resource Hash

bc64a11c98a73e7f07471ca18414ebbddfdb9a9b58cdc3407d2823cbce04d37e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Via: 1.1 varnish-v4
Allow: GET, HEAD, OPTIONS
Server: gunicorn/19.7.1
Age: 0
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
Content-Type: application/json
Cache-control: private
X-Varnish: 76034620
Connection: keep-alive
Accept-Ranges: bytes
X-Webcache-Server: fe0-osl2.nhst.c.bitbit.net
Content-Length: 25900

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 23ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.tradewindsnews.com
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H/1.1 200
OK flamabook-webfont.woff2
nhst-global-myprofile-prod.situla.bitbit.net/fonts/ 21 KB
21 KB 172ms
41ms Font
application/octet-stream 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/fonts/flamabook-webfont.woff2
Requested by: Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: a48bf12d21b006bf09cce70497a3047f9cdc76b2bab335b82137c9a7cc16a3eb

Request headers

Origin: https://www.tradewindsnews.com
Referer: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 31 Jul 2019 06:40:23 GMT
x-amz-request-id: tx000000000000006688d4d-005f89ebaa-283f6468-default
ETag: "f63de7e72c160dd91cab879cdcc4e414"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21144

GET
H/1.1 200
OK flamamedium-webfont.woff2
nhst-global-myprofile-prod.situla.bitbit.net/fonts/ 21 KB
21 KB 184ms
43ms Font
application/octet-stream 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/fonts/flamamedium-webfont.woff2
Requested by: Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: d42ed6d8b42e06b922cf27cca691816e380f06ec9dcc6e7a70c37680f8900d48

Request headers

Origin: https://www.tradewindsnews.com
Referer: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 31 Jul 2019 06:40:27 GMT
x-amz-request-id: tx000000000000001b61234-005f89ebaa-290159b9-default
ETag: "d6adde53b683102e51cbf697d944b0fa"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21208

GET
H/1.1 200
OK suecatx-regular-tta-webfont.woff2
nhst-global-myprofile-prod.situla.bitbit.net/fonts/ 27 KB
28 KB 237ms
40ms Font
application/octet-stream 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/fonts/suecatx-regular-tta-webfont.woff2
Requested by: Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: faf4e3bc87246aeaf0d4f2009672ef4897b89afd0732b70903e442ed32140210

Request headers

Origin: https://www.tradewindsnews.com
Referer: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 31 Jul 2019 06:40:33 GMT
x-amz-request-id: tx000000000000001b25985-005f89ebaa-2900eca2-default
ETag: "7a72d71e7d7211fe557d97b716a97f6e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 27908

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 97ms
32ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42130:uniques_instantly[page:TradeWinds%20Subscription,language:en,domain:www.tradewindsnews.com,url:%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799,url_real:%2Fsubscription%2F,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:4de802c87.9f4facc90_1602874282519,session_id:4f04e13b4.94d184893_1602874282521,cdn_version:36]&s=70332356b6b166177589d26d243ef92a&1602874282529
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/Wm2IKF5FcrBf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 18:51:22 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 86ms
29ms Script
text/html 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=16&holding=8393b6bdffe4e4832662efa572d02b1e&hash_user=4de802c87.9f4facc90_1602874282519&1602874282530
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/Wm2IKF5FcrBf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 18:51:22 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 101ms
35ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42130:visits_instantly[page:TradeWinds%20Subscription,language:en,domain:www.tradewindsnews.com,url:%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799,url_real:%2Fsubscription%2F,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:4de802c87.9f4facc90_1602874282519,session_id:4f04e13b4.94d184893_1602874282521,cdn_version:36]&s=70332356b6b166177589d26d243ef92a&__io=4de802c87.9f4facc90_1602874282519&1602874282536
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/Wm2IKF5FcrBf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 18:51:22 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 101ms
31ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42130:pageviews[page:TradeWinds%20Subscription,language:en,domain:www.tradewindsnews.com,url:%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799,url_real:%2Fsubscription%2F,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:4de802c87.9f4facc90_1602874282519,session_id:4f04e13b4.94d184893_1602874282521,cdn_version:36]&s=70332356b6b166177589d26d243ef92a&1602874282540
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/Wm2IKF5FcrBf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 18:51:22 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 440 B
1 KB 158ms
40ms XHR
application/json 34.254.111.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=539A036355B676DE7F000101%40AdobeOrg&d_nsid=0&ts=1602874282559

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.111.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-26.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e30c3980fe703eec0955f5bb793e8fcb7c1548ee21ee36f09ffac4beeb48d8d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v084-040c08de7.edge-irl1.demdex.com 5.78.2.20201014153347 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: e1xCfeyrR/Q=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.tradewindsnews.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 356
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/ 36 KB
13 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7c9cecd10e7ebe0bd54d4c544d872270d4148922ee896d2ad404dc791ad0ef3a

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 18:34:43 GMT
server: AkamaiNetStorage
status: 200
etag: "d6e076e7d6ae0d567c0f611bee8f9855:1573670083.361234"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.tradewindsnews.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 13335
expires: Fri, 16 Oct 2020 19:51:22 GMT

GET
H2 200 RC5ca59c488acb4bb6b8d2ecd6bb59c031-source.min.js Show response
assets.adobedtm.com/7c39b7bcdd1c/0d402ea23a3d/e45e0cfc45dd/ 666 B
736 B 18ms
17ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/7c39b7bcdd1c/0d402ea23a3d/e45e0cfc45dd/RC5ca59c488acb4bb6b8d2ecd6bb59c031-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: be844d32c4720d61630d215cd0bd30ecba780a09e699d3a83badf622dab843d8

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: gzip
last-modified: Tue, 22 Sep 2020 03:22:09 GMT
server: AkamaiNetStorage
status: 200
etag: "ce0ef785eccb297b9f016e960411f913:1600744929.149877"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.tradewindsnews.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 439
x-akamai-path-stats: [1:884:116]
expires: Fri, 16 Oct 2020 19:51:22 GMT

GET
H/1.1 200
OK Orange_Ribbon_LIMITED_TIME_ONLY1_oxmJSnc.svg
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 40 KB
41 KB 58ms
57ms Image
image/svg+xml 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/Orange_Ribbon_LIMITED_TIME_ONLY1_oxmJSnc.svg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 4c1b6d5518ebd53164dad57b6337ddacfd2a43e5cb3061a1235005804fc86c88

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 07 Oct 2020 06:50:11 GMT
x-amz-meta-s3cmd-attrs: atime:1602051094/ctime:1602051094/gid:20/gname:staff/md5:44ba6aa97930918b17d66b4653238aeb/mode:33188/mtime:1602048536/uid:501/uname:jobaer
x-amz-request-id: tx000000000000006688d4e-005f89ebaa-283f6468-default
ETag: "44ba6aa97930918b17d66b4653238aeb"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 41094

GET
H/1.1 200
OK TW-30-Products-MONTHLY.jpg
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 24 KB
24 KB 80ms
79ms Image
image/jpeg 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/TW-30-Products-MONTHLY.jpg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: a9d5b9c851a30c81ea99daece09683634b7449e72443c76d79026b3d9c22a603

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 07 Oct 2020 06:51:32 GMT
x-amz-meta-s3cmd-attrs: atime:1602051093/ctime:1602051093/gid:20/gname:staff/md5:0736f7dc85dfbe85ddf4ae9fdb8c0722/mode:33188/mtime:1602048416/uid:501/uname:jobaer
x-amz-request-id: tx00000000000000d890901-005f89ebaa-27fb430c-default
ETag: "0736f7dc85dfbe85ddf4ae9fdb8c0722"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24572

GET
H/1.1 200
OK Orange_Ribbon_LIMITED_TIME_ONLY1_oJKi1N3.svg
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 40 KB
41 KB 178ms
42ms Image
image/svg+xml 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/Orange_Ribbon_LIMITED_TIME_ONLY1_oJKi1N3.svg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 4c1b6d5518ebd53164dad57b6337ddacfd2a43e5cb3061a1235005804fc86c88

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 07 Oct 2020 06:50:11 GMT
x-amz-meta-s3cmd-attrs: atime:1602051094/ctime:1602051094/gid:20/gname:staff/md5:44ba6aa97930918b17d66b4653238aeb/mode:33188/mtime:1602048536/uid:501/uname:jobaer
x-amz-request-id: tx000000000000006688d55-005f89ebaa-283f6468-default
ETag: "44ba6aa97930918b17d66b4653238aeb"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 41094

GET
H/1.1 200
OK TW-30-Products-DIGITAL.jpg
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 30 KB
31 KB 114ms
38ms Image
image/jpeg 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/TW-30-Products-DIGITAL.jpg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: c874a078fbd28d0073324e030452a254e4c83af8ec98b750a3f481857fef9389

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 07 Oct 2020 06:51:31 GMT
x-amz-meta-s3cmd-attrs: atime:1602051094/ctime:1602051093/gid:20/gname:staff/md5:83a2fb47bea1f03991205e735b8ec420/mode:33188/mtime:1602048393/uid:501/uname:jobaer
x-amz-request-id: tx00000000000000d890930-005f89ebaa-27fb430c-default
ETag: "83a2fb47bea1f03991205e735b8ec420"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 31017

GET
H/1.1 200
OK TW-Products_Monthly.jpg
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 24 KB
25 KB 115ms
39ms Image
image/jpeg 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/TW-Products_Monthly.jpg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 235accb6d3a634b259c919514043db2e39cf79c149d610b1776c6b3f3cff51f5

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 07 Oct 2020 06:51:46 GMT
x-amz-meta-s3cmd-attrs: atime:1602051093/ctime:1602051093/gid:20/gname:staff/md5:141d1f5b398457ba28562ce6cf5d5d78/mode:33188/mtime:1602048525/uid:501/uname:jobaer
x-amz-request-id: tx00000000000000d890941-005f89ebaa-27fb430c-default
ETag: "141d1f5b398457ba28562ce6cf5d5d78"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24618

GET
H/1.1 200
OK TW-Products_Digital_Print.jpg
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 41 KB
41 KB 101ms
37ms Image
image/jpeg 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/TW-Products_Digital_Print.jpg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 7f43e62807b5f5315cfb3d436cdd925de0a88919963ccf79d417f01603303a03

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 09 Sep 2020 08:59:53 GMT
x-amz-request-id: tx00000000000000d890954-005f89ebaa-27fb430c-default
ETag: "a627a65b1e77b987c681081718e812f8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 41899

GET
H/1.1 200
OK TW-Products_Digital-Print-Archive.jpg
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 37 KB
37 KB 105ms
42ms Image
image/jpeg 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/TW-Products_Digital-Print-Archive.jpg
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: 32cec694d52feffd509f2532c86d463258e12f6f38bad08124d64fa6bbee9059

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 07 Oct 2020 06:51:39 GMT
x-amz-meta-s3cmd-attrs: atime:1602051093/ctime:1602051093/gid:20/gname:staff/md5:7af5b92a4646e5a432d3217f4886b343/mode:33188/mtime:1602048474/uid:501/uname:jobaer
x-amz-request-id: tx000000000000001b2598a-005f89ebaa-2900eca2-default
ETag: "7af5b92a4646e5a432d3217f4886b343"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 37430

GET
H2 200 1545457.js Show response
js.hs-banner.com/ 47 KB
11 KB 20ms
19ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/1545457.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cea950f22cad0fc77a30f75239091479c4b09149c191dd2267dc8a4855de8ac

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=WM+Jhg==, md5=gkMg30B1cQt85uc5ZwXCzA==
date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 74
x-guploader-uploadid: ABg5-Uws5e0jER-pVR0MBQjmUCrGipqBocwNnLore7hh9qmAFkpGl6rop92mWjcmzQS6uX7YFcXm9BPt1ftc_hMgss4
x-goog-storage-class: STANDARD
status: 200
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 05d459aa780000c29fec39c000000001
timing-allow-origin: *
last-modified: Thu, 01 Oct 2020 13:36:59 GMT
server: cloudflare
etag: W/"824320df4075710b7ce6e7396705c2cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1601559419797312
access-control-allow-origin: https://www.upstreamonline.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 47790
cf-ray: 5e33f88a5d96c29f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 16 Oct 2020 18:55:08 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 90 KB
25 KB 26ms
25ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f

Request headers

Origin: https://www.tradewindsnews.com
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
via: 1.1 e685e9e08c2e4b105f4d86b35da50629.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 26728
x-amz-server-side-encryption: AES256
cf-ray: 5e33f88a5f2c1f19-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 05d459aa7500001f190113b000000001
last-modified: Thu, 20 Aug 2020 10:23:03 UTC
server: cloudflare
etag: W/"421b26f95ea43197174fcb344facb242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: IDP52L7B1Fr.Tl8ZOvcH4PutJxHgMsyE
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: SrIWQNAtAqL1iWDEKCQKHI8VcqjJmXdiBFNYywj-qfEyvATShjxfpw==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce7867d0f284d41fce8aaab6a144e978a80e701fe2f6bcfa5e130402762a453

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
via: 1.1 2f58b5586b40002efa57d2542863b53f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 05d459aa740000062d4a2b2000000001
last-modified: Mon, 28 Sep 2020 01:44:31 UTC
server: cloudflare
etag: W/"68a7bbdbdcc76df0e2371cb7302cebcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: cUR.NpDPOzEU9aoaLuWpNZUGFhhYGCmg
cache-control: max-age=600
x-amz-cf-pop: IAD66-C2
cf-ray: 5e33f88a5965062d-FRA
x-amz-cf-id: 4aTsqgiMEV6RAdpYcfFIel00cMf3hEN3cgd-bryoGzpwzH0m1NwnNw==

GET
H2 200 1545457.js Show response
js.hs-analytics.net/analytics/1602874200000/ 61 KB
18 KB 27ms
26ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1602874200000/1545457.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 376c1a11507fa41ff9dcef48396087f622d36312476bddf4a62570ea293d94bb

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 152
x-guploader-uploadid: ABg5-UwNssQt0bkWD0xkkoAiuhwqvmHQlF81PXPJWerf-4QIk50ii965KsX_8Cu70kx-9CqfikwHcTwmvsi9Hwvj7Om8PbiDNQ
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 05d459aa7400009acebf9af000000001
last-modified: Fri, 28 Aug 2020 17:25:19 GMT
server: cloudflare
etag: W/"c26e5bd77c74cc898790cc7e54570d64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=rhQLfw==, md5=wm5b13x0zImHkMx+VFcNZA==
x-goog-generation: 1598635519906627
cache-control: max-age=300, public
access-control-allow-credentials: false
x-goog-stored-content-length: 62309
cf-ray: 5e33f88a5a8d9ace-FRA
expires: Fri, 16 Oct 2020 18:53:50 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
432 B 40ms
13ms XHR
text/plain 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=947949037&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tradewindsnews.com%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799&ul=en-us&de=UTF-8&dt=Tradewinds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1393601503&gjid=323076081&cid=1090506068.1602874283&tid=UA-3357865-1&_gid=249435922.1602874283&_r=1&gtm=2ou9u1&z=538304783

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 18:51:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.tradewindsnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/ 25 KB
9 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 19742d915958a7525879a20699efdda3cb8214cf7eaf07c18a0fffaf12c71b63

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 18:34:43 GMT
server: AkamaiNetStorage
status: 200
etag: "46e2aa1bef425becb0cb4651c23fff38:1573670083.753497"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.tradewindsnews.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8769
expires: Fri, 16 Oct 2020 19:51:22 GMT

GET
H2 200 get-loader.js Show response
loader.wisepops.com/ 37 KB
11 KB 174ms
157ms Script
text/javascript 2606:4700:20::681a:a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.wisepops.com/get-loader.js?v=1&site=AhXLsRMboY
Requested by: Host: www.nhstglobal.com
URL: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c725e4dcd5147978afff884db84453a6e11ab193dee6344e51e8d63078df16af

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-wisepops-server: popup-prod-eu-6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602874283"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
cf-ray: 5e33f88ae85cc303-FRA
cf-request-id: 05d459aae10000c303188bd000000001
x-robots-tag: noindex, nofollow

GET
H/1.1 200
OK Cookie set dest5.html
nhst.demdex.net/ Frame 7F39 0
0 160ms
39ms Document
text/html 63.32.152.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nhst.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.152.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: nhst.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=48582047673337319442173700678386584046
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 15 Oct 2020 13:55:10 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=48582047673337319442173700678386584046;Path=/;Domain=.demdex.net;Expires=Wed, 14-Apr-2021 18:51:22 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: X6cX5LmpQHI=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
nhst.d3.sc.omtrdc.net/ 2 B
323 B 105ms
35ms XHR
application/x-javascript 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nhst.d3.sc.omtrdc.net/id?d_visid_ver=4.5.2&d_fieldgroup=A&mcorgid=539A036355B676DE7F000101%40AdobeOrg&mid=48826561040387533282198860414112244662&ts=1602874282741

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN2ab9a7faa74b425db80891d669b68988-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 16 Oct 2020 18:51:22 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b84d8c678-ssjdq
vary: Origin
x-c: master-1397.I728fb3.M0-462
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.tradewindsnews.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK TWCorp_IMfkpt0.png
nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/ 240 KB
240 KB 35ms
34ms Image
image/png 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/uploads/products/TWCorp_IMfkpt0.png
Requested by: Host: www.tradewindsnews.com
URL: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: abd9b1eaa3b0c9df1c8547a9ed14bd3fe8333d6262efc356d37af171c1d3cb5b

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 31 Jul 2019 11:34:05 GMT
x-amz-meta-s3cmd-attrs: atime:1564572464/ctime:1564572465/gid:1000/gname:oea/md5:096d91b7ff3070c423d65652725d2d3f/mode:33188/mtime:1564572465/uid:1000/uname:oea
x-amz-request-id: tx00000000000000d890960-005f89ebaa-27fb430c-default
ETag: "096d91b7ff3070c423d65652725d2d3f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 245523

GET
H/1.1 200
OK Up&down.svg
nhst-global-myprofile-prod.situla.bitbit.net/gfx/ 507 B
818 B 40ms
40ms Image
image/svg+xml 2a02:c0::7
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhst-global-myprofile-prod.situla.bitbit.net/gfx/Up&down.svg
Requested by: Host: nhst-global-myprofile-prod.situla.bitbit.net
URL: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:c0::7 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: ca05390f8da41e924793bd216913cd17bfa8f1d2a4e1bc27cdcf3d9689770532

Request headers

Referer: https://nhst-global-myprofile-prod.situla.bitbit.net/css/tradewinds.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Last-Modified: Wed, 31 Jul 2019 06:40:17 GMT
x-amz-request-id: tx00000000000000d890962-005f89ebaa-27fb430c-default
ETag: "b9b8831799f35bda28d268e46014176a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 507

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 35ms
34ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42174:uniques_holding&s=70332356b6b166177589d26d243ef92a&__io=4de802c87.9f4facc90_1602874282519&1602874282816
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/Wm2IKF5FcrBf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 18:51:22 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
337 B 139ms
139ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=1545457&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df75389c177cfd2638d509f560e9756601041dce099242297c3d4ca108172331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 05d459ab4f000005fd1fbdd000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tradewindsnews.com
access-control-allow-credentials: false
cf-ray: 5e33f88bbe0b05fd-FRA
access-control-allow-headers: *

GET
H2 200 s47969697171023 Show response
nhst.d3.sc.omtrdc.net/b/ss/nhstglobalsstage/10/JS-2.17.0-LAWA/ 468 B
715 B 65ms
64ms Script
application/x-javascript 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nhst.d3.sc.omtrdc.net/b/ss/nhstglobalsstage/10/JS-2.17.0-LAWA/s47969697171023?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=16%2F9%2F2020%2020%3A51%3A22%205%20-120&d.&nsid=0&jsonv=1&.d&mid=48826561040387533282198860414112244662&aamlh=6&ce=UTF-8&ns=nhstglobals&cdp=2&pageName=Tradewinds&g=https%3A%2F%2Fwww.tradewindsnews.com%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799&cc=NOK&server=www.tradewindsnews.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=Tradewinds&v2=https%3A%2F%2Fwww.tradewindsnews.com%2Fsubscription%2F&v10=New&c11=8%3A51%20PM%7CFriday&v11=8%3A51%20PM%7CFriday&v13=https%3A%2F%2Fwww.tradewindsnews.com%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799&c75=JS-2.9.0-L8UK&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=539A036355B676DE7F000101%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

8011e96ad09b6de1325c9d3813f641911efa2b6fb480d562554aae5f01e86b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-aam-tid: B3ZRtk32TFI=
date: Fri, 16 Oct 2020 18:51:22 GMT
x-content-type-options: nosniff
x-c: master-1397.I728fb3.M0-462
p3p: CP="This is not a P3P policy"
status: 200
content-length: 468
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v084-0c62dce49.edge-irl1.demdex.com 5.78.2.20201014153347 5ms (+0ms)
pragma: no-cache
last-modified: Sat, 17 Oct 2020 18:51:22 GMT
server: jag
xserver: anedge-7b84d8c678-v5xwk
etag: 3442146310480035840-4621687321420489373
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 15 Oct 2020 18:51:22 GMT

POST
H/1.1 200
OK my-wisepop Show response
popup.wisepops.com/ 230 B
564 B 121ms
40ms XHR
application/json 52.28.241.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.wisepops.com/my-wisepop
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=AhXLsRMboY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.241.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-241-182.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: db1e0100627189603051b2d9bc55897782a2c609820037019e147d3a80bfe8b2

Request headers

Accept: application/json
Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 16 Oct 2020 18:51:22 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Wisepops-Server: popup-prod-eu-6
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tradewindsnews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 230

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 74 B
356 B 125ms
124ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=1545457

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4904a65ff3e8244b4820792af7fcf7bea6abd383b7cbab05acea70d9bd5a7450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 05d459abc800000605f39b4000000001
server: cloudflare
x-trace: 2B8153BD6E0A5092894EA9A41C9DE12A6EB2D210E5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tradewindsnews.com
access-control-allow-credentials: false
cf-ray: 5e33f88c7e970605-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
257 B 35ms
35ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1545457&pu=https%3A%2F%2Fwww.tradewindsnews.com%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799&t=Tradewinds&cts=1602874282952&vi=d84adf1c6b622b89f861653036d61811&nc=true&u=101862852.d84adf1c6b622b89f861653036d61811.1602874282949.1602874282949.1602874282949.1&b=101862852.1.1602874282949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5e33f88c7e9c2ba1-FRA
date: Fri, 16 Oct 2020 18:51:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 05d459abcf00002ba157a12000000001
x-robots-tag: none

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
299 B 16ms
16ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:22 GMT
cf-cache-status: MISS
server: cloudflare
x-trace: 2B9EBA43067D9565806EB58EDFA2F26F9DF85E248E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5e33f88c98f405c8-FRA
content-length: 35
cf-request-id: 05d459abde000005c81bbe8000000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: TznC2hFd9sWQHbQlJp/FSZZOzqySga2MPMbZrF6Tqrn15dufJoD1fz+LZ1+kYIFiWtML8foh1D307+N39JsqgQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 16 Oct 2020 18:51:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 705364376710928 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/705364376710928?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26064680f7d7008d77b91b390a09125ce22be3d4615c3a51c7ddb09e03d78cac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69825
x-xss-protection: 0
pragma: public
x-fb-debug: DGRDlslptiGhn2L9vKOMS80dS6ubcrim+NbzOLg+JyiJdd1e+SpGxn0qWfDWon2zswetHV0L1xcoZdGuEQJpwQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 16 Oct 2020 18:51:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=705364376710928&ev=PageView&dl=https%3A%2F%2Fwww.tradewindsnews.com%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799&rl=&if=false&ts=1602874283127&sw=1600&sh=1200&v=2.9.27&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1602874283126.262206823&it=1602874283092&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Oct 2020 18:51:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=705364376710928&ev=Microdata&dl=https%3A%2F%2Fwww.tradewindsnews.com%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799&rl=&if=false&ts=1602874284631&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tradewinds%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1602874284630.366243160&it=1602874283092&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 18:51:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Oct 2020 18:51:24 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 83ms
28ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42130:time[url:%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799,cdn_version:36]&s=70332356b6b166177589d26d243ef92a&1602874292547
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/Wm2IKF5FcrBf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tradewindsnews.com/subscription/?_hsenc=p2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg&_hsmi=97570799
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 18:51:32 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 17:33:46	Name: dextp Value: 771-1-1602874282909
www.tradewindsnews.com/	1970-01-19 13:14:36	Name: __hssc Value: 101862852.1.1602874282949
www.tradewindsnews.com/	1970-01-19 22:36:10	Name: hubspotutk Value: d84adf1c6b622b89f861653036d61811
www.tradewindsnews.com/	1970-01-19 22:36:10	Name: __hstc Value: 101862852.d84adf1c6b622b89f861653036d61811.1602874282949.1602874282949.1602874282949.1
.tradewindsnews.com/	1970-01-20 06:45:46	Name: wisepops_visits Value: %5B%222020-10-16T18%3A51%3A22.691Z%22%5D
.tradewindsnews.com/	1970-01-19 13:57:46	Name: s_nr Value: 1602874282869-New
www.tradewindsnews.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.tradewindsnews.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.tradewindsnews.com/	1970-01-20 06:45:46	Name: AMCV_539A036355B676DE7F000101%40AdobeOrg Value: -432600572%7CMCIDTS%7C18552%7CMCMID%7C48826561040387533282198860414112244662%7CMCAAMLH-1603479082%7C6%7CMCAAMB-1603479082%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1602881482s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.5.2
.tradewindsnews.com/	1970-01-19 13:14:34	Name: _gat_gtag_UA_3357865_1 Value: 1
.tradewindsnews.com/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222020-10-16T18%3A51%3A22.691Z%22%2C%22mtime%22%3A%222020-10-16T18%3A51%3A22.883Z%22%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
www.tradewindsnews.com/	1970-01-19 22:00:10	Name: __io_unique_42130 Value: 16
www.tradewindsnews.com/	1970-01-19 22:00:10	Name: __io Value: 4de802c87.9f4facc90_1602874282519
.tradewindsnews.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.tradewindsnews.com/	1970-01-20 06:45:46	Name: _ga Value: GA1.2.1090506068.1602874283
.tradewindsnews.com/	1969-12-31 23:59:59	Name: AMCVS_539A036355B676DE7F000101%40AdobeOrg Value: 1
.tradewindsnews.com/	1970-01-19 13:16:00	Name: _gid Value: GA1.2.249435922.1602874283
.tradewindsnews.com/	1970-01-19 22:00:10	Name: sat_track Value: true
www.tradewindsnews.com/	1970-01-19 13:14:45	Name: __io_uh Value: 1
www.tradewindsnews.com/	1970-01-19 13:14:35	Name: __io_visit_42130 Value: 1
.tradewindsnews.com/	1970-01-19 13:14:35	Name: __io_nav_state42130 Value: %7B%22current%22%3A%22%2Fsubscription%2F%3F_hsenc%3Dp2ANqtz-_tj1ZaBGVhQM7k5MB4gE9W1M6FU48Fn-2CLoGgU3it40gLwHwXDaADcX7MMPCgmVsJLofQUWP4vGf5fx63d5MaousEeg%26_hsmi%3D97570799%22%2C%22currentDomain%22%3A%22www.tradewindsnews.com%22%2C%22previousDomain%22%3A%22%22%7D
.tradewindsnews.com/	1970-01-20 06:45:46	Name: wisepops Value: %7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A13%2C%22cid%22%3A%2241939%22%2C%22v%22%3A4%7D
.tradewindsnews.com/	1970-01-19 13:14:36	Name: __io_session_id Value: 4f04e13b4.94d184893_1602874282521
www.tradewindsnews.com/	1970-01-19 22:00:10	Name: JsloginCookie Value: guest
.demdex.net/	1970-01-19 17:33:46	Name: demdex Value: 48582047673337319442173700678386584046
www.tradewindsnews.com/	1970-01-19 21:58:43	Name: csrftoken Value: 7STLRUdtdwjLfsDinaZVBmIVNyDFwkNP8yY6APOB98iG1U1X0UctlpWuGFrGP9B5
.tradewindsnews.com/	1970-01-19 13:14:36	Name: gpv Value: Tradewinds
.tradewindsnews.com/	1970-01-19 13:57:46	Name: aam_uuid Value: 48582047673337319442173700678386584046
www.tradewindsnews.com/	1970-01-19 22:00:10	Name: __io_lv Value: 1602874282519
www.tradewindsnews.com/	1969-12-31 23:59:59	Name: c42b1bc52d69f1fbfc8ef62cbd90583a Value: c3680d00576e58c7265087460a75d4e4
.tradewindsnews.com/	1970-01-19 15:24:10	Name: gpt_aamsegments Value: globals_segment%3Dgeneric
.tradewindsnews.com/	1969-12-31 23:59:59	Name: s_ppv Value: Tradewinds%2C32%2C0%2C0%2C1600%2C1200%2C1600%2C1200%2C1%2CL
.tradewindsnews.com/	1970-01-19 13:14:35	Name: __io_d Value: 1_3959195156

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://www.nhstglobal.com/e2t/tc/MWlsbWg6n-rW5GhKSf2XB5F1W6y9Q694hdDf8N1-yX_m3lGmQV1-WJV7CgKX6N7K94FWV2rg7W7Ml1vV28Ly6PVVYqp35HHlHMW20Xwwr51cRLWW6xyzn88HqLBFW8CySWC8GPKxSW8wDcKY3B3wP8W9jPsmD2DJh5lN67qDZXk12NnVzbvdC64BLfcW46jBvT4pcQQXW9dH6v-4B_SwyW73DTGB1h2wTNW5glnjx49Jf5HV_pXtg1bQDM1N2wC0mlKLM66W4dJ1tF8sqqkNW3RF8F75_HgNGN1MZdhQd026yW8JppSx7q5sFHW6n8D8X8WhfC5W91srqy7D47kw3dzW1(Line 13) Message: toS
console-api	warning	URL: https://nhst-global-myprofile-prod.situla.bitbit.net/subscription/app.bundle.js(Line 53) Message: [react-ga] gaTrackingID is required in initialize()
console-api	log	(Line 230) Message: __hs_opt_out=;expires=Thu, 01 Jan 1970 00:00:01 GMT;domain=.tradewindsnews.com;path=/
console-api	log	(Line 230) Message: __hstc=;expires=Thu, 01 Jan 1970 00:00:01 GMT;domain=.tradewindsnews.com;path=/
console-api	log	(Line 230) Message: hubspotutk=;expires=Thu, 01 Jan 1970 00:00:01 GMT;domain=.tradewindsnews.com;path=/
console-api	log	(Line 230) Message: __hssc=;expires=Thu, 01 Jan 1970 00:00:01 GMT;domain=.tradewindsnews.com;path=/
console-api	log	(Line 230) Message: __hssrc=;expires=Thu, 01 Jan 1970 00:00:01 GMT;domain=.tradewindsnews.com;path=/
console-api	log	(Line 230) Message: sat_track=true;expires=Sat, 16 Oct 2021 18:51:22 GMT;domain=.tradewindsnews.com;path=/
console-api	log	(Line 3) Message: gdpr respect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
assets.adobedtm.com
cdn.onthe.io
connect.facebook.net
dpm.demdex.net
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
loader.wisepops.com
nhst-global-myprofile-prod.situla.bitbit.net
nhst.d3.sc.omtrdc.net
nhst.demdex.net
popup.wisepops.com
stackpath.bootstrapcdn.com
track.hubspot.com
tt.onthe.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nhstglobal.com
www.tradewindsnews.com
142.93.100.57
15.188.154.177
188.40.114.5
2001:4de0:ac19::1:b:3b
2606:4700:20::681a:a13
2606:4700::6810:5705
2606:4700::6811:45b0
2606:4700::6811:73b0
2606:4700::6811:83ab
2606:4700::6811:85b4
2606:4700::6811:cccc
2606:4700::6811:d5cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2008
2a02:26f0:10c:59b::1e80
2a02:c0::7
2a02:c0:ac:6:fe::146
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.254.111.26
52.28.241.182
63.32.152.233
0ce7867d0f284d41fce8aaab6a144e978a80e701fe2f6bcfa5e130402762a453
0cea950f22cad0fc77a30f75239091479c4b09149c191dd2267dc8a4855de8ac
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
188244085101da72f3542ccbd1152a16e6fe4ea591919afd01ec99160e269a2b
19742d915958a7525879a20699efdda3cb8214cf7eaf07c18a0fffaf12c71b63
235accb6d3a634b259c919514043db2e39cf79c149d610b1776c6b3f3cff51f5
25ca19137f459bf4e0a400ae1467972d1453c1b6ccd4b8e8cbe8f5b380ed3de4
26064680f7d7008d77b91b390a09125ce22be3d4615c3a51c7ddb09e03d78cac
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
317d1866195efce2d2ea68e3395cd742d1c442c8de89be3b162d9958a426c256
32cec694d52feffd509f2532c86d463258e12f6f38bad08124d64fa6bbee9059
36f67f035193dbc84e9ab1781f3dffd138787bea9fee3535028aaaa06574e8bc
376c1a11507fa41ff9dcef48396087f622d36312476bddf4a62570ea293d94bb
37a20bd1f55aa09ee44daec697f1ed336133f8b609ec437164dad50164ddde93
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455e6101970387f9683b9fb1a844eb614048fe1bbbf9ba4b369cb211b6d88de3
4904a65ff3e8244b4820792af7fcf7bea6abd383b7cbab05acea70d9bd5a7450
4c1b6d5518ebd53164dad57b6337ddacfd2a43e5cb3061a1235005804fc86c88
52ba3b3137a365f7432075c159ad5c87b823f5c4d3d703b5751d14c1710e7728
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6a79e7813ef421b8c56d1410b2b51317e58e6e72cabfa63673de75884610725e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c9cecd10e7ebe0bd54d4c544d872270d4148922ee896d2ad404dc791ad0ef3a
7f43e62807b5f5315cfb3d436cdd925de0a88919963ccf79d417f01603303a03
8011e96ad09b6de1325c9d3813f641911efa2b6fb480d562554aae5f01e86b9c
8062685c57a0c40f84dec104f4ee3adfa46553eaae40195cf465fac7e9916932
82f9c96221e40fcf0ccb094cbb531b2216e2f8af3433e0d745e2d43d54a16245
9b8bac6c2bf8878c6a6857f67133031a95aadacd901caad6dcba098c94a6ee4b
9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f
a48bf12d21b006bf09cce70497a3047f9cdc76b2bab335b82137c9a7cc16a3eb
a4e8e7e36370fe3237c5b28a69c13180862247c2fbe36138fa8bdde00f1da731
a9d5b9c851a30c81ea99daece09683634b7449e72443c76d79026b3d9c22a603
abd9b1eaa3b0c9df1c8547a9ed14bd3fe8333d6262efc356d37af171c1d3cb5b
b2d905dd11d164350c3f1c586ea61d4add5cfce153ea458eb8329744379ce8f4
bc64a11c98a73e7f07471ca18414ebbddfdb9a9b58cdc3407d2823cbce04d37e
be844d32c4720d61630d215cd0bd30ecba780a09e699d3a83badf622dab843d8
c725e4dcd5147978afff884db84453a6e11ab193dee6344e51e8d63078df16af
c874a078fbd28d0073324e030452a254e4c83af8ec98b750a3f481857fef9389
c8c39ff028ebfc8fd71d4540f93d706fb38caf7facd5a0c6333c72b504e4da3e
ca05390f8da41e924793bd216913cd17bfa8f1d2a4e1bc27cdcf3d9689770532
ca36d83a6e9b6d831248a8c37f7be166a5872de2a1b3e17cc6fd44656b7a1da4
d42ed6d8b42e06b922cf27cca691816e380f06ec9dcc6e7a70c37680f8900d48
d7909aed629bd3e0c8b581707ae2527ac9a888c88be5be9143d445dccf057887
db1e0100627189603051b2d9bc55897782a2c609820037019e147d3a80bfe8b2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de453ae95c4644566c19c10c347c6b79aaa3dc967cbebe609af34b043c6b3a3f
df75389c177cfd2638d509f560e9756601041dce099242297c3d4ca108172331
e30c3980fe703eec0955f5bb793e8fcb7c1548ee21ee36f09ffac4beeb48d8d8
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec39da592144f20f17895308e9b163292a5df90d818d9f173c2b3811a98f5893
faf4e3bc87246aeaf0d4f2009672ef4897b89afd0732b70903e442ed32140210

www.tradewindsnews.com Open in urlscan Pro 2a02:c0:ac:6:fe::146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

75 %IPv6

21 Domains

25 Subdomains

24 IPs

7 Countries

2126 kBTransfer

2877 kBSize

33 Cookies

4 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tradewindsnews.com Open in urlscan Pro
2a02:c0:ac:6:fe::146 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

75 %
IPv6

21
Domains

25
Subdomains

24
IPs

7
Countries

2126 kB
Transfer

2877 kB
Size

33
Cookies

63 HTTP transactions
0 data transactions